• Support
  • Forums
  • Blogs

FortiOS 5.0 correlation

mmeznarsicmmeznarsic

Entry Level
I've got a plugin for the FortiOS 5.0 firewall running in my environment and getting nice normalized even in the SIEM section of Alienvault 4.10 now. However, I'm at the point where I'm thinking about directives and cross-correlation, I was wondering if anyone else has setup their system for this already and has any best practices ideas for a balance of not missing anything, but not overly noisy.

Share post:

This discussion has been closed.