Did you try this:
https://learn.microsoft.com/en-us/advanced-threat-analytics/cef-format-sa
?
Parse logs sent from ATA to SIEM
JoseMauricioGomez
21
Reputation points
Hello team,
Is there a way to parse the logs sent by ATA to FortiSIEM. FortiSIEM received the logs just fine but there are not defined by category/types
Any outcome would be appreciated!
Thanks in advance!
Jose Mauricio Gomez
1 answer
Sort by: Most helpful
-
Sign in to answer
Eli Ofek (MSFT) 911 Reputation points Microsoft Employee2020-12-18T00:20:49.77+00:00