Events are things which occur on your network. FortiInsight captures event information from endpoints; these could be;
Network events such as file upload or download activities, or
System events such as those which occur in the Windows directory, or
User events such as user log in or a file read in Excel.
Each FortiInsight event from an endpoint contains the following elements for the event:
User - The user account carrying out the activity
Machine - The machine (endpoint) the activity took place on
Activity - The activity type (e.g. user log in/off, machine on/off, File created/read/written/moved/deleted/renamed, database record updated, etc.)
Application/Process - the application used to carry out the activity e.g. Explorer.exe, Winword.exe, etc.
Resource - This is typically a path, filename, and file type involved in the activity, except for SQL Server agent events which shall specify the database and database element acted on.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.