Help
FortiSIEM Discussions
Taher11
New Contributor III

Created on ‎07-25-2024 01:52 AM

Alert content

Hello,

How can we add a new variable to the drop-down list of the alert template?

Greetings

Screenshot 2024-07-25 085124.png

EL MOUSTAPHA MOHAMED LEMINE TAHER
EL MOUSTAPHA MOHAMED LEMINE TAHER
201
0 Kudos
2 REPLIES 2
Secusaurus
Contributor II

Created on ‎07-25-2024 03:44 AM Edited on ‎07-25-2024 03:44 AM

Hi @Taher11,

 

Unfortunately, the simple answer is: There is no way to do so at the moment.

 

You could look into that with the HTTP-Post-option. But still, the underlying incident XML has no more fields that could be inserted here.

 

What is the field you would require here? Perhaps there is a workaround to get this.

 

Best,

Christian

FCP & FCSS Security Operations | Fortinet Advanced Partner
FCP & FCSS Security Operations | Fortinet Advanced Partner
169
0 Kudos
Taher11
New Contributor III
In response to Secusaurus

Created on ‎07-25-2024 03:51 AM

Thanks for the answer @Secusaurus, I need to add the ''Message'' field, I received it with the rowEvents variable but it contains a lot more things that I don't really need.

EL MOUSTAPHA MOHAMED LEMINE TAHER
EL MOUSTAPHA MOHAMED LEMINE TAHER
168
0 Kudos
Announcements

Welcome to your new Fortinet Community!

You'll find your previous forum posts under "Forums"

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.