Re: Decoder for Forticlient and FortiEDR
143 views
Skip to first unread message
Message has been deleted
Kasim Mustapha
Aug 29, 2023, 6:43:50 AM8/29/23
to Wazuh | Mailing List
Hello Fidel,
Apologies for the late response.
To address this issue, we recommend creating custom decoders for the EDR and Forticlient logs.
By creating custom decoders, you can ensure that Wazuh can properly parse and analyze the logs from these sources.
https://wazuh.com/blog/creating-decoders-and-rules-from-scratch/
https://wazuh.com/blog/creating-decoders-and-rules-from-scratch/
If you need assistance in creating custom decoders, please let us know and we will be happy to help.
Regards,
Kasim
On Tuesday, August 29, 2023 at 9:51:21 AM UTC+1 Fidel wrote:
I'm sending all logs from Fortinet firewalls, EDR and Forticlient through Fortianalyzer but Wazuh only decoders the firewalls logs because there isn't a specific decoder to the others.
Reply all
Reply to author
Forward
Message has been deleted
Message has been deleted
0 new messages