FortiSIEM Viewing Rules

Leave a reply
Viewing Rules

AccelOps includes a large set of rules for Availability, Performance, Change, and Security incidents in addition to the rules that you can define for your system.

  1. To view all system and user-defined rules, go to Analytics > Rules.
  2. For multi-tenant deployments, use the Organizations menu in the upper-right corner of the Rules List pane to filter rules by organization.
  3. Select any rule in the Rules List to view information about it.

All rules have three information tabs:

Tab Description
Summary This tab provides an overview of the rule’s logic, its status, and its notification settings.
Definition An XML definition of the rule. This is what will be copied to your clipboard if you Export a rule.
Test Results If you are testing a rule, you can view the results here.

 

 

This entry was posted in Administration Guides, FortiSIEM on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.