|Protocol||Information Discovered||Metrics Collected||Used For|
|Syslog||Malware detection log||Security Monitoring|
In ADMIN > Device Support > Event Types, search for "malwarebytesbreach" to see the event types associated with this device. In FortiSIEM 6.2.0, there are 10 event types defined.
In RESOURCES > Rules, search for "Malware found but not remediated" in the main content panel Search... field.
In RESOURCES > Reports, search for "malware found" to see the reports associated with this device.
Top Computers with Malware Found By Antivirus and Security Gateways
Top IPs with Malware Found By Antivirus and Security Gateways
Top IPs with Malware Found By Security Gateways
FortiSIEM processes events from this device via syslog. Configure the device to send syslog to FortiSIEM on port 514.
2020-11-25T17:18:46Z 0009NIT-KLUEY CEF:0|Malwarebytes|Malwarebytes Breach Remediation|Version: 126.96.36.199 [eng:Version: 188.8.131.520 rul:2020.11.25.17 act:Version: 184.108.40.2066 sws:Version: 220.127.116.119]|1000|Scan Started|1|cs3=46837c42-2f42-11eb-9c15-025041000001 cs3Label=SessionId cs5=mbbr scan -full -remove -noreboot cs5Label=CmdLine dvchost=0009NIT-KLUEY deviceMacAddress=DC:FB:48:92:E9:10 suser=TEST outcome=succeeded