Hi all,
I’m having issues ingesting FortiNDR logs into Google SecOps using cfproduction docker forwarder here is the details:
Any thoughts why this happen?
Page 1 / 1
Looks like config issue, double check the config, or post here with the config issue (remove sensitive info)
Looks like config issue, double check the config, or post here with the config issue (remove sensitive info)
It wasn’t a config issue, after raising a ticket to Google Support this issue have been fixed without requiring me to do any changes. Although, in “SIEM Settings > Available log types” it states that Fortinet NDR has a prebuilt parser but it doesn’t.
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.