Fortinet black logo

Administration Guide

Triggers

Copy Link
Copy Doc ID 825689eb-200d-11e9-b6f6-f8bc1258b856:165424
Download PDF

Triggers

Create triggers for security rules to correlate incoming security events from network devices. When an incoming security event satisfies a trigger, all security rules using the trigger are evaluated in order of their rank. A security alarm is created based on the first security rule which also matches its optional User/Host Profile. If no security rules are matched, an alarm is not created. An optional security action will be associated to the alarm and, if selected, will be executed automatically.

See Navigation and Filters for information on common navigation tools and data filters.

Settings

Field

Definition

Add Filter drop-down list

Allows you to select a field from the current view to filter information. Select the field from the drop-down list, and then enter the information you wish to filter.

Update Button

Displays the filtered data in the table.

Table columns

Name

User defined name for the trigger. The type of event that will activate the rule if the rule is enabled.

Time Limit

The time span to satisfy all required filters for the trigger to be satisfied.

Filter Match

The number of filters that must be matched by security events for the trigger to be satisfied. Select Any to set the minimum number of filters that must be matched. Select All to specify that all filters must be matched.

Total Filters

The number of security filters associated with the security trigger.

Last Modified By

User name of the last user to modify the security trigger.

Last Modified Date

Date and time of the last modification to this security trigger.

Right click options

Delete

Deletes the selected trigger.

Modify

Opens the Modify Security Trigger window for the selected trigger.

Show Audit Log

Opens the Admin Auditing Log showing all changes made to the selected item.

For information about the Admin Auditing Log, see Admin auditing.

Note

You must have permission to view the Admin Auditing Log. See Add an admin profile

Buttons

Export

Exports the data displayed to a file in the default downloads location. File types include CSV, Excel, PDF or RTF. See Export data.

Triggers

Create triggers for security rules to correlate incoming security events from network devices. When an incoming security event satisfies a trigger, all security rules using the trigger are evaluated in order of their rank. A security alarm is created based on the first security rule which also matches its optional User/Host Profile. If no security rules are matched, an alarm is not created. An optional security action will be associated to the alarm and, if selected, will be executed automatically.

See Navigation and Filters for information on common navigation tools and data filters.

Settings

Field

Definition

Add Filter drop-down list

Allows you to select a field from the current view to filter information. Select the field from the drop-down list, and then enter the information you wish to filter.

Update Button

Displays the filtered data in the table.

Table columns

Name

User defined name for the trigger. The type of event that will activate the rule if the rule is enabled.

Time Limit

The time span to satisfy all required filters for the trigger to be satisfied.

Filter Match

The number of filters that must be matched by security events for the trigger to be satisfied. Select Any to set the minimum number of filters that must be matched. Select All to specify that all filters must be matched.

Total Filters

The number of security filters associated with the security trigger.

Last Modified By

User name of the last user to modify the security trigger.

Last Modified Date

Date and time of the last modification to this security trigger.

Right click options

Delete

Deletes the selected trigger.

Modify

Opens the Modify Security Trigger window for the selected trigger.

Show Audit Log

Opens the Admin Auditing Log showing all changes made to the selected item.

For information about the Admin Auditing Log, see Admin auditing.

Note

You must have permission to view the Admin Auditing Log. See Add an admin profile

Buttons

Export

Exports the data displayed to a file in the default downloads location. File types include CSV, Excel, PDF or RTF. See Export data.