Technology Groups

Discuss how to find and fix security threats and manage compliance standards while reducing complexity, increasing critical application availability, and enhancing IT management efficiency.
* This is a PUBLIC forum. Do not disclose any private information here. 

Latest Discussions

  • Profile Picture

    RE: sentinelone intigration

    Posted in: SIEM

    Hi Kalana, Just configure the sentinelone management console to send syslog to FortiSIEM. Either a collector or to the supervisor directly. Kind Regards, ------------------------------ Dušan Tomić - Consulting Systems Engineer INTL Fortinet ------ ...

  • Posted in: SIEM

    Hi Kalana, Yes, FortiSIEM is able to identify relayed logs, but it does expect the syslog-ng relay to prepend the standard Syslog-ng header to the log. If you go to Admin / Device Support / Parsers you will see SyslogNGParser at the top of the list. ...

  • Posted in: SIEM

    Hi Dan, I've already contacted my SE's and got the samples. Thank you, Norberth ------Original Message------ Hi Norberth, Best to get in contact with your local channel SE or SME for FortiSIEM and they should be able to ...

  • Profile Picture

    RE: Juniper SRX Parsing

    Posted in: SIEM

    Hi Norman, Could you send some sample events? PM me if you don't want to post them publicly. Regards, ------------------------------ Dušan Tomić - Consulting Systems Engineer INTL Fortinet ------------------------------

  • Posted in: SIEM

    Hello, This howto will teach you how to import IOCs using STIX/TAXII. More specifically Malware Domains, IPs, URLs and Hashes. Kind Regards, ------------------------------ Dušan Tomić - Consulting Systems Engineer INTL Fortinet ------------------- ...

  • Posted in: SIEM

    Hello, The attached document will show you how to enforce and validate data retention policies. Kind Regards, ------------------------------ Dušan Tomić - Consulting Systems Engineer INTL Fortinet ------------------------------

  • Posted in: SIEM

    Hi, The following guide will show you how to populate the FortiSIEM CMDB by uploading and mapping a CSV file. This is an easy way of importing CMDB objects from 3rd party solutions. Kind Regards, ------------------------------ Dušan Tomić - Consulting ...

  • Posted in: SIEM

    You may have devices we don't support out of the box, the following HOWTO explains how to pull any configuration from any device using SSH and an expect script. It uses FortiWEB as an example. Kind Regards ------------------------------ Dušan Tomić ...

  • Profile Picture

    HOWTO - Integrate VPC Flows from AWS

    Posted in: SIEM

    Hi, You may find the following howto helpful if you're trying to integrate AWS VPC flows into FortiSIEM. Kind Regards ------------------------------ Dušan Tomić - Consulting Systems Engineer INTL Fortinet ------------------------------

  • Profile Picture

    FortiSIEM Licensing

    Posted in: SIEM

    Hi, I am trying to make a quote for FortiSIEM, but it all looks confusing to me: I have 20 Switches, i have 2 Routers, 2 FortiGates, 10 ESXi Hosts with 100 VM's on them. I can't distinct the difference between endpoint device, and device from the sales ...