Help
FortiEDR
FortiEDR automates the protection against advanced threats, pre and post-execution, with real time orchestrated incident response functionality.
kwernecke
Staff
Staff

Created on ‎05-17-2023 09:19 PM Edited on ‎09-05-2024 01:07 AM By Community Manager

Article Id 256963

Technical Tip: How to Trigger an event in the console for macOS to verify if FortiEDR is working Correctly with SysSanityTester tool

Description This article describes the testing tool SysSanityTester and how to use it on macOS.
Scope FortiEDR.
Solution

SysSanityTester is used for macOS and is a connectivity test tool that will generate a security event on macOS. If the event appears in the FortiEDR Manager, then connectivity between the Collector and Aggregator and Manager is working. 

SysSanityTester can be executed in the following methods:

  1. Submit a Support Ticket To Request the tool.
  2. Verify in the Console where there is an Execution Prevention Policy with the Malicious file Detected rule enabled and applied to the correct group.
 

Capture12.PNG

 

Capture13.PNG

 

  1. 'Double-click' on the file to execute it which will open a Terminal prompt window.
  2. Via Terminal: cd to file location run cmd: chmod +x SysSanityTester
  3.  In Terminal run:./SysSanityTester
  4. A popup notification on the macOS will appear.
  5. The event will be visible in the Console:

 

Capture14.PNG

 

Note:

To run the tool again on the same device, it will be necessary to delete the event in the console.

 

 

737
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.