Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • New Features

    Home FortiAnalyzer 7.4.0 New Features
    7.4.0
    7.6.0
    7.4.0
    7.2.0
    7.0.0
    6.4.0
    6.2.3
    6.2.2
    6.2.1
    6.2.0

    FortiSoC GUI reorganization

    FortiSoC GUI reorganization

    The FortiSoC features have been organized in the following areas of the GUI:

    • Incidents & Events

    • FortiView

    • Fabric View

    To create and manage events, go to Incidents & Events.

    Incidents & Events includes the following:

    Event Monitor

    View events generated by event handlers.

    For more information, see the FortiAnalyzer Administration Guide.
    Handlers

    Configure data selectors, notification profiles, basic event handlers, and correlation event handlers.

    For more information, see the FortiAnalyzer Administration Guide.

    Incidents

    Create and update incidents to track and analyze events.

    For more information, see the FortiAnalyzer Administration Guide.

    Threat Hunting

    View a log count chart and SIEM log analytics table. The Threat Hunting dashboard is only available in Fabric ADOMs when ADOMs are enabled.

    For more information, see the FortiAnalyzer Administration Guide.

    Log Parser

    View and manage SIEM log parsers.

    For more information, see the FortiAnalyzer Administration Guide.

    Outbreak Alerts

    View outbreak alerts and automatically download related event handlers and reports from FortiGuard. The FortiAnalyzer Outbreak Detection Service is a licensed feature.

    For more information, see the FortiAnalyzer Administration Guide.

    To review incidents and events in dashboards, go to FortiView > Monitors > Incidents & Events.

    FortiView > Monitors > Incidents & Events includes the following dashboards:

    Events

    This dashboard includes the following widgets:

    • Event Summary

    • Top 10 Events by Type

    • Events by Severity

    • Top 10 Events by Handler
    Incidents

    This dashboard includes the following widgets:

    • Total Incidents

    • Unsolved Incidents

    • Incidents Timeline

    To configure FortiSoC playbooks, go to Fabric View > Automation.

    Fabric View > Automation includes the following:

    Summary

    View playbook performance in a dashboard. This includes widgets for total playbooks, playbooks executed, and an actions trend.

    For more information, see the FortiAnalyzer Administration Guide.
    Connectors

    View the status of available connectors supported for playbook automation.

    For more information, see the FortiAnalyzer Administration Guide.

    Playbook

    Configure and manage playbooks.

    For more information, see the FortiAnalyzer Administration Guide.

    Playbook Monitor

    View playbook jobs in a table view.

    For more information, see the FortiAnalyzer Administration Guide.
    Previous
    Next

    FortiSoC GUI reorganization

    FortiSoC GUI reorganization

    The FortiSoC features have been organized in the following areas of the GUI:

    • Incidents & Events

    • FortiView

    • Fabric View

    To create and manage events, go to Incidents & Events.

    Incidents & Events includes the following:

    Event Monitor

    View events generated by event handlers.

    For more information, see the FortiAnalyzer Administration Guide.
    Handlers

    Configure data selectors, notification profiles, basic event handlers, and correlation event handlers.

    For more information, see the FortiAnalyzer Administration Guide.

    Incidents

    Create and update incidents to track and analyze events.

    For more information, see the FortiAnalyzer Administration Guide.

    Threat Hunting

    View a log count chart and SIEM log analytics table. The Threat Hunting dashboard is only available in Fabric ADOMs when ADOMs are enabled.

    For more information, see the FortiAnalyzer Administration Guide.

    Log Parser

    View and manage SIEM log parsers.

    For more information, see the FortiAnalyzer Administration Guide.

    Outbreak Alerts

    View outbreak alerts and automatically download related event handlers and reports from FortiGuard. The FortiAnalyzer Outbreak Detection Service is a licensed feature.

    For more information, see the FortiAnalyzer Administration Guide.

    To review incidents and events in dashboards, go to FortiView > Monitors > Incidents & Events.

    FortiView > Monitors > Incidents & Events includes the following dashboards:

    Events

    This dashboard includes the following widgets:

    • Event Summary

    • Top 10 Events by Type

    • Events by Severity

    • Top 10 Events by Handler
    Incidents

    This dashboard includes the following widgets:

    • Total Incidents

    • Unsolved Incidents

    • Incidents Timeline

    To configure FortiSoC playbooks, go to Fabric View > Automation.

    Fabric View > Automation includes the following:

    Summary

    View playbook performance in a dashboard. This includes widgets for total playbooks, playbooks executed, and an actions trend.

    For more information, see the FortiAnalyzer Administration Guide.
    Connectors

    View the status of available connectors supported for playbook automation.

    For more information, see the FortiAnalyzer Administration Guide.

    Playbook

    Configure and manage playbooks.

    For more information, see the FortiAnalyzer Administration Guide.

    Playbook Monitor

    View playbook jobs in a table view.

    For more information, see the FortiAnalyzer Administration Guide.
    Previous
    Next