Technology Groups

Discuss how to find and fix security threats and manage compliance standards while reducing complexity, increasing critical application availability, and enhancing IT management efficiency.
* This is a PUBLIC forum. Do not disclose any private information here. 

Latest Discussions

  • Posted in: SIEM

    Hi all, I have a query regarding the metrics - Avg EPS , Event Rate EPS , Std Dev EPS Under Dashboard > Exec Summary > Perf monitor shows Warning - I can customize the values for disk,cpu, memory under Admin > Custom property. However I am not ...

  • Posted in: SIEM

    Hi Dan, I've already contacted my SE's and got the samples. Thank you, Norberth ------Original Message------ Hi Norberth, Best to get in contact with your local channel SE or SME for FortiSIEM and they should be able to ...

  • Profile Picture

    RE: Juniper SRX Parsing

    Posted in: SIEM

    Hi Norman, Could you send some sample events? PM me if you don't want to post them publicly. Regards, ------------------------------ Dušan Tomić - Consulting Systems Engineer INTL Fortinet ------------------------------

  • Posted in: SIEM

    Hello, This howto will teach you how to import IOCs using STIX/TAXII. More specifically Malware Domains, IPs, URLs and Hashes. Kind Regards, ------------------------------ Dušan Tomić - Consulting Systems Engineer INTL Fortinet ------------------- ...

  • Posted in: SIEM

    Hello, The attached document will show you how to enforce and validate data retention policies. Kind Regards, ------------------------------ Dušan Tomić - Consulting Systems Engineer INTL Fortinet ------------------------------

  • Posted in: SIEM

    Hi, The following guide will show you how to populate the FortiSIEM CMDB by uploading and mapping a CSV file. This is an easy way of importing CMDB objects from 3rd party solutions. Kind Regards, ------------------------------ Dušan Tomić - Consulting ...

  • Posted in: SIEM

    You may have devices we don't support out of the box, the following HOWTO explains how to pull any configuration from any device using SSH and an expect script. It uses FortiWEB as an example. Kind Regards ------------------------------ Dušan Tomić ...

  • Profile Picture

    HOWTO - Integrate VPC Flows from AWS

    Posted in: SIEM

    Hi, You may find the following howto helpful if you're trying to integrate AWS VPC flows into FortiSIEM. Kind Regards ------------------------------ Dušan Tomić - Consulting Systems Engineer INTL Fortinet ------------------------------

  • Profile Picture

    FortiSIEM Licensing

    Posted in: SIEM

    Hi, I am trying to make a quote for FortiSIEM, but it all looks confusing to me: I have 20 Switches, i have 2 Routers, 2 FortiGates, 10 ESXi Hosts with 100 VM's on them. I can't distinct the difference between endpoint device, and device from the sales ...

  • Posted in: SIEM

    If you want to create some syslog entries regarding Post, then I suggest you look into DLP : they is a feature here that might be able to help (you can try to match anything regarding DLP). Best regards, Michael