Integration FortiDLP to Elastic SIEM

Charles_Nkuna · May 30, 2025, 8:28am

Hello,

Just wanted to ask if its possible to intergrate FortiDLP with Elastic...if so based on the methode or mode below can we use :

The Event Streaming Service supports two modes of event ingestion:

Websocket mode: A mode in which the SIEM tool connects to the API via a websocket connection. In this mode, the websocket connection maintains a persistent connection to the event stream, meaning events are continuously streamed to the SIEM tool.
Long polling mode: A mode in which the SIEM tool requests a batch of events from the API via HTTP. In this mode, the batch of events received includes those already queued in the stream and/or those queued within 30 seconds from the time of the request.

Your assistance will be appreciated

Thanks

Topic		Replies	Views
Cannot Integrate FortiEDR Logs in Elastic SIEM Elastic Security	6	139	October 31, 2024
SnipeIT Integration Elasticsearch	0	94	May 15, 2024
ElasticSIEM unable to find [logs-endpoint.alerts SIEM	12	4116	August 18, 2021
Fortiweb Cloud custom integration Elastic Security	4	69	March 6, 2025
FortiAnalyzer logs to SIEM SIEM	2	3370	August 15, 2019