Help
FortiSIEM Discussions
Bruce7x2
New Contributor III

Created on ‎03-29-2024 02:05 AM

The New Version of FortiSIME Support Any Rules or Incidents Related to VisionOne?

Dear Team,

As we know, FortiSIME started supporting VisionOne logs from version 7.1.1.

Who knows what kind of correlated alerts will be generated when FortiSIEM receives logs from VisionOne? (Alerts that would not appear on the VisionOne platform)

After all, we know that FortiSIME can only obtain alert like workbench/OAT generated by VisionOne, and we are certainly aware of VisionOne’s those alert notifications.

In simple terms, for the support of this new device/service, will FortiSIEM correlate these already analyzed alerts with the logs on FortiSIME? And does this require the support or addition of new rules in the new version?

Best Regards,

Bruce Liu

Bruce Liu
Bruce Liu
Labels:
219
0 Kudos
1 REPLY 1
premchanderr
Staff
Staff

Created on ‎10-03-2024 08:18 PM

Hi @Bruce7x2 ,


In FortiSIEM 7.2.2 I see one rule related to trend vision one:

(s) Trend Vision One: Critical or High Alert Triggered

 

However there are many reports related to trend vision one based on alert history, audit activities  , detection and host details. 

Regards,
Prem Chander R
50
0 Kudos
Announcements

Welcome to your new Fortinet Community!

You'll find your previous forum posts under "Forums"

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.