Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
GiuseppeB
New Contributor III

Created on ‎04-28-2023 12:21 PM Edited on ‎05-02-2023 03:30 AM

events count reset FAZ fortisoc

Hi,

 

I have a problem with displaying the event handler in fortisoc, in the sense that once set the event works correctly but the events counter, in the right side of the screen, seem to reset automatically and I can't get an actual history of how many times the handler has worked.

 

Is there any tweak that can help me not reset the event count?Immagine 2023-04-28 212035.png

 

 

Labels:
808
0 Kudos
6 REPLIES 6
Anthony_E
Community Manager
Community Manager

Created on ‎05-01-2023 08:57 PM

Hello Giuseppe,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Anthony-Fortinet Community Team.
771
0 Kudos
Anthony_E
Community Manager
Community Manager

Created on ‎05-03-2023 01:02 AM

Ciao Giuseppe,

 

In page 93 of this guide:

 

https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/6c4fe9fe-7369-11ea-9384-005056...

 

You will maybe find interesting information.

 

Could you please have a look and tell me if you find anything useful?

 

Regards,

Anthony-Fortinet Community Team.
735
0 Kudos
GiuseppeB
New Contributor III

Created on ‎05-03-2023 01:15 PM

Hello Anthony,

 

thanks for the doc but unfortunately it doesn't help me.

 

BR

718
0 Kudos
srajeswaran
Staff
Staff
In response to GiuseppeB

Created on ‎05-03-2023 11:14 PM

Could you please share the FAZ version? Also, can you confirm if there is any pattern in the count reset? For example, after a change or after reaching a particular time interval? Is it going back to zero or the number is reduced/changed?


Also, can you check if the logs triggering the events are getting archived and that leads to reset of the counter as there is no active logs for this event?

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

702
Anthony_E
Community Manager
Community Manager

Created on ‎05-03-2023 09:34 PM

Hello Giuseppe,

 

We will then continue to look for an answer.

I come back to you ASAP.

 

Regards,

Anthony-Fortinet Community Team.
707
0 Kudos
vsahu
Staff
Staff

Created on ‎05-04-2023 02:18 AM

Hello GuiseppeB,

 

Can you check the max-alert-count configured as of now? 10,000 is the default count. you can push it to 50,000 if required.

 

get sys log alert

conf sy log alert
(alert)# show
(alert)# get
max-alert-count : 10000
(alert)# set max-alert-count
The alert count range between 100 and 50000.
(alert)# set max-alert-count 20000

(alert)# end

Let me know after changing it if you are seeing some improvement or not.

https://community.fortinet.com/t5/FortiAnalyzer/Technical-Tip-Increase-the-number-of-alerts-display-...

Regards,
Vishal
692
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.