Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Summer Badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Support Forum
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCare Services
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiData
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDevice
- FortiDevSec
- FortiDirector
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
FortiSOAR Discussions
- Fortinet Community
- Community Groups
- FortiSOAR
- Discussions
- Make Alert Source Data Appears on Alert Table List
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Make Alert Source Data Appears on Alert Table List
Hi all,
I am fairly new with FortiSOAR and trying to get my head around on how to use it. I already managed to ingest data from the SIEM into the alert module and by default, the columns displayed and can be filtered are such as severity and ID. Now, I am trying to fill up this alert table with some data/fields of the ingested data from the SIEM into the alert table. I can see the data is in the source data tab inside the alert. Need some help to point me on how to make it happen. Pointing me to the correct documentation will also be very helpfull
Labels:
- Labels:
-
fields
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @khilfi
Kindly refer to the section "Data Ingestion Support" in the document below:
https://docs.fortinet.com/document/fortisoar/5.4.1/fortinet-fortisiem/1059/fortinet-fortisiem-v5-4-1...
You can map the fields extracted from the source either from the data ingestion wizard or the create records step in the ingestion playbook.
Thanks
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This seems to be the solution that I need, I'll look into it more.
Thanks for the help
Labels
-
FortiSoar
71 -
Connector
8 -
FortiSOAR v7.x
6 -
FortiSOAR v7.6
6 -
SOAR
5 -
playbooks
3 -
Jinja
3 -
Schedule
2 -
FortiSOAR 7.4.0
2 -
FortiSOAR 7.5
2 -
Threat Intel Management
2 -
Forcepoint
1 -
enrichement
1 -
ution
1 -
FortiSIEM v7.4.x
1 -
crowdstrike
1 -
CMDB
1 -
Update Record Correlations
1 -
Data Ingestion
1 -
Queued Workflow
1 -
poonvert
1 -
templates
1 -
HybridAnalysis
1 -
alert
1 -
secret management
1 -
RegionalSOC
1 -
queue and shift management
1 -
related modules
1 -
fields
1 -
Artificial intelligence
1 -
FortiSOAR Awards
1 -
Content-Hub
1 -
Microsoft Exchange Connector
1 -
Staging
1 -
External Postgresql DB
1 -
secrets
1 -
Vault
1 -
FortiSOAR 7.3.x
1 -
FortiSIEM
1 -
FortiGuard
1 -
FortiWeb
1 -
FortiEDR
1 -
upgrade
1 -
Machine Learning
1 -
performance
1 -
Azure
1 -
Admin Access
1 -
License
1 -
Arrow
1 -
Time
1 -
Trial
1 -
FortiSOAR v7.2.x
1 -
FortiSOAR v7.4.x
1 -
Upgrading FortiSOAR
1 -
Playbook
1 -
People
1 -
TAXII
1 -
SOC
1 -
secops
1 -
FortiSASE
1 -
C
1 -
Asset
1 -
Threat feed
1 -
indicators
1 -
FortiAnalyzer
1 -
loops
1 -
ClickHouse
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2025 Fortinet, Inc. All Rights Reserved.