Dear community, We are implementing new NVMe disks in our cluster and
currently discussing about the best redundancy methods. As these disks
are not meant to be managed by a hardware controller, we have multiple
disks (in fact 4), that can only be mo...
Hi everyone, I'd just like to exchange thoughts or practices about
baseline-focused rules on the FortiSIEM:At the moment, about 80% of our
Incidents are "Sudden increase in ...", as we narrowed down all the
other rules to not trigger on False Positiv...
Hello everyone, We are continuously experiencing the incident "High
performance monitoring delay from Collector or Worker SIEM Supervisor"
on our FortiSIEM platform. That one is triggered as soon as the Event
Type "PH_DEV_MON_PERFMON_ALL_DEVICE_DELAY...
Dear Community support, I've had a custom avatar image a while (think,
I've set this two-three years ago) and tried to update it recently. But
my finger was too fast, so I got one of the "community avatars" now.Now,
my question is: How can set a cust...
Hello all, We are in discussion with a customer that likes to host the
FortiSIEM on prem but considers moving to our
multi-tenant-cloud-environment some day in future.As we are just setting
up the SIEM, I would like to build the environment in a way ...
Gabriel mentioned the two main articlesThis one here talks about
changing the certificate for the GUI access:
https://community.fortinet.com/t5/FortiSIEM/Technical-Tip-How-to-apply-a-self-signed-or-certificate/ta-p/189946?cmd=displayKC&dialogID=11571...
Hi @networkm, Yes, in my experience (production up to v7.3.x), the
certificate for the GUI does not affect the rest of the configuration as
long as you did not configure certificate checks manually (see the
linked article from Gabriel).Please do chec...
Hi @vishal_rawat,Please open a technical support ticket and attach the
AOLogs. That's the best way to get the correct support here. I'd assume
that there is a task failing in the backend caused by the update.
Best,Christian
Hi @networkm,Unless you haven't configured otherwise, the Collectors and
Workers will accept any kind of certificate (they accept the self-signed
in the first place, so there is no need apply the CA to them here). You
can enforce the certificate chec...
Hi @vishal_rawat, You will need to define your goals and depending on
your specific requirements, then select the product parts that you need
to archive it. So, what should work, if site 1 fails?If you want the
full system to work, you need at least ...
