Fortinet black logo

New Features

Home FortiAnalyzer 6.4.0 New Features

Incident page improvement 6.4.1

6.4.0
7.4.0
7.2.0
7.0.0
6.4.0
6.2.3
6.2.2
6.2.1
6.2.0
Copy Link
Copy Doc ID 437aa0e1-63d2-11ea-9384-00505692583a:985941
Download PDF

Incident page improvement 6.4.1

This is an enhancement to the incident analysis page that offers a more useful view for users by introducing Processes, Software and Vulnerabilities tabs. These tabs include endpoint information that attaches to incidents.

To view the incident page improvements:
  1. Go to FortiSOC > Incidents, and select an incident to view the Incident Analysis page.
    • Incident attachment for endpoint processes:
      • Click the table view icon in the top-right corner in the attachment section to view endpoint processes in a table format.
      • Click the raw data icon in the top-right corner in the attachment section to view endpoint process information as raw data.
      • Select a time from the snapshots dropdown to view different snapshots.
      • Enter search keywords in the search field to view filtered records which match the keyword. Matching keywords are highlighted in the results.
    • Incident attachment for installed software.
      • Click the table view in the top-right corner in the attachment section to view installed software in a table format.
      • Click the raw data icon in the top-right corner in the attachment section to view installed software information as raw data.
      • Select a time from the snapshots dropdown to view different snapshots.
      • Enter search keywords in the search field to view filtered records which match the keyword. Matching keywords are highlighted in the results.
    • Incident attachment for endpoint vulnerabilities.
      • Click the table view icon in the top-right corner in the attachment section to view endpoint vulnerabilities in a table format.
      • Click the raw data icon in the top-right corner in the attachment section to view endpoint process information as raw data.
      • Select a time from the snapshots dropdown to view different snapshots.
      • Enter search keywords in the search field to view filtered records which match the keyword. Matching keywords are highlighted in the results.
Previous
Next

Incident page improvement 6.4.1

This is an enhancement to the incident analysis page that offers a more useful view for users by introducing Processes, Software and Vulnerabilities tabs. These tabs include endpoint information that attaches to incidents.

To view the incident page improvements:
  1. Go to FortiSOC > Incidents, and select an incident to view the Incident Analysis page.
    • Incident attachment for endpoint processes:
      • Click the table view icon in the top-right corner in the attachment section to view endpoint processes in a table format.
      • Click the raw data icon in the top-right corner in the attachment section to view endpoint process information as raw data.
      • Select a time from the snapshots dropdown to view different snapshots.
      • Enter search keywords in the search field to view filtered records which match the keyword. Matching keywords are highlighted in the results.
    • Incident attachment for installed software.
      • Click the table view in the top-right corner in the attachment section to view installed software in a table format.
      • Click the raw data icon in the top-right corner in the attachment section to view installed software information as raw data.
      • Select a time from the snapshots dropdown to view different snapshots.
      • Enter search keywords in the search field to view filtered records which match the keyword. Matching keywords are highlighted in the results.
    • Incident attachment for endpoint vulnerabilities.
      • Click the table view icon in the top-right corner in the attachment section to view endpoint vulnerabilities in a table format.
      • Click the raw data icon in the top-right corner in the attachment section to view endpoint process information as raw data.
      • Select a time from the snapshots dropdown to view different snapshots.
      • Enter search keywords in the search field to view filtered records which match the keyword. Matching keywords are highlighted in the results.
Previous
Next