Using 300E on v6.0.8 Is it possible to monitor activity from a particular IP, preferably in a more automated way; API or script, to know when a *specific* IP triggers a DoS rule, and why? (I'm quite comfortable with coding, I'm just not sure what parameters or how to go about it for the Fortigate - I have API access, but have not had much time to explore it.) I have a colleague that is getting caught in the DoS filter and while I have my suspicions of why, I'd like to see positively what's causing the trigger, without all of the noise the typical DoS "intrusion alerts" carry, which is primarily port scanning traffic, bots and script kiddies.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.