Technical Tip: Using FortiAnalyzer to detect the F...

ck_FTNT · 01-17-2024

Description This article describes how to use a custom event handler in FortiAnalyzer to raise alerts for incident response related to attacks that attempt to leverage the Microsoft SharePoint Server EoP Vulnerability. A report is also provided to ga...

ck_FTNT · 12-17-2023

Description This article describes how to use a custom event handler in FortiAnalyzer to raise alerts for incident response related to attacks that attempt to leverage the JetBrains TeamCity Authentication Bypass Attack. A report is also provided to ...

ck_FTNT · 12-12-2023

Description This article describes how to use a custom event handler in FortiAnalyzer to raise alerts for incident response related to attacks that attempt to leverage the Lazarus RAT Attack. A report is also provided to gain historical visibility in...

ck_FTNT · 11-02-2023

Description This article describes how to use a custom event handler in FortiAnalyzer to raise alerts for incident response related to attacks that attempt to leverage the Citrix Bleed Attack. A report is also provided to gain historical visibility i...

ck_FTNT · 02-16-2023

Description This article describes how to use a custom event handler in FortiAnalyzer to raise alerts for incident response related to attacks that attempt to leverage the Cacti Command Injection Vulnerability. A report is also provided to gain histo...

ck_FTNT · 10-27-2022

Hi FortiMax_it, The first issue is likely a bug 781654 EMS does not remove dashboard outbreak alerts when endpoint disconnects. https://docs.fortinet.com/document/forticlient/7.0.7/ems-release-notes/310815/known-issues To elaborate, the root cause of...

ck_FTNT · 10-25-2019

NON-JOIN combination: SELECT t.srcip, t.dstip, t.dstcountry, v.eventtype, v.ref FROM $log-virus v, $log-traffic t WHERE t.srcip=v.srcip AND t.srcport=v.srcport AND t.dstip=v.dstip AND t.dstport=v.dstport INNER JOIN: SELECT t.srcip, t.dstip, t.dstcoun...

ck_FTNT · 01-30-2019

Hi Mark, You can download the full installer from our support site (support.fortinet.com). After logging in, hover over Download and select Firmware Images. Then use the dropdown to select FortiClient and adjust the red box below from Release Notes t...

ck_FTNT · 01-30-2019

Hi Ju, You did not specify which version you are on, however there is a known issue which was resolved in FortiClient 6.0.4. Please see the 6.0.4 release notes Resolved Issues section (https://docs.fortinet.com/d/forticlient-6.0.4-windows-release-not...

User Statistics

User Activity

Technical Tip: Using FortiAnalyzer to detect activities related to the Microsoft SharePoint Server Elevation of Privilege Vulnerability Attack | CVE-2023-29357

Technical Tip: Using FortiAnalyzer to detect activities related to the JetBrains TeamCity Authentication Bypass Attack | CVE-2023-42793

Technical Tip: Using FortiAnalyzer to detect activities related to the Lazarus RAT Attack | CVE-2021-44228

Technical Tip: Using FortiAnalyzer to detect activities related to the Citrix Bleed Attack | CVE-2023-4966

Technical Tip: Using FortiAnalyzer to detect activities related to the Cacti Command Injection Vulnerability

Re: ForticlientEMS: FortiGuard Outbreak Detection

Re: How to join two logs on SQL?

Re: FortiClient offline installer

Re: "FortiClient Logging daemon - FCDBLog.exe" high CPU and RAM

Technical Tip: Using FortiAnalyzer to detect the F...

Technical Tip: Creating alerts when FortiAnalyzer ...

Technical Tip: Using FortiAnalyzer to detect the B...

Technical Tip: Using FortiAnalyzer to detect OpenS...

Re: ForticlientEMS: FortiGuard Outbreak Detection

Re: ForticlientEMS: FortiGuard Outbreak Detection

Re: How to join two logs on SQL?

KCS