SIEM & UEBA

View Only

This part of the forum is focused on SIEM & UEBA and in particular FortiSIEM and FortiInsight!

As well as discussing SIEM related topics, we can use the forum to share customizations, parsers, new content, ideas and of course questions!

* This is a PUBLIC forum. Do not disclose any private information here.

Latest Discussions

FortiSIEM - AWS Integration

By Isuru , Jan 28, 2021 7:06 AM

Hi All, I would like to clarify few things regarding FortSIEM integration with AWS Environment. AWS CloudWatch – There is a section on the guide on AWS EC2 CloudWatch API but nothing related to CloudWatch events on other AWS services. AWS Kinesis ...
RE: Exception Rule not working

By Muhammad Hafiz Safwan , Jan 15, 2021 2:35 AM

Thanks for the reply
RE: No data Issue

By Muhammad Hafiz Safwan , Jan 13, 2021 5:20 AM

Hi Daniel, The issue resolve when we reboot collector
RE: Duration of website visits

By Daniel , Jan 5, 2021 7:08 AM

Hi Ali, HTTP being stateless will mean that you will see the time of the connection, but you will not be able to see the time spent on site unless there is a continuous call back. You can do something like this to show the time between the first and ...
RE: Cisco Ironport Log Issues

By Muhammad Hafiz Safwan , Dec 29, 2020 1:44 AM

Hi Dusan, Thank you for the replied the solution given by Robert work also.

Integrate Minemeld (Palo Alto) with FortiSIEM and ...

By: Hugo Dec 28, 2020
RE: Cisco Ironport Log Issues

By: Robert Dec 22, 2020
Sunburst APT - FortiSIEM Forensic Reports

By: Stuart Dec 21, 2020
HOWTO - Syslog Notification Action

By: Chris Dec 15, 2020

Syslog notification action script, to send a message to a 3rd party analytics tool on Incident generation/clear etc.
FortiSIEM Incidnet Dashboard

By: Daniel Nov 13, 2020

Hi, I recently needed a summary Incident dashboards so created this one. Create a new Dashboard tab and then import this XML template. Provides trend ...

Group Leads

David

Daniel

Jon

SIEM & UEBA

Latest Discussions

FortiSIEM - AWS Integration

RE: Exception Rule not working

RE: No data Issue

RE: Duration of website visits

RE: Cisco Ironport Log Issues

Latest Files

Integrate Minemeld (Palo Alto) with FortiSIEM and ...

RE: Cisco Ironport Log Issues

Sunburst APT - FortiSIEM Forensic Reports

HOWTO - Syslog Notification Action

FortiSIEM Incidnet Dashboard

Group Leads

Poll