Technical Tip: How Baseline works and troubleshoot...

tskandamis · 01-27-2023

Description This article describes how to troubleshoot custom rules. Scope Rules. Solution Each custom rule should be tested before it is activated. The related documentation about how to test a rule is: # Testing a Rule Documentation. - If the rule ...

tskandamis · 01-27-2023

Description This article describes how Retention Policies work. Scope Storage. Solution When the Online database becomes full, then events must be deleted to make room for new events. This can be Space-based or Policy-based. 1) Policy-Based Retention...

tskandamis · 01-27-2023

Description This article describes how to easily make a query via the API for an Organization in FortiSIEM. Instead of creating the query XML file manually, it is possible to create it automatically. Scope API. Solution 1) Connect on Supervisor CLI a...

tskandamis · 01-27-2023

Description This article describes how baseline works and some key points to check for troubleshooting. For further information/documentation about the baseline reports/rules, follow the FortiSiem Advanced Analytics training:Advanced Analytics Traini...

tskandamis · 01-27-2023

Description This article describes how to troubleshoot Parsers in case the Parser Test is successful, but the logs are still not parsed from this Parser. Scope Parsers. Solution - Review the Parsers documentation:Parsers Documentation. - If the Parse...

User Statistics

User Activity

Technical Tip: How to troubleshoot custom rules

Technical Tip: How Retention Policies work

Technical Tip: How to query results via an API request

Technical Tip: How Baseline works and troubleshooting

Technical Tip: How to troubleshoot Parsers

Technical Tip: How Baseline works and troubleshoot...

KCS