HOWTO - Syslog Notification Action

ChrisDurkin · 12-15-2020

Syslog notification action script, to send a message to a 3rd party analytics tool on Incident generation/clear etc.

ChrisDurkin · 11-06-2020

How to import MISP data threat feeds in to FortiSIEMNote: requires "jq" to be installed on the Supervisor node. wget -O jq https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64chmod +x ./jqcp jq /usr/bin

ChrisDurkin · 09-18-2022

Try adding DayOfWeek( Event Receive Time )To the group by condition-------------------------------------------Original Message:Sent: Sep 15, 2022 09:26 PMFrom: E VSubject: FortiSEIM round valuesI am looking for something similar to Azure KQL's Bin fu...

ChrisDurkin · 12-08-2020

Hello MebinNot sure if you have also tried using "Snare" format as the export method in NxLog?-------------------------------------------Original Message:Sent: Dec 03, 2020 09:50 AMFrom: Mebin BabySubject: Windows Log Parsing IssueHi all,I am facing ...

User Statistics

User Activity

HOWTO - Syslog Notification Action

HOWTO - Import MISP Data

RE: FortiSEIM round values

RE: Windows Log Parsing Issue

HOWTO - Syslog Notification Action

FortiSIEM

KCS