Hi,
I'm wondering why Fortigate is not listed under the "Network events" pane in Security overview dashboard? Including screenshot for reference.
Fortigate is an integration available to add, so I think it should be listed.
I did dig throught the code and found it's missing : kibana/x-pack/solutions/security/plugins/security_solution/common/search_strategy/security_solution/network/overview/index.ts at 2ca700ab74545de98bb9df845c722d3ebe474573 · elastic/kibana · GitHub
Anyone?
I pinged internal. See if anybody comes back
hi @dot-mike, I think we would broaden it out to all Fortinet data instead of Fortigate. I was looking at our integration data streams and they all seem to set observer.vendor to "Fortinet", so maybe that is the filter we could use to get the count.
If you have some data locally maybe you could confirm this filter brings back the expected count?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
