I thought i understood how to read logs but the two examples below have me confused. I have redacted some of the information.
The confusing part is the 'direction'. Both examples have an external internet address as the source IP and a destination that is on our internal network. The difference is the direction. One is outgoing and one is incoming. Can someone point me to the documentation that would help me understand or if you can ELI5 that is helpful too. thanks
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.