Submit Search

Viewing Rules

FortiSIEM includes a large set of rules for Availability, Performance, Change, Security and Beaconing groups in addition to the rules that you can define for your system.

Follow the procedure below to view all system and user-defined rules:

Go to RESOURCES > Rules.
Use the System drop-down menu of the Rules list pane to filter rules by Organization.

Select any rule in the Rules list to view related information in the lower pane.

All rules have two information tabs:

Tabs	Description
Summary	This tab provides an overview of the rule logic, its status, and notification settings.
Test Results	If you are testing a rule, you can view the results here. Note: Active rules cannot be tested. You need to deactivate a rule before testing.

Tabs

Description

Summary

This tab provides an overview of the rule logic, its status, and notification settings.

Test Results

If you are testing a rule, you can view the results here.

Note: Active rules cannot be tested. You need to deactivate a rule before testing.

FortiSIEM 5.1.0

Viewing Rules