Trying to take some of the reports generated in fortianalyzer and create
them in ArcSight. My issue is that I am unable to verify what fields are
used in the Fortinet dataset query. Some are self explanatory (catdesc,
rcvbyte, sentbyte, etc.) But the...
Hello HZ, Thank you for your reply. I have viewed the Log Message
Reference but it does not give an explanation on the events. Such as,
what is the difference between: where name = "traffic: forward" vs
"traffic: close" vs "traffic: deny" vs "traffic...
