Good morning,
At one of our clients we are sending alerts from FAZ to the SOAR via API. After reviewing the events/logs closely, I noticed that the fields related to transferred bytes or megabytes in the connections are not being included.
Is there any way to add these fields — perhaps through a configuration option or similar?
I saw the "Search logs" option under FAZ integration, but it doesn’t seem to be working.
Any ideas?
Thanks in advance.
Any ideas? Thanks!
Are you using the FortiAnalyzer connector available on the SOAR Marketplace?
https://cloud.google.com/chronicle/docs/soar/marketplace-integrations/fortianalyzer
Are you using the FortiAnalyzer connector available on the SOAR Marketplace?
https://cloud.google.com/chronicle/docs/soar/marketplace-integrations/fortianalyzer
Yes i am, with the current actions available, but cant see the bytes
Are you trying to collect network traffic statistics? I do not think the FortiAnalyzer connector supports that. You might try with syslog & Bindplane: Collect Fortinet FortiAnalyzer logs
Are you trying to collect network traffic statistics? I do not think the FortiAnalyzer connector supports that. You might try with syslog & Bindplane: Collect Fortinet FortiAnalyzer logs
I tried the function “search logs” to collect any data that refers to the logs, but it shows me an error.
Error executing action FortiAnalyzer - Search Logs. Reason: An error occurred: Server error: Invalid tid 814812091 for fetching result.
You should open a support ticket to troubleshoot the Search Logs error
You should open a support ticket to troubleshoot the Search Logs error
Perfect thank you
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.