Overview
What's new in 5.0.0
Key Concepts
Getting Started
Advanced Operations
Administration
Setup
Configuring Storage
Configuring Organizations
Configuring Event Collector
Configuring Windows Agent
Setting Credentials
Discovering Devices
Editing Event Pulling
Editing Performance Monitors
Configuring Synthetic Transaction Monitors
Configuring Maintenance Calendars
Device support
Working with Devices and Applications
Working with Event Attributes
Working with Event Types
Working with Parsers
Creating Custom Performance Monitors
Working with Custom Property
Health
Viewing Cloud Health
Viewing Collector Health
Viewing Windows Agent Health
Viewing Elasticsearch Health
License
Viewing License information
Viewing License Usage
Adding Nodes
Data Update
General Settings
System Settings
Analytics Settings
Discovery Settings
Monitoring Settings
Event Handling Settings
External Authentication Settings
Incident Notification Settings
External System Integration Settings
Role Settings
Ticket Escalation Settings
Managing CMDB
Devices
Viewing Device Information
Editing Devices
Working with Device Groups
Applications
Viewing Application Information
Editing Applications
Working with Application Groups
Users
Viewing Users
Editing User Information
Working with User Groups
Business Services
Viewing Business Services
Creating Business Services
Working with Business Service Groups
CMDB Reports
Creating a new CMDB Report
Scheduling a CMDB Report
Running a CMDB Report
Adding CMDB Report to Dashboard
Managing Resources
Reports
Viewing System Reports
Creating a new Report
Running System Reports
Scheduling a Report
Rules
Creating a Rule
Activating and Deactivating a Rule
Testing a Rule
Viewing Types of Rules
Importing and Exporting Rules
Network
Adding a Network
Modifying a Network
Deleting a Network
Watch List
System-defined Watch List
Creating a Watch List
Modifying a Watch list
Using a Watch List
Exporting and Importing Watch List
Protocols
Adding a Protocol
Modifying a Protocol
Deleting a Protocol
Event types
Adding an Event type
Modifying an Event type
Deleting an Event type
Malware domains
Adding a Malware Domain
Modifying a Malware Domain
Deleting a Malware Domain
Malware IPs
Adding a Malware IP
Modifying a Malware IP
Deleting a Malware IP
Importing Malware IPs
Malware URLs
Adding a Malware URL
Modifying a Malware URL
Deleting a Malware URL
Importing Malware URLs
Malware processes
Adding Malware Processes
Modifying Malware Processes
Deleting a Malware Processes
Country groups
Adding a Country Group
Modifying Country Groups
Deleting a Country Group
Malware Hash
Adding a Malware Hash
Modifying a Malware Hash
Updating System-Defined Malware Hash Group
Default Password
Adding a Default Password
Modifying Default Password
Importing and Exporting Default Password
Anonymity Network
Adding Anonymity Networks
Modifying Anonymity Networks
Updating Anonymity Networks
User Agents
Adding User Agents
Modifying User Agents
Importing and Exporting User Agents
Working with Cases
Creating a Ticket
Editing a Ticket
Searching a Ticket
Escalating a Ticket
Exporting a Ticket
Working with Incidents
List View
Overview
Risk View
Analytics
Running a Built-in Search
Understanding Search Components
Viewing Historical Search Results
Viewing Real-time Search Result
Saving Search Results
Viewing Saved Search Results
Exporting Results
Emailing Results
Creating a Rule from Search
Dashboard
Viewing System Dashboards
Modifying System Dashboards
Creating New Dashboards
Deleting Dashboards
Importing and Exporting Dashboards
Appendix
Appendix A: Flash to HTML GUI mapping
All Files
FortiSIEM 5.0.0
Home
FortiSIEM Library
Support
Fuse
All Files
Home
Online Help
Overview
What's new in 5.0.0
Key Concepts
Getting Started
Advanced Operations
Administration
Setup
Configuring Storage
Configuring Organizations
Configuring Event Collector
Configuring Windows Agent
Setting Credentials
Discovering Devices
Editing Event Pulling
Editing Performance Monitors
Configuring Synthetic Transaction Monitors
Configuring Maintenance Calendars
Device support
Working with Devices and Applications
Working with Event Attributes
Working with Event Types
Working with Parsers
Creating Custom Performance Monitors
Working with Custom Property
Health
Viewing Cloud Health
Viewing Collector Health
Viewing Windows Agent Health
Viewing Elasticsearch Health
License
Viewing License information
Viewing License Usage
Adding Nodes
Data Update
General Settings
System Settings
Analytics Settings
Discovery Settings
Monitoring Settings
Event Handling Settings
External Authentication Settings
Incident Notification Settings
External System Integration Settings
Role Settings
Ticket Escalation Settings
Managing CMDB
Devices
Viewing Device Information
Editing Devices
Working with Device Groups
Applications
Viewing Application Information
Editing Applications
Working with Application Groups
Users
Viewing Users
Editing User Information
Working with User Groups
Business Services
Viewing Business Services
Creating Business Services
Working with Business Service Groups
CMDB Reports
Creating a new CMDB Report
Scheduling a CMDB Report
Running a CMDB Report
Adding CMDB Report to Dashboard
Managing Resources
Reports
Viewing System Reports
Creating a new Report
Running System Reports
Scheduling a Report
Rules
Creating a Rule
Activating and Deactivating a Rule
Testing a Rule
Viewing Types of Rules
Importing and Exporting Rules
Network
Adding a Network
Modifying a Network
Deleting a Network
Watch List
System-defined Watch List
Creating a Watch List
Modifying a Watch list
Using a Watch List
Exporting and Importing Watch List
Protocols
Adding a Protocol
Modifying a Protocol
Deleting a Protocol
Event types
Adding an Event type
Modifying an Event type
Deleting an Event type
Malware domains
Adding a Malware Domain
Modifying a Malware Domain
Deleting a Malware Domain
Malware IPs
Adding a Malware IP
Modifying a Malware IP
Deleting a Malware IP
Importing Malware IPs
Malware URLs
Adding a Malware URL
Modifying a Malware URL
Deleting a Malware URL
Importing Malware URLs
Malware processes
Adding Malware Processes
Modifying Malware Processes
Deleting a Malware Processes
Country groups
Adding a Country Group
Modifying Country Groups
Deleting a Country Group
Malware Hash
Adding a Malware Hash
Modifying a Malware Hash
Updating System-Defined Malware Hash Group
Default Password
Adding a Default Password
Modifying Default Password
Importing and Exporting Default Password
Anonymity Network
Adding Anonymity Networks
Modifying Anonymity Networks
Updating Anonymity Networks
User Agents
Adding User Agents
Modifying User Agents
Importing and Exporting User Agents
Working with Cases
Creating a Ticket
Editing a Ticket
Searching a Ticket
Escalating a Ticket
Exporting a Ticket
Working with Incidents
List View
Overview
Risk View
Analytics
Running a Built-in Search
Understanding Search Components
Viewing Historical Search Results
Viewing Real-time Search Result
Saving Search Results
Viewing Saved Search Results
Exporting Results
Emailing Results
Creating a Rule from Search
Dashboard
Viewing System Dashboards
Modifying System Dashboards
Creating New Dashboards
Deleting Dashboards
Importing and Exporting Dashboards
Appendix
Appendix A: Flash to HTML GUI mapping