Home

> Incidents

Incidents

When a correlation rule triggers, an incident is created in FortiSIEM. This section explains how to view and manage Incidents in FortiSIEM.

There are three views:

  • List View: This tabular view enables the user to search incidents and take actions.
  • Overview: This view provides a 'Top down' view of the various types of Incidents and impacted hosts.
  • Risk View: This view organizes impacted entities (hosts, users) by Risk based on the triggered incidents.