Help
FortiSIEM Discussions
adem_netsys
Contributor

Created on ‎07-10-2024 12:14 AM

PAM360 Parser

Hi

I have a PAM360 Parser, but it can miss users. Does anyone have a parser related to this?

756
0 Kudos
11 REPLIES 11
FSM_FTNT
Staff
Staff

Created on ‎07-17-2024 02:43 PM

Can you export a broader sample of event in CSV format from FortiSIEM and send to me direct? I will have a look.

 

Do you know if there is a logging guide?

135
0 Kudos
adem_netsys
Contributor
In response to FSM_FTNT

Created on ‎07-18-2024 12:03 AM Edited on ‎07-18-2024 12:08 AM

I have a parser that I have shared above, where it takes ResourceAudit or UserAudit as User information, but in some cases this place comes as N/A and I need to get the user information from "user_example" at the end of the log.

 

Jul 8 12:39:18 XXM01 UserAudit:N/A:EXAMPLE01.example.com User_Logged_Out 2024/07/08 12:39:17 Success XXM01 -User_Example:N/A

122
0 Kudos
Announcements

Welcome to your new Fortinet Community!

You'll find your previous forum posts under "Forums"

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.