Help
FortiSIEM Discussions
Deepika
New Contributor

Created on ‎06-26-2023 08:05 AM

Incident closure

Hi Team,

 

I'm trying to identify where to check my resolved incidents in FortiSIEM. i would like to know where can i see all the resolved incidents closed by me/by my team

583
0 Kudos
5 REPLIES 5
premchanderr
Staff
Staff

Created on ‎06-26-2023 08:26 AM

Hi @Deepika ,


You can run the System Report "All Incidents" and include display conditions Incident Status , Incident Resolution , Incident Cleared User etc

In this report to know all the available fields you can expand the blank raw event log in Analytics and view in Event Details. 

Regards,
Prem Chander R
571
0 Kudos
Deepika
New Contributor

Created on ‎06-26-2023 08:38 AM

could you help me with the navigation ? where can i see system report option in fortisiem

 

569
0 Kudos
premchanderr
Staff
Staff
In response to Deepika

Created on ‎06-26-2023 08:53 AM

Sure Deepika, Login Fortisiem GUI > Resources > Reports . Here search for - All Incidents .

Regards,
Prem Chander R
565
0 Kudos
Deepika
New Contributor
In response to premchanderr

Created on ‎06-28-2023 08:22 AM

thanks for the update. where can i export the data's ? for example i would like to export all the events for a incident how can i do that

527
0 Kudos
cdurkin_FTNT
Staff
Staff
In response to Deepika

Created on ‎06-29-2023 08:57 AM

Probably the easiest way is from the Incident Tab itself.

 

1) Select the Incident

2) Select Actions -> Export Incident

3) Choose PDF or CSV and tick "Include Raw Event Message"

512
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.