Parse logs sent from ATA to SIEM

JoseMauricioGomez 21

Hello team,

Is there a way to parse the logs sent by ATA to FortiSIEM. FortiSIEM received the logs just fine but there are not defined by category/types

Any outcome would be appreciated!

Thanks in advance!

Jose Mauricio Gomez

1 answer

Eli Ofek (MSFT) 911 Reputation points Microsoft Employee

2020-12-18T00:20:49.77+00:00

Did you try this:
https://learn.microsoft.com/en-us/advanced-threat-analytics/cef-format-sa
?
Please sign in to rate this answer.

0 comments No comments
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.

Your answer