Third party firewall incidents not showing in incident tab

Copper Contributor

We have enabled Fortinet and syslog connector to ingest firewall logs to sentinel. Enabled analytics and workbooks for the logs however not able to see these firewall logs in incident tab.

Only Azure AD and office 365 incidents are visible in incident. 

2 Replies

Hello @Cloud0009 ,

 

Do you see the table "CommonSecurityLog" with Fortinet logs in the Logs tab?

You mean going into query tab and searching for logs ?