Created on 04-09-2024 10:26 PM Edited on 06-24-2024 11:37 PM By Jean-Philippe_P
Description | This article describes where the FORENSICS view moves in v6.2. |
Scope | FortiEDR v6.2. |
Solution |
In the new v6.2, the Forensics view is removed and integrated into the Investigation View. The Investigation View is available on the bottom right of the ADVANCED DATA in EVENT VIEWER.
Before v6.2, the FORENSICS view is available for both the Events and Threat Hunting pages:
In v6.2 or above, the FORENSICS View is removed and replaced with THREAT HUNTING. To view forensic-related information, select Investigation View on the bottom right of the ADVANCED DATA.
In the Investigation View, the information equivalent to the Forensics View is available.
UPDATE: Enhancements in Investigation View in GA Version 6.2.0.0451.
The latest General Availability (GA) version 6.2.0.0451 introduces significant improvements to the Investigation View. In earlier versions, certain security event information was sometimes omitted if specific Threat Hunting options were not enabled or if data was missing due to the Threat Hunting retention policy. With this new GA version, security event information is now consistently available in the Details pane, ensuring comprehensive visibility and more effective threat analysis.
For more information about the Investigation View, visit the Investigation View section of the administration guide. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.