Hi everyoneJust wrote a (rather rudimentary) ansible playbook to
automatically fix the log4j configuration issues shipped with FortiSIEM
6.3.x. Please find it attached.RegardsSimon Copyright (c) 2021 Simon
Monai | Sidarion AG Permission is hereby gra...
Hi everyoneI just enabled the LDAPS Authentication on the FortiSIEM and
it works fine. The only thig that I'm not yet completely happy about is
that I can not enable "Check Certificate" as the certificate check seems
to fail.I do have a local certifi...
Hi AliI once did that a long time ago with Splunk, if I remeber
correctly there we used the Session ID to match the logs of a WAF to the
original IPs masked by the Fortigate in front of
it.RegardsSimon-------------------------------------------Origin...
Hi MebinAre you able to send mails from the FortiSIEM other than the
reports? You may want to have a look at the settings in
Admin>Settings>System>Email and send a test mail. Use the same sender in
the report settings to avoid mail filter issues.Then...
Hi AliWhat is the reason that you would like to poll the files instead
of pushing them in regular intervals? I am thinking of installing the
FortiSIEM agent configured to load a specific log file.
RegardsSimon-----------------------------------------...
Hi DanI just did the upgrade today, though I had to learn the hard way
that the mirrors were changed (and more than the documented
os-pkgs-cdn.fortisiem.fortinet.com and os-pkgs.fortisiem.fortinet.com,
eg. os-pkgs-r8.fortisiem.fortinet.com) which alm...
Hi TonyI got the instructions through a ticket system, here you can find
my ansible script that implements
these:https://fusecommunity.fortinet.com/groups/community-home/digestviewer/viewthread?MessageKey=795b04ad-ee44-46a3-828d-30fdb540c907&Communit...
