Technical Note: ZoneFox 4.0 - I have created a Po...

FortiSIEM

FortiSIEM provides Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA)

Article Id 197549

Description

I have created a Policy, can I see which alerts it would have triggered in the past

Scope

Best Practices / Scenarios

Solution

Yes - once you have created a Policy (via the Policy page), at the bottom of the page, ZoneFox will indicate the number of previous alerts which would have been triggered by the rules within this Policy, based on your ZoneFox data to date.

Navigate to the Threat Hunting page, where the policy details will be prefilled in the search bar, to see which events would have triggered alerts.

201

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Terms of Service
Privacy Policy
GDPR
Cookie Settings

Technical Note: ZoneFox 4.0 - I have created a Policy, can I see which alerts it would have triggered in the past