I would like to know how multiple FortiGate logs for one flow can be traced back.
e.g. External IP hits Public NAT IP on Fortigate (log 1), this is then DNat to internal IP, which is then in turn SNat to another external IP (log 2). What unique field can I used to match these two logs (session ID? event time?) within the FortiGate Logs.
addtionally, does FortiSIEM support NXlog agent forwarding logs in any format?BR,Ali