Support

Support for business applications

Kaspersky CyberTrace

Installation and integration guides

Part 2: Integrating Kaspersky CyberTrace with an event source

Integration with FortiSIEM

Looking up events received from Kaspersky CyberTrace in FortiSIEM
Kaspersky CyberTrace
Нет результатов
Online Help
FAQ System requirements Download Contact support Recovery tools Product videos

Looking up events received from Kaspersky CyberTrace in FortiSIEM

April 11, 2024

ID 181637

This section describes how to browse, in FortiSIEM, only those events that are received from Kaspersky CyberTrace.

To browse, in FortiSIEM, events received from Kaspersky CyberTrace:

  1. Open the FortiSIEM web console.
  2. Select the Analytics tab.
  3. Click inside the Edit Filter and Time Range field.

    The Filters form appears which allows you to set a filter and time range for events.

  4. Specify the following filter:
    • Attribute: Reporting Vendor
    • Operator: =
    • Value: Kaspersky
  5. Click the plus sign (+) in the Row column.
  6. In the new row specify another filter:
    • Attribute: Reporting Model
    • Operator: =
    • Value: CyberTrace
  7. In the Time settings group, specify the period during which the desired events arrived to FortiSIEM.
  8. Click Save & Run.

    The Analysis tab now contains only those events from Kaspersky CyberTrace that arrived during the selected period.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.