HOWTO – STIX/TAXII with AlienVault OTX (OTX Direct...

dtomic_FTNT · 02-14-2022

FortiSIEM 6.4.0 introduces the ability of enriching Analytics with information from Lookup Tables to provide insight into the data being retrieved from logs. It also introduces the ability to create Correlation Rules based on contents and conditions ...

dtomic_FTNT · 10-09-2020

Please find attached a HOWTO on monitoring our hardware appliances.------------------------------Dušan Tomić - Consulting Systems Engineer INTLFortinet------------------------------

dtomic_FTNT · 04-01-2019

Hello,This howto will teach you how to import IOCs using STIX/TAXII.More specifically Malware Domains, IPs, URLs and Hashes.Kind Regards,------------------------------Dušan Tomić - Consulting Systems Engineer INTLFortinet-----------------------------...

dtomic_FTNT · 03-15-2019

Hello,The attached document will show you how to enforce and validate data retention policies.Kind Regards,------------------------------Dušan Tomić - Consulting Systems Engineer INTLFortinet------------------------------

dtomic_FTNT · 03-15-2019

Hi,The following guide will show you how to populate the FortiSIEM CMDB by uploading and mapping a CSV file. This is an easy way of importing CMDB objects from 3rd party solutions.Kind Regards,------------------------------Dušan Tomić - Consulting Sy...

dtomic_FTNT · 09-13-2023

Hi Martin, FortiSIEM expects the log in a specific format (either what our agent sends it as or how we retrieve it via OMI/WMI). This means that a custom windows event log format such as a getting it from a file will not be recognized as we don't hav...

dtomic_FTNT · 07-25-2022

Hi Martin,You can try this file: https://fortinet.egnyte.com/dl/uxy5TIwVEqKind Regards,Dusan

dtomic_FTNT · 03-23-2021

Hi Isuru,It supports RDS, EFS and EC2 metrics using the EC2 credential method.Using Kinesis credential method it supports all services that can log to S3 using Kinesis. You'll need to create a credential per each Kinesis/S3 pair.Using Cloudtrail it s...

dtomic_FTNT · 03-23-2021

Hi Carlos,You typically need the MIBs in the IMPORT section in the same folder: SNMPv2-SMI SNMPv2-TC SNMPv2-CONF Kind Regards,------------------------------Dušan Tomić - Consulting Systems Engineer INTLFortinet------------------------------

dtomic_FTNT · 12-28-2020

Hi Ali, Logins would be visible in the web server. Like Henry suggested, enable logging on all fields. Depending on the webserver you may need to install an agent to forward the logs to FortiSIEM (if the webserver stores the logs in a file and isn't ...

User Statistics

User Activity

FortiSIEM 6.4 Lookup Tables

Monitoring FortiSIEM Hardware Appliances

HOWTO – STIX/TAXII with AlienVault OTX (OTX DirectConnect API)

HOWTO - Archiving / Retention Policies in FortiSIEM

HOWTO - Populate CMDB via CSV (Nozomi SCADAguardian example)

Re: Upload log files afterwards

Re: FortiSIEM 6.4 Lookup Tables

RE: FortiSIEM - AWS Integration

RE: Problem Converting mib to xml

RE: Integrating Web App logins

HOWTO – STIX/TAXII with AlienVault OTX (OTX Direct...

Monitoring FortiSIEM Hardware Appliances

RE: sentinelone integration

FortiSIEM

KCS

Fortinet Training Institute