Fortinet FortiWeb Add-On for Splunk is the technical add-on (TA) developed by Fortinet, Inc. The add-on enables Splunk Enterprise to ingest or map attack, traffic and event logs collected from FortiWeb physical and virtual appliances across domains. The key features include:
• Streamlining authentication and access from FortiWeb such as administrator login, user login to Splunk Enterprise Security Access Center
• Mapping FortiWeb threats report into Splunk Enterprise Security Endpoint Malware Center
• Ingesting attack logs, traffic logs and event logs etc.
The compatible FortiWeb version is 6.2.0 and later.