Dear Team,
As we know, FortiSIME started supporting VisionOne logs from version 7.1.1.
Who knows what kind of correlated alerts will be generated when FortiSIEM receives logs from VisionOne? (Alerts that would not appear on the VisionOne platform)
After all, we know that FortiSIME can only obtain alert like workbench/OAT generated by VisionOne, and we are certainly aware of VisionOne’s those alert notifications.
In simple terms, for the support of this new device/service, will FortiSIEM correlate these already analyzed alerts with the logs on FortiSIME? And does this require the support or addition of new rules in the new version?
Best Regards,
Bruce Liu
Hi @Bruce7x2 ,
In FortiSIEM 7.2.2 I see one rule related to trend vision one:
(s) Trend Vision One: Critical or High Alert Triggered
However there are many reports related to trend vision one based on alert history, audit activities , detection and host details.
Welcome to your new Fortinet Community!
You'll find your previous forum posts under "Forums"
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.