Help
Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

isuru
New Contributor II

Created on ‎04-01-2020 11:40 PM

FortiSIEM - Windows Powershell

Hi,

We are trying to integrate Windows PowerShell logs using the FortiSIEM Windows agent and currently, we have configured Powershell Operational logs. But we have an issue with the given Windows Powershell Event logs where they are not parsing.

We would like to know whether the issue is with our configuration or a parser.

Cheers,
Isuru
Cheers,
Isuru Malawige
Cheers,Isuru Malawige
enable_powershell.jpg
Preview file
53 KB
win_powershell.jpg
Preview file
58 KB
powershell.jpg
Preview file
236 KB
Labels:
1261
0 Kudos
2 REPLIES 2
FSM_FTNT
Staff
Staff

Created on ‎04-02-2020 01:54 AM

Hi Isuru,

Do you have any sample events that you can share?

Thanks

Dan
1234
0 Kudos
isuru
New Contributor II
In response to FSM_FTNT

Created on ‎04-02-2020 02:03 AM

Hi Dan,

Please find the Sample Logs herewith.

Cheers,
Isuru
Cheers,
Isuru Malawige
Cheers,Isuru Malawige
powershell.csv
Preview file
87 KB
1234
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.