+8Good morning,
At one of our clients we are sending alerts from FAZ to the SOAR via API. After reviewing the events/logs closely, I noticed that the fields related to transferred bytes or megabytes in the connections are not being included.
Is there any way to add these fields — perhaps through a configuration option or similar?
I saw the "Search logs" option under FAZ integration, but it doesn’t seem to be working.
Any ideas?
Thanks in advance.
+11Are you using the FortiAnalyzer connector available on the SOAR Marketplace?
https://cloud.google.com/chronicle/docs/soar/marketplace-integrations/fortianalyzer
+8Are you using the FortiAnalyzer connector available on the SOAR Marketplace?
https://cloud.google.com/chronicle/docs/soar/marketplace-integrations/fortianalyzer
Yes i am, with the current actions available, but cant see the bytes
+11Are you trying to collect network traffic statistics? I do not think the FortiAnalyzer connector supports that. You might try with syslog & Bindplane: Collect Fortinet FortiAnalyzer logs
+8Are you trying to collect network traffic statistics? I do not think the FortiAnalyzer connector supports that. You might try with syslog & Bindplane: Collect Fortinet FortiAnalyzer logs
I tried the function “search logs” to collect any data that refers to the logs, but it shows me an error.
+8Error executing action FortiAnalyzer - Search Logs. Reason: An error occurred: Server error: Invalid tid 814812091 for fetching result.
+11You should open a support ticket to troubleshoot the Search Logs error
+8You should open a support ticket to troubleshoot the Search Logs error
Perfect thank you
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
