Created on 10-28-2016 04:21 AM Edited on 04-04-2022 01:45 PM By Anonymous
Description
This article describes how to capture and replay discovery results in FortiSIEM.
Solution
1. Re-discover the devices and note down the date and time.
2. Login into the supervisor and run the following commands:
#cd /data/cache/discoveryResults/cust-1/completed#llThe output should be a list of directories with all numbers as the names.3. Zip the directory with the most current timestamp that "lines up" with the date/time of step 1.4. Either attach the file to a case for further investigation or upload it to Fortinet ftp site. The file should be small enough to attach to case.5. Download and unzip the folder into /data/cache/discoveryResults/cust-1/new6. FortiSIEM will read the file automatically and then replay it in the supervisor
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.