Forum Discussion
Sentinel integration with FortiNet firewall and queries
Hi Everyone, we have help one customer to integrate FortiNet firewall logs via syslog connector to Azure Sentinel. At that time to avoid huge amount of logs passing to Sentinel side we filtered only ...
Hi susanthasilva,
You would have to create these use cases yourself in Sentinel by using KQL queries. You can take a look here for inspiration: https://cryptsus.com/blog/fortinet-firewall-sentinel-siem-hunting.html
Feel free to contact the author of this article to ask for consultancy in order to create your exact use cases in KQL.