Help
FortiSOAR Discussions
gurveersingh
New Contributor

Created on ‎08-23-2024 10:22 AM

Ingest system alerts using FortiEDR Connector

Could we explore the possibility of adding functionality to ingest system alerts from FortiEDR into FortiSOAR? The FortiEDR API supports reading system events, which could be leveraged for this integration.

 

https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/df7ab511-7435-11ea-9384-005056...

179
0 Kudos
2 REPLIES 2
okumbhar
Staff
Staff

Created on ‎08-27-2024 01:48 AM

@gurveersingh we are already having a data ingestion to fetch events from FortiEDR and create alert in FortiSOAR

129
0 Kudos
gurveersingh
New Contributor

Created on ‎08-27-2024 06:25 AM

@okumbhar Currently, the connector is capable of ingesting only security alerts. Can we add the capability to also ingest system alerts, which will provide insight into component health status?

 

Here is the sample API endpoint to which you can query to get system events

https://localhost/management-rest/system-events/list-system-events?componentNames=ensilo,USER-PC&com...

116
0 Kudos
Announcements

Welcome to your new FortiSOAR Community!

View More

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.