We are trying to create a rule in FortiSIEM to detect the absence of a
specific type of log being received from a device. For example, if a log
source is configured to send PING, Sysmon, and Syslog logs to FortiSIEM,
we need to create a rule that tri...
Hi,Thank you for your insight. However, we want to trigger the silent
log rule without discarding the events. We still need the ping and
Sysmon logs but want the rule to trigger only if no Syslogs are
detected, without dropping the ping and Sysmon lo...