Use FortiSoC/Incidents & Events to generate, monitor, and manage alerts and events from logs. The live monitoring of security events is a powerful and enabling feature for security operations. Incidents can be created from events to track and respond to suspicious or malicious activities.
By default, incidents and events can be managed through the FortiSOC module. See FortiSoC.
When the FortiSoC module is disabled, incidents and event management is available through the Incidents & Events module.