I have one business case where i need to do a playbook to do the next:
When a traffic match with a specific firewall rule ( deny ) ( fortigate), generate a custom report including the Source IPs that matched this firewall rule .
How I can do it ? I tried with events handlers but I never find the way to work in real time...
Hello Toror,Please build a custom report for your requirement.Please follow the steps as per the below linkshttps://community.fortinet.com/t5/FortiAnalyzer/Technical-Tip-How-to-build-a-custom-report-on-FortiA...https://community.fortinet.com/t5/FortiAnalyzer/Technical-Tip-How-to-create-FortiAnalyzer-reports-us...RegardsNagaraju.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.