SIEM & UEBA

Expand all | Collapse all

FortiSIEM Questions & Answers

  • 1.  FortiSIEM Questions & Answers

    Posted Aug 08, 2017 11:27 AM

    Purpose: This is an open forum for any and all questions related to the use of FortiSIEM in support of optimal Security, Performance and Compliance management.

    How it works: This is meant to be an open conversation by any and all with an interest and/or expertise to share their questions and to allow the sharing of ideas.

    If you have any problems with this thread or want to report abuse, please contact:

    Michael Reinhart

    Sr. Director - Security Operations Solutions

    408-858-3349



  • 2.  RE: FortiSIEM Questions & Answers

    Posted Sep 12, 2017 03:49 AM

    Looking for advice on whether I should purchase the Basic Windows Agent or not. What specifically will the basic agent give me that I am not getting from my Fortigates, ASA's, Routers and Switches? 



  • 3.  RE: FortiSIEM Questions & Answers

    Posted Sep 21, 2017 03:27 AM
      |   view attached

    Beginning in Q4 2017 we will be retiring "Basic" Windows Agents. See attached for the benefits of the Advanced Windows Agent.

     

     

    Michael Reinhart

    Sr. Director - Security Operations Solutions

    408-858-3349

    Attachment(s)



  • 4.  RE: FortiSIEM Questions & Answers

    Posted Feb 16, 2018 11:15 AM

    I have looked through the API Reference guide, and the API seems pretty limited. Is there a query I can run in order to get the status of devices from the CMDB - specially if the device is showing as up or down within FortiSIEM.

    Additionally, is there a published road map for FortiSIEM features?



  • 5.  RE: FortiSIEM Questions & Answers

    Posted Apr 09, 2018 02:23 AM

    After you’ve created or an edited a rule, you should test it to see if behave as expected before you activate it. This topic describes how to test a rule using synthetic events. Assignment Writing Help