Fortinet Community

RE: FortiSIEM - Agent "User Log" Feature · 09-06-2022

here is an example log message in the file "this is a sample log1""this is a sample log2"You configured "MyFavKeyword" in the GUIWindows agent is going to add a header and keyword in the log and then send to FortiSIEM. So FortiSIEM will receive <136>...

RE: FortiSIEM - Agent "User Log" Feature · 09-03-2022

Windows agent is going to send the file to FortiSIEM, line by line. One line is 1 log. You need to write a parser using the keyword (that you define in User log configuration from gui) as the event recognizer. Within the parser you can define event t...

PartBhat · 02-09-2022

Use the concept of lookup table in 6.4.0. Store clear path for authentication in a lookup table with IP as key. *** Please note that this message and any attachments may contain confidential and proprietary material and information and are intended o...

PartBhat · 01-15-2022

If you are running an agent, then we merge by host name and not ip. So there would be 1 entry in CMDB with the latest IP. This was done few years ago. Let me know if this does not work this way.

Fortinet Community

User Statistics

User Activity

RE: FortiSIEM - Agent "User Log" Feature

RE: FortiSIEM - Agent "User Log" Feature

RE: join events from two log sources together in search

RE: Remote laptops

KCS

Fortinet Training Institute

FortiSIEM