Hi guys, I'm stuck with something, Once enabled SOAR MEA on FAZ 7.4.4,
because "execute shell is no longer supported", I can't get in into the
CLI for install some connectors. I appreciate some tip. Regards.
Hello Community. Please give some tip on how to create lists like
(words, emails, names, etc) for later use. case scenario: using the
filter "Mail Sender" --> IN --> (select from cmdb the list emails)
Regards.
Hello Community. I'm trying to run some newly created playbooks with
Manual Trigger using csadmin user, then I want to run it on ingested
alerts from SIEM or escalated alerts (incidents) using the Execute
option at the bottom of each record, but I ca...
Hello Community I'm trying to create a rule in FortiSIEM to detect
successful ssl-vpn connections without token, the logs that I get from
Syslog are:
FortiGate-event-two-f-auth-code-sendtoFortiGate-ssl-vpn-user-tunnel-upFortiGate-event-auth-logon
Wha...
Hello FortiSIEM Community I have this little doubt about two workers
that are members from one shard (2 replicas), when I run "df -h" the
output on each one is this: Shard 1 - Worker1 /dev/sdd 2.0T 16G 2.0T 1%
/data-clickhouse-hot-1 /dev/sde 4.0T 29G...
Hi @adem_netsys I deleted all files inside /opt/phoenix/cache with the
prefix _M* and also found that some kernel crash were saved on /crash
directory /var I think this problem was solved because there are no more
space disk alerts. Regards.
Hello @Secusaurus thank you for reply. 1. The events logs are not
followed on FSIEM, each fortigate uses syslogs to sends a lot so they
arrive between ips, generic, ipsec .... 2. I'm not using FAC for MFA, I
just using the local users on Fortigate wi...
Hi @AEK this is the output [root@replica1 ~]# du -sh
/data-clickhouse-hot-1/clickhouse/store/* 364M
/data-clickhouse-hot-1/clickhouse/store/036 0
/data-clickhouse-hot-1/clickhouse/store/1e0 0
/data-clickhouse-hot-1/clickhouse/store/26d 4.0K
/data-cli...
Hello @AEK this is the output: [root@replica1]# du -sh
/data-clickhouse-hot-1/clickhouse/* 20K
/data-clickhouse-hot-1/clickhouse/access 0
/data-clickhouse-hot-1/clickhouse/data 0
/data-clickhouse-hot-1/clickhouse/dictionaries_lib 0
/data-clickhouse-h...
