As part of CMMC we need to be able to alert when logging has failed on a
system. some of these logs are application log files that we use the
windows agent user log and custom parsers. I know there is the generic
'no logs' from system event, but that...
1) Yes. as well as the Linux agent user log collection.2) Using the
default FortiSIEM Event database. Not sure if it that is ClickHouse at
the moment. would also like that option for any specific received log
item, not just the Agent user logs. For e...
