Dear Team,
As we know, FortiSIME started supporting VisionOne logs from version 7.1.1.
Who knows what kind of correlated alerts will be generated when FortiSIEM receives logs from VisionOne? (Alerts that would not appear on the VisionOne platform)
After all, we know that FortiSIME can only obtain alert like workbench/OAT generated by VisionOne, and we are certainly aware of VisionOne’s those alert notifications.
In simple terms, for the support of this new device/service, will FortiSIEM correlate these already analyzed alerts with the logs on FortiSIME? And does this require the support or addition of new rules in the new version?
Best Regards,
Bruce Liu
Bruce Liu
