FortiSIEM Creating Tickets In FortiSIEM In-built Ticketing System
Creating Tickets In FortiSIEM In-built Ticketing System AccelOps includes a feature that will let you create and assign tickets for IT infrastructure tasks, and create tickets directly from incidents....
View ArticleFortiSIEM Ticket Related Operations
Ticket Related Operations Creating a ticket without an Incident Go to Incidents > Tickets. Click New. Enter a Summary and Description for the ticket. Both of these fields are required. For Assigned...
View ArticleFortiSIEM Creating Tickets in External Ticketing System
Creating Tickets in External Ticketing System See External Helpdesk System Integration. Using Incidents in Searches and Rules Creating an Historical Search from an Incident Creating a Real Time Search...
View ArticleNew Videos Incoming
Wanted everyone to know that I am still alive and well. Been moving and getting situated at the new location and just haven’t stayed disciplined enough over the past two months or so to when it comes...
View ArticleFortiSIEM Incidents – HTML5 version
Incidents – HTML5 version Incident tab allows users to view and manage incidents. Incident Attributes This topic describes all the columns that can be used to create views in the Incident Dashboard....
View ArticleFortiSIEM Device Risk Score Computation
Device Risk Score Computation Risk computation algorithms are proprietary and this section presents only the knobs that user is able to tweak to change the score. Risk score components The following...
View ArticleFortiSIEM Miscellaneous Operations
Miscellaneous Operations Exporting Events to Files You can run the phExportEvent tool from a Supervisor or Worker node to export events to CSV files. The file will contain these fields: phExportEvent...
View ArticleFortiSIEM Dynamic Population of Location, User, and and Geolocation...
Dynamic Population of Location, User, and and Geolocation Information for Events In most cases, network logs only contain IP address information, but to investigate incidents involving that IP, you...
View ArticleFortiSIEM Monitoring Custom Applications
Monitoring Custom Applications While FortiSIEM provides support for many applications, there may also be situations in which you have a custom application running in your infrastructure that you want...
View ArticleFortiSIEM The IPS Vulnerability Map
The IPS Vulnerability Map The IPS Vulnerability Map lists devices that have a known vulnerability. You can view the IPS Vulnerability Map by going to Incidents > IPS Vunerability Map, and you can...
View ArticleFortiSIEM Event Attribute Master List Troubleshooting
Event Attribute Master List This section describes the master list of event attributes. Events are parsed into these attributes and used in Accelops analytics. There are 4 broad categories of event...
View ArticleAccelOps Generated Event Format
AccelOps Generated Event Format AccelOps Generated Events AccelOps is an event based analytics system. When it monitors systems and applications, it produces events containing the collected metrics...
View ArticleFortiSIEM Disk space Monitoring
Disk space Monitoring Event Type: PH_DEV_MON_SYS_DISK_UTIL Description: Event containing disk utilization metrics Source: Microsoft Windows (SNMP or WMI), Linux (SNMP), Solaris (SNMP), HP-UX (SNMP),...
View ArticleFortiSIEM Disk I/O Monitoring
Disk I/O Monitoring Event Type: PH_DEV_MON_DISK_IO_UTIL Description: Event containing disk utilization metrics Source: Microsoft Windows (WMI), Linux (SSH), HP-UX (SSH), IBM AIX (SSH) NetApp DataONTAP...
View ArticleFortiSIEM Network Interface Monitoring
Network Interface Monitoring Event Type: PH_DEV_MON_NET_INTF_UTIL Description: Event containing network interface utilization metrics Source – almost all devices via SNMP: Cisco IOS (SNMP), , Cisco...
View ArticleFortiSIEM Disk Growth Trend – Daily
Disk Growth Trend – Daily Event Type: PH_DEV_MON_SYS_DISK_TREND_DAY Description: Event containing disk usage growth trend – daily view Source: Microsoft Windows (SNMP or WMI), Linux (SNMP), Solaris...
View ArticleFortiSIEM Disk Growth Trend – Weekly
Disk Growth Trend – Weekly Event Type: PH_DEV_MON_SYS_DISK_TREND_WEEK Description: Event containing disk usage growth trend – weekly view Source: Microsoft Windows (SNMP or WMI), Linux (SNMP), Solaris...
View ArticleFortiSIEM Disk Growth Trend – Monthly
Disk Growth Trend – Monthly Event Type: PH_DEV_MON_SYS_DISK_TREND_MONTH Disk Capacity Util diskUtil double Disk utilization for a specific disk name (between 0-100). Free Disk (MB) freeDiskMB uint32...
View ArticleFortiSIEM Availability Monitoring Events
Availability Monitoring Events Availability Monitoring Events AccelOps generates the following events related to availability monitoring Ping Stat Monitoring Synthetic Monitoring Success Synthetic...
View ArticleFortiSIEM Hardware Monitoring Events
Hardware Monitoring Events AccelOps generates the following events related to hardware monitoring Overall Hardware Status Individual Hardware Component Status Temperature Measurement Humidity...
View Article