Scripting

Expand all | Collapse all

Help with LSX XML File - Fortiweb 400C UDSM

  • 1.  Help with LSX XML File - Fortiweb 400C UDSM

    Posted 02-24-2015 17:04
    Hi,

    I'm in the process of defining a LSX for FortiWeb device, which are current shown as unknown (UDSM) by Qradar.

    Fortiweb 400C

    Serial Number FV400C3M13000193

    Firmware Version FortiWeb-400C 5.06,build0091,140212

    Here is the XML file:









    It does not work. What am I doing wrong?

    Thanks,





  • 2.  RE: Help with LSX XML File - Fortiweb 400C UDSM

    Posted 05-05-2017 05:11
    Hi cos, I am working on something similar.
    All I did was looked for a unique pattern for the EVENT NAME field. If that matches correctly, all other fields are parsed as expected.