Hello everyone,I would like to ask for assistance regarding a
Passwordstate parser. Has anyone already worked on it?One of the major
challenge I am having is the lack of Passwordstate syslog documentation.
I only has been able to find this page that ...
Hello everyone,While going through Crowdstrike events I noticed that
FortiSIEM is missing all Time Stamps from all Crowdstrike parsers:
"FalconDataRepParser", "FalconStreamingParser", and
"CrowdStrikeFalconParser".This is a sample of one of the event...
Hello there,We are getting events from Crowdstrike into FortiSIEM and no
many fields are been parsed. I am working in adding the additional
fields but I would like to hide when fields ='0'.Because so many fields
are coming over it doesn't make sense ...
Hello there,The following rules was created and adapted from an Exabeam
query. See original post
type != FortiGate-ips-signature-51006 [we do not want to...
Hello there,I am currently on version 6.1.1 and noticed that
"CiscoFTDParser" is not parsing all the fields.A little of everything is
happening: 1- For some evens the "Computer" fields is been assign to
"user" field.2- Multiples fields as missing suc...
Thank you so much Ken, I appreciate it a lot! This is great, It works
for me!Crowdstrike Falcon Data Replicator contains over 200 events and
each events approximately 83 fields. There are a lot of "Count" fields
so a lot of them are ='0'. See below s...
Thanks Karn, It worked for me. See below a portion of the parser code
for anyone who may be on the situation. \> User
\<\> IP \<\> IPv4 Address
\<\> IPv4 Address
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.