Skip to main content
Question

Sent Batch Error For FORTINET_FORTINDR

  • July 24, 2025
  • 3 replies
  • 56 views
Aphex2in
Forum|alt.badge.img+4

Hi all, 
I’m having issues ingesting FortiNDR logs into Google SecOps using cfproduction docker forwarder here is the details:
 

Any thoughts why this happen?

 

3 replies

hzmndt
Staff
Forum|alt.badge.img+10
  • hzmndt
  • Staff
  • July 31, 2025

Looks like config issue, double check the config, or post here with the config issue (remove sensitive info)  

Aphex2in
Forum|alt.badge.img+4
  • Aphex2inBronze 1
  • Author
  • Bronze 1
  • July 31, 2025

Looks like config issue, double check the config, or post here with the config issue (remove sensitive info)  

It wasn’t a config issue, after raising a ticket to Google Support this issue have been fixed without requiring me to do any changes. Although, in “SIEM Settings > Available log types” it states that Fortinet NDR has a prebuilt parser but it doesn’t.

hzmndt
Staff
Forum|alt.badge.img+10
  • hzmndt
  • Staff
  • August 1, 2025

@Aphex2in got it, thanks for sharing, do press the support to give the RCA in this case. 

    Terms & ConditionsCookie settingsAccessibility statement
    Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

    © 2025 Google. All rights reserved.