FortiSIEM Monitoring Custom Applications

Monitoring Custom Applications

While FortiSIEM provides support for many applications, there may also be situations in which you have a custom application running in your infrastructure that you want to monitor. This topic explains how to set up FortiSIEM to monitor that application, and add it to a business service.

  1. Log in to your Supervisor.
  2. Go to CMDB > Applications, and either select a group where you want to add the application, or create a new one.
  3. Click New, and enter an Application Name and a Process Name.
  4. Click Save.
  5. Initiate discovery of the server where the application is running.
  6. Go to CMDB > Devices and select the server.
  7. Click the Software tab and make sure the application has been discovered.
  8. Go to General Settings > Monitoring > Important Processes.
  9. Click Add and enter the name of the process that the application is running on.
  10. Click Apply All.
  11. Run a structured historical search using these attributes to make sure the process utilization metrics are being received by FortiSIEM.
Attribute Value
Reporting IP The IP address of the server where the application is running
Event Type PH_DEV_MON_PROC_RESOURCE_UTIL
Application Name The name of the application
  1. Add your application to a business service.

You should now be able to go Dashboard > Summary Dashboards > Biz Service Summary and see your process running under Top Monitored Processes when you select the associated business service.

This entry was posted in Administration Guides, FortiSIEM on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.