How to configure in FortiSIEM to monitor API

FortiSIEM Discussions

Hello,

I’m trying to configure a rule in FortiSIEM version 7.3.2 that will monitor the absence of events from a specific API and send an email alert if the API stops communicating with the SIEM.

For instance, the API usually sends a heartbeat event every few minutes, and my goal is to set up a rule that detects when this heartbeat stops and triggers an email alert after a specific time interval, like 30 minutes.

Does anyone know how to properly configure this type of rule or have any suggestions on how to approach this? I'd appreciate any help or ideas you might have.

FortiSIEM

0 REPLIES 0

Top Kudoed Authors

User

Count

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Terms of Service
Privacy Policy
GDPR
Cookie Settings

How to configure in FortiSIEM to monitor API

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website