Hi,
I'm in the process of defining a LSX for FortiWeb device, which are current shown as unknown (UDSM) by Qradar.
Fortiweb 400C
Serial Number FV400C3M13000193
Firmware Version FortiWeb-400C 5.06,build0091,140212
Here is the XML file:
...
Hello,
We have events "Unrecognized Threat Vulnerability Exploit Event" which this matches the vulnerability signature corresponds to "JCE Vulnerability Scanning Detection (36268)" Manufacturer Palo Alto.
What QID map correspond of SIEM?
Enterasy...
Hi
We have implemented Aptilo platform and would like to get help on the settings for sending syslog to our SIEM:
Aptilo AC
Aptilo CORE 5 - Linux ac1.wificiutada.intra 2.6.18-274.12.1.el5 #1 SMP Tue Nov 29 13:37:35 EST 2011 i68...
Hi
I like to receive through syslog to my SIEM the "event logging" generated by a BlueCoat SG810. I already configured the BlueCoat and in my SIEM, in LOG ACTIVITY, this is what appears
Event Name:Unknown log event
Low Level Category:Unknown Generi...
I have my server logs SIEM dragon set up as follows:
1. I have multiple devices configured to send logs to my server logs (SIEM Dragon); Log Sources from different customers.
2. I created a group for each customer (Log Source Groups) and I have g...
