SIEM

Expand all | Collapse all

FortiSIEM - Windows Powershell

  • 1.  FortiSIEM - Windows Powershell

    Posted Apr 01, 2020 11:40 PM
    Hi,

    We are trying to integrate Windows PowerShell logs using the FortiSIEM Windows agent and currently, we have configured Powershell Operational logs. But we have an issue with the given Windows Powershell Event logs where they are not parsing.

    We would like to know whether the issue is with our configuration or a parser.

    Cheers,
    Isuru


  • 2.  RE: FortiSIEM - Windows Powershell

    GROUP ADMIN
    Posted Apr 02, 2020 01:54 AM
    Hi Isuru,

    Do you have any sample events that you can share?

    Thanks

    Dan


  • 3.  RE: FortiSIEM - Windows Powershell

    Posted Apr 02, 2020 02:03 AM
      |   view attached
    Hi Dan,

    Please find the Sample Logs herewith.

    Cheers,
    Isuru

    Attachment(s)

    csv
    powershell.csv   86K 1 version