Does FortiSEM support VisionOne and is an update required for support?

Bruce7x2 · ‎03-12-2024

Hi Team,

I currently have a FortiSIEM version 7.0.2, but I can’t find any official documentation stating that it supports log collection for TrendMicro VisionOne.

However, I can see from the FortiSIEM External Systems Configuration Guide (7.1.1) that FortiSIEM does support TrendMicro VisionOne.

In light of this, I would like to know whether it is necessary for me to upgrade my FortiSIEM from version 7.0.2 to 7.1.1 or a higher version in order to collect logs from TrendMicro Vision?

Or, in fact, can version 7.0.2 support TrendMicro VisionOne as long as I obtain the normalization configuration file?"

Regards,

Bruce Liu

#Fortisiem #VisionOne #TrendMicro

Bruce Liu

FSM_FTNT · ‎03-19-2024

Hi Bruce, we added Vision One support to 7.1.x release, so you will need to be on that version with the latest content pack update.

https://docs.fortinet.com/document/fortisiem/7.1.4/external-systems-configuration-guide/780675/forti...

View solution in original post

premchanderr · ‎03-18-2024

Hi @Bruce7x2 ,

If it was syslog then could have exported the parser and used in earlier version.

But since its via API and involves Test Connectivity, you would need to upgrade to version that supports this.

Regards,
Prem Chander R

Bruce7x2 · ‎03-19-2024

Dear Sir,

Understand Clearly, Thank you for your reply.

Regards,

Bruce Liu

FSM_FTNT · ‎03-19-2024

Hi Bruce, we added Vision One support to 7.1.x release, so you will need to be on that version with the latest content pack update.

https://docs.fortinet.com/document/fortisiem/7.1.4/external-systems-configuration-guide/780675/forti...