Hello,
I wonder if it is possible to transfer logs to the SIEM afterwards.
For example, if you have (historical) Windows event logs that you would like to analyze without transferring them via WinAgent.
Is it possible to upload the log file?
Hi Martin,
FortiSIEM expects the log in a specific format (either what our agent sends it as or how we retrieve it via OMI/WMI). This means that a custom windows event log format such as a getting it from a file will not be recognized as we don't have a parser that can understand it.
Regards,
Dusan
Welcome to your new Fortinet Community!
You'll find your previous forum posts under "Forums"
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.