Enabling managed SOC service
With a valid license, you can enable the Managed SOC Service option to give the Fortinet SOC service team permission to manage your instance of FortiAnalyzer Cloud. Once the service is enabled, Fortinet will configure your instance to enable the SOC team to monitor FortiGate logs for incident detection. For more information about enabling the service from FortiAnalyzer Cloud, see the SOCaaS User Guide.
You can continue configuring FortiAnalyzer after you enable the service. If you disable or delete a custom event handler with the prefix SOCaaS, the SOC service will not work as designed.
To disable the service, submit a service request from the SOC portal.
To enable SOC management:
- Go to System Settings > Dashboard.
- In the System Information widget, enable Managed SOC Service. The Managed SOC Service dialog is displayed.
- Click OK.