cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to integrate Cymulate and Fortigates with Sentinel?

ChrisF71
Copper Contributor

‎Jun 23 2022 08:31 AM

‎Jun 23 2022 08:31 AM

How to integrate Cymulate and Fortigates with Sentinel?

New to these products and was told we could use Sentinel to pull data from Cymulate and our Fortigates.   Anyone know how to do this?   I know with have FortiSEIM, not sure on SOAR in our environment (if it would be useful for this we could get it added).

 

Thanks

Labels:
1,530 Views
0 Likes
4 Replies
Reply
4 Replies
Clive_Watson

‎Jun 23 2022 10:10 AM

‎Jun 23 2022 10:10 AM

Re: How to integrate Cymulate and Fortigates with Sentinel?

@ChrisF71 Fortigate is a Solution in the "Content Hub"

Clive_Watson_0-1656004218220.png

 

0 Likes
Reply
ChrisF71

‎Jun 23 2022 10:43 AM

‎Jun 23 2022 10:43 AM

Re: How to integrate Cymulate and Fortigates with Sentinel?

@Clive_Watson That appears to use SOAR, which we don't currently have.  Trying to find out if there is a way without an additional spend.

0 Likes
Reply
Clive_Watson

‎Jun 23 2022 02:59 PM

‎Jun 23 2022 02:59 PM

Re: How to integrate Cymulate and Fortigates with Sentinel?

It does use a Playbook (SOAR), you have access to that in Azure - but I guess you have a process before you can use them? Playbooks are pretty low cost, you'd probably spend more trying to implement a workaround.
0 Likes
Reply
mikhailf

‎Jun 26 2022 03:19 AM

‎Jun 26 2022 03:19 AM

Re: How to integrate Cymulate and Fortigates with Sentinel?

Hello @ChrisF71 ,

 

1.  You can forward Syslog from Fortinet to Sentinel using Sentinel Log Forwarder:

Technical Tip: Integrate FortiGate with Microsoft ... - Fortinet Community

Deploy a log forwarder to ingest Syslog and CEF logs to Microsoft Sentinel | Microsoft Docs

2. If Cymulate supports Syslog, you can use the same log forwarder. 

 

0 Likes
Reply