Hi Can anyone tell me where I may find a document that describes the
various tables, columns and values that are present in the various 'Log
Type' tables underlying the datasets. For instance I am currently
attempting to run a query looking at 'Traff...
Hi I have cloned and edited a basic event handler
"Default-Recon-Activity-By-Endpoint" however it appears that I can no
longer edit the event handler. Everything looks OK and I have filled all
the required information. However, if I make changes and ...
Hi I am attempting to forward particular logs from FortiAnalyzer to
Splunk and I am attempting to use the Log Forwarding Filters to identify
the logs that I want to forward using the Source IP, Equal To,
10.10.10.0/24 in the belief that this would fo...
Hi I have a requirement to determine what amount of bandwidth is being
used by SSL VPN users for internal addresses versus external addresses,
however I don't see a dataset on FortiAnalyzer 6.4.7 that will allow me
to achieve this. I'd be extremely g...
This appears to be some sort of intermittent issue on the FAZ which can
often be cleared by refreshing the browser. Judging by the lack of
comments here I'm assuming that this is specific to my own FAZ and not
something that is being experienced by o...
Thanks for the response. I appreciate that there will be differences in
how MITRE is implemented. What I dont understand is how I am supposed to
either understand how to choose the correct MITRE Tech ID(s) or
alternatively why the FAZ apparently will...
Hi Mark, Thanks for coming back to me. Yes I found it odd that all logs
are forwarded when the criteria is not matched. Perhaps it is simply
disregarding the match criteria and sending everything, but then you
might expect a validation error to indic...
Hi @Debbie_FTNT I figured out why my report chart showed no data. It is
a bug which was replicated by TAC related to whether the report is being
run against all devices or a specific VDOM. The report shows no data
when a specific VDOM is selected but...
Thanks for getting back to me and clarifying about the filters.Really
cannot see why the report isn't showing me data. The data bindings and
binding format are definitely as shown in the screenshot that you
attached.
