Configuring the Agent offline warning

To configure the Agent offline warning, follow these steps.

How to configure the Agent offline warning

1. In the FortiDLP Console, on the left-hand sidebar, click .
2. Select the Agent configuration tab.
3. In the Agent offline warning section, do the following:
   1. In the Days field, type or select a number to define the number of days after which a node is considered offline. Only whole numbers are supported.
   2. In the Scope section, do one of the following:
   • To apply the configuration to all nodes, leave the All agents radio button selected.
   • To apply the configuration to a subset of nodes:
   1. Select the Specific agents radio button.
   2. In the label list, select one or more labels for the nodes you want to apply the configuration to.
   3. Do one of the following:
      • To include nodes that have all of the previously selected labels, select the Require all radio button.
      • To include nodes that have any of the previously selected labels, select the Require any radio button.
3. Optionally, to enable offline node detections:
   1. Turn the Raise a detection when Agents go offline toggle on.
   2. In the Risk score field, type a number between 0–100 to define the detection's risk score.

   A detection that has a risk score of 0 is classified as no severity. A detection that has a risk score between 1–39 is classified as low severity. A detection that has a risk score between 40–69 is classified as medium severity. A detection that has a risk score between 70–89 is classified as high severity. A detection that has a risk score between 90–100 is classified as critical severity.

   3. Optionally, in the Tags field, type one or more keywords or terms to describe the detection, separated by a space. A default value of systemsecurity is provided.
      
4. Click Save.

If you decide to later disable Agent offline warning detections, just turn the Raise a detection when Agents go offline toggle off and resave the configuration.