We currently use the FSSO ignore list for service accounts, but have to manually sync everytime we create new account then sync it with the other agents on other sites, is there a way to automate this process?
I guess there are no options to script it. However, syncing from one FSSO CA to others also somehow facilitates.
Hey lekanhaji,
technically, the ignore user list is stored in registry keys:
[HKEY_LOCAL_MACHINE\software\wow6432node\fortinet\fsae\collectoragent\Filter]
The key is of type string, called "ignore_users", consists of a list of ignored users, and the user entries are separated by semicolon.
You could use GPOs (or similar tools) to update the registry keys across all hosts with Collector Agents.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.