#FortiSIEM
Use FortiSIEM v2 to fetch and update incidents, search events and manage watchlists of FortiSIEM.
FortiSIEM
- Details
- Content
- Dependencies
- Version History
Search and update events of FortiSIEM and manage resource lists.
Integrations
| Name | Description |
|---|---|
| FortiSIEM | Search and update events of FortiSIEM and manage resource lists. |
| FortiSIEM v2 | Use FortiSIEM v2 to fetch and update incidents, search events and manage watchlists of FortiSIEM. |
Classifiers
| Name | Description |
|---|---|
FortiSIEM v2 |
Incident Fields
| Name | Description |
|---|---|
FortiSIEM Incident ID | |
FortiSIEM Incident Severity | |
FortiSIEM Incident First Seen | |
FortiSIEM Event Type | |
FortiSIEM Attack Tactics | |
FortiSIEM Incident Last Seen | |
FortiSIEM Events Count | |
FortiSIEM Incident Reporter IP | |
FortiSIEM Events | |
FortiSIEM Destination User | |
FortiSIEM Resolution Status | |
FortiSIEM Status | |
FortiSIEM Incident Report Device Name |
Layouts
| Name | Description |
|---|---|
FortiSIEM incident Layout |
Incident Types
| Name | Description |
|---|---|
FortiSIEM |
Playbooks
| Name | Description |
|---|---|
| GenericPolling-FortiSIEM | This playbook executes a search query to retrieve FortiSIEM Events. |
Playbooks
| Name | Description |
|---|---|
| GenericPolling-FortiSIEM | This playbook executes a search query to retrieve FortiSIEM Events. |
Integrations
| Name | Description |
|---|---|
| FortiSIEM v2 | Use FortiSIEM v2 to fetch and update incidents, search events and manage watchlists of FortiSIEM. |
| FortiSIEM | Search and update events of FortiSIEM and manage resource lists. |
Incident Fields
| Name | Description |
|---|---|
FortiSIEM Destination User | |
FortiSIEM Incident Last Seen | |
FortiSIEM Incident Report Device Name | |
FortiSIEM Incident Severity | |
FortiSIEM Event Type | |
FortiSIEM Incident First Seen | |
FortiSIEM Status | |
FortiSIEM Events Count | |
FortiSIEM Attack Tactics | |
FortiSIEM Incident Reporter IP | |
FortiSIEM Incident ID | |
FortiSIEM Events | |
FortiSIEM Resolution Status |
Incident Types
| Name | Description |
|---|---|
FortiSIEM |
Classifiers
| Name | Description |
|---|---|
FortiSIEM v2 |
Required Content Packs (11)
| Pack Name | Pack By |
|---|---|
| CommonPlaybooks | By: Cortex XSOAR |
| Base | By: Cortex XSOAR |
| CommonScripts | By: Cortex XSOAR |
| CoreAlertFields | By: Cortex XSOAR |
| CommonTypes | By: Cortex XSOAR |
| rasterize | By: Cortex XSOAR |
| Active_Directory_Query | By: Cortex XSOAR |
| Core | By: Cortex XSOAR |
| Palo_Alto_Networks_WildFire | By: Cortex XSOAR |
| FiltersAndTransformers | By: Cortex XSOAR |
| DemistoRESTAPI | By: Cortex XSOAR |
Optional Content Packs (0)
| Pack Name | Pack By |
|---|
2.0.2 - 2836953 (April 28, 2022)
Integrations
Google Sheets
- Updated formatting of integration parameters.
2.0.1 - 2816986 (April 25, 2022)
Integrations
FortiSIEM
- Updated the Docker image to: demisto/python:2.7.18.27799.
2.0.0 - 2813273 (April 25, 2022)
Incident Fields
- FortiSIEM Incident Last Seen
- FortiSIEM Incident First Seen
- FortiSIEM Event Type
- FortiSIEM Incident ID
- FortiSIEM Incident Reporter IP
- FortiSIEM Events
- FortiSIEM Incident Report Device Name
- FortiSIEM Events Count
- FortiSIEM Status
- FortiSIEM Destination User
- FortiSIEM Attack Tactics
- FortiSIEM Resolution Status
- FortiSIEM Incident Severity
Incident Types
- FortiSIEM
Integrations
FortiSIEM
- Updated formatting of integration parameters.
New: FortiSIEM v2
- Use FortiSIEM v2 to fetch and update incidents, search events and manage watchlists of FortiSIEM. (Available from Cortex XSOAR 6.0.0).
Layouts
- New: FortiSIEM incident Layout
- (Available from Cortex XSOAR 6.0.0).
Mappers
New: FortiSIEM v2
- (Available from Cortex XSOAR 6.0.0).
Playbooks
New: GenericPolling-FortiSIEM
- (Available from Cortex XSOAR 6.0.0).
1.0.4 - R2146019 (December 21, 2021)
Integrations
FortiSIEM
- Updated the Docker image to: demisto/python:2.7.18.24398.
1.0.3 - 7567740 (September 12, 2021)
Integrations
FortiSIEM
- Updated the Docker image to: demisto/python:2.7.18.24066.
1.0.2 - 398245 (July 15, 2021)
Integrations
FortiSIEM
- Updated the Docker image to: demisto/python:2.7.18.20958.
1.0.1 - R264879 (November 9, 2020)
Integrations
FortiSIEM
- Fixed an issue where the fortisiem-get-events-by-incident command did not return results.
PUBLISHER
Cortex
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | November 9, 2020 | |
| Last Release | September 10, 2022 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
