Hello
I have a FAZVM64 running v6.2.6 with a large number of customer ADOMs defined. In order to make event handling consistent, I have a script which generates a .json file containing the two event handlers that each ADOM currently requires. These .json files are regenerated when the criteria for the handlers change, and the two handers are removed from each ADOM and then re-imported from the updated .json file.
The problem I have is that even though I have lined excluding specific logid values, the event handler is still firing on those events.
So for example I have the generic-ized .json handler file attached, and I'm still getting alerts firing on Log ID 0101037132 -- even though that's specifically excluded.
Can anyone tell me what I should look for to figure this out?
Thank you for your time.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Quick note to say I've updated to 6.2.7 and it looks like these events are not firing the handler any more.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1697 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.