RE: Kaspersky Security Center Integration

Gabe_FTNT · 11-12-2021

Gabe_FTNT · 11-12-2021

Hi IsuruI don't find any BarracudaWebFilterParser on my FortiSIEM 6.3.2 instance: Yet, the log message you posted originally passes the system's BarracudaWAFParser:The only issue I see with the parser is that it does not correctly categorize the ERRO...

Gabe_FTNT · 11-12-2021

Hi Isuruwhy are you not using the system parser that does the job well? \s+\s+<_eventID:gPatInt>\s+\s*$]]>combineMsgId("Barracuda-Sys-", $_eventID)Barracuda-Sys-Generic To answer your question, yet, you'd have to applycollectAndSetAttrByPos only to t...

Gabe_FTNT · 05-28-2020

Hi IsuruFortiSIEM does not contain a parser for the syslog format as of now, only CEF is supported. I don't know what the difference between ArcSight CEF and Splunk CEF is.Be aware that Kaspersky CEF log export requires an advanced license from Kaspe...

Gabe_FTNT · 10-04-2018

Hi deacs I haven't tested with FAZ 5.2 (only 6.0), but I can only get this error, if I deliberately put wrong user credentials into the request.I'm using a local user with super_user admin profile for all ADOMs in my setup.I checked whether "set rpc-...

User Statistics

User Activity

RE: FortiSIEM - Barracuda Web Filter Parser

RE: FortiSIEM - Barracuda Web Filter Parser

RE: FortiSIEM - Barracuda Web Filter Parser