Dear community, We are implementing new NVMe disks in our cluster and
currently discussing about the best redundancy methods. As these disks
are not meant to be managed by a hardware controller, we have multiple
disks (in fact 4), that can only be mo...
Hi everyone, I'd just like to exchange thoughts or practices about
baseline-focused rules on the FortiSIEM:At the moment, about 80% of our
Incidents are "Sudden increase in ...", as we narrowed down all the
other rules to not trigger on False Positiv...
Hello everyone, We are continuously experiencing the incident "High
performance monitoring delay from Collector or Worker SIEM Supervisor"
on our FortiSIEM platform. That one is triggered as soon as the Event
Type "PH_DEV_MON_PERFMON_ALL_DEVICE_DELAY...
Dear Community support, I've had a custom avatar image a while (think,
I've set this two-three years ago) and tried to update it recently. But
my finger was too fast, so I got one of the "community avatars" now.Now,
my question is: How can set a cust...
Hello all, We are in discussion with a customer that likes to host the
FortiSIEM on prem but considers moving to our
multi-tenant-cloud-environment some day in future.As we are just setting
up the SIEM, I would like to build the environment in a way ...
Hi @horasjey, For category-based filters, the box is querying FortiGuard
service which do require a license.If you only use custom filters, this
should work without license as well. But at least certificate inspection
is needed to let the according f...
Hi @adrifesa95, Note that the IP-address/FQDN you provide in the
installation is not the place where you define how the Agent
communicates. Do you have correct IPs in you Admin Settings (Cluster
Config)? If yes:Do you receive any kind of log/status b...
Hi @Himanshu735, Did you configure the cluster config correctly (admin
settings)?After registering, the Collector receives the IPs/FQDNs you
entered in that setup and uses these instead of what you provided in the
setup.If they are unset, it uses the...
Hi @Himanshu735, I think, this is almost the same question and answer
like your other one
(https://community.fortinet.com/t5/FortiSIEM-Discussions/Fortisiem-EventDB-space-increase/m-p/361649).
Have a look
here:https://community.fortinet.com/t5/FortiS...
Hi @Himanshu735, Have a look here:
https://community.fortinet.com/t5/FortiSIEM/Technical-Tip-How-to-expand-local-disk-for-eventdb-mounted-on/ta-p/219618
Best,Christian
