Fortinet black logo

New Features

Home FortiAnalyzer 6.2.1 New Features

Event handlers updated to detect risky access over SSL and SSH

6.2.1
7.4.0
7.2.0
7.0.0
6.4.0
6.2.3
6.2.2
6.2.1
6.2.0
Copy Link
Copy Doc ID fac241c6-8ba3-11e9-81a4-00505692583a:703874
Download PDF

Event handlers updated to detect risky access over SSL and SSH

Default event handlers have been updated to detect risky access over SSL and SSH, and generate security events.

  1. Predefined event handlers are updated in the Event Handler List to include Default-Risky-Destination-Detection-By-Endpoint and Default-Risky-Destination-Detection-By-Threat.

  2. The following is an example of the updated Default-Risky-Destination-Detection-By-Endpoint handler for SSL and SSH logs.

  3. The following is an example of the updated Default-Risky-Destination-Detection-By-Threat handler for SSL and SSH logs.

  4. The following is an example of events triggered by SSL and SSH logs from Default-Risky-Destination-Detection-By-Threat/By-Endpoint handlers.

Previous
Next

Event handlers updated to detect risky access over SSL and SSH

Default event handlers have been updated to detect risky access over SSL and SSH, and generate security events.

  1. Predefined event handlers are updated in the Event Handler List to include Default-Risky-Destination-Detection-By-Endpoint and Default-Risky-Destination-Detection-By-Threat.

  2. The following is an example of the updated Default-Risky-Destination-Detection-By-Endpoint handler for SSL and SSH logs.

  3. The following is an example of the updated Default-Risky-Destination-Detection-By-Threat handler for SSL and SSH logs.

  4. The following is an example of events triggered by SSL and SSH logs from Default-Risky-Destination-Detection-By-Threat/By-Endpoint handlers.

Previous
Next