Fortinet FortiGate Add-On for Splunk

Splunk Community

Fortinet FortiGate Add-On for Splunk

Fortinet FortiGate Add-On for Splunk
Fortinet FortiGate Add-On for Splunk is the technical add-on (TA) developed by Fortinet, Inc. The add-on enables Splunk Enterprise to ingest or map security and traffic data collected from FortiGate physical and virtual appliances across domains. The key features include: • Streamlining authentication and access from FortiGate such as administrator login, user login, VPN termination authentication into to Splunk Enterprise Security Access Center • Mapping FortiGate virus report into Splunk Enterprise Security Endpoint Malware Center • Ingesting traffic logs, IPS logs, system configuration logs and Web filtering data etc. Fortinet FortiGate Add-On for Splunk provides common information model (CIM) knowledge, advanced “saved search”, indexers and macros to use with other Splunk Enterprise apps such as Splunk App for Enterprise Security. The compatible FOS version is 5.0 and later.
2 topics and 0 replies mentioned Fortinet FortiGate Add-On for Splunk in
Latest Topics
Latest Replies
No posts to display.
Top Topics
My Topics
No posts to display.