Fortinet black logo

FortiGuard Outbreak Alerts service 6.4.4

Copy Link
Copy Doc ID 0649062b-898a-11ea-9384-00505692583a:862526
Download PDF

FortiGuard Outbreak Alerts service 6.4.4

You can use a Zero Trust tagging rule as a predefined rule for FortiGuard outbreak alerts by uploading rule signatures.

To configure a Zero Trust tagging rule as a predefined rule for outbreak alerts by uploading rule signatures:
  1. In EMS, go to Zero Trust Tags > Zero Trust Tagging Rules.
  2. Click Import Signatures.

  3. In the Import FortiGuard Outbreak Alert Signatures dialog, upload a JSON file. The JSON file should contain an array of alert objects, each with a tag name and array of signatures. Each signature should have the following properties: os (windows, mac, linux, ios, android), type (file, registry, process), and content. If the import succeeds, EMS displays a FortiGuard outbreak alert signatures imported successfully message. If the file is formatted incorrectly, EMS shows an Invalid JSON error.
  4. View tagged endpoints in Zero Trust Tags > Zero Trust Tag Monitor.

FortiGuard Outbreak Alerts service 6.4.4

You can use a Zero Trust tagging rule as a predefined rule for FortiGuard outbreak alerts by uploading rule signatures.

To configure a Zero Trust tagging rule as a predefined rule for outbreak alerts by uploading rule signatures:
  1. In EMS, go to Zero Trust Tags > Zero Trust Tagging Rules.
  2. Click Import Signatures.

  3. In the Import FortiGuard Outbreak Alert Signatures dialog, upload a JSON file. The JSON file should contain an array of alert objects, each with a tag name and array of signatures. Each signature should have the following properties: os (windows, mac, linux, ios, android), type (file, registry, process), and content. If the import succeeds, EMS displays a FortiGuard outbreak alert signatures imported successfully message. If the file is formatted incorrectly, EMS shows an Invalid JSON error.
  4. View tagged endpoints in Zero Trust Tags > Zero Trust Tag Monitor.