Explorer

Solved

Does FortiSEM support VisionOne and is an update required for support?

Forum|Forum|2 years ago
March 13, 2024
2 replies
1521 views

Hi Team,

I currently have a FortiSIEM version 7.0.2, but I can’t find any official documentation stating that it supports log collection for TrendMicro VisionOne.

However, I can see from the FortiSIEM External Systems Configuration Guide (7.1.1) that FortiSIEM does support TrendMicro VisionOne.

In light of this, I would like to know whether it is necessary for me to upgrade my FortiSIEM from version 7.0.2 to 7.1.1 or a higher version in order to collect logs from TrendMicro Vision?

Or, in fact, can version 7.0.2 support TrendMicro VisionOne as long as I obtain the normalization configuration file?"

Regards,

Bruce Liu

#Fortisiem #VisionOne #TrendMicro

Fortisiem

Best answer by FSM_FTNT

Hi Bruce, we added Vision One support to 7.1.x release, so you will need to be on that version with the latest content pack update.

https://docs.fortinet.com/document/fortisiem/7.1.4/external-systems-configuration-guide/780675/fortisiem-external-systems-configuration-guide-online

Staff & Editor

Hi @Bruce7x2 ,

If it was syslog then could have exported the parser and used in earlier version.

But since its via API and involves Test Connectivity, you would need to upgrade to version that supports this.

Explorer

Dear Sir,

Understand Clearly, Thank you for your reply.

Regards,

Bruce Liu

Staff

Hi Bruce, we added Vision One support to 7.1.x release, so you will need to be on that version with the latest content pack update.

https://docs.fortinet.com/document/fortisiem/7.1.4/external-systems-configuration-guide/780675/fortisiem-external-systems-configuration-guide-online