update

0100-fortigate_decoders.xml

@@ -1,3 +1,11 @@
+<!--
+-  Fortigate Decoders
+-  Author: Alexander Tibor Assenheimer - github: alextibor
+-  This program is a free software; you can redistribute it and/or modify it under the terms of GPLv2.
+-  Rules create based on the Fortigate Log Reference from version 7.0.14, 7.2.7, 7.2.8 and 7.4.3
+-->
+
+
 <decoder name="fortinet-fortigate-firewall">
   <prematch type="pcre2">^date=\d{4}-\d{2}-\d{2}\s+time=\d{2}:\d{2}:\d{2}\s+devname="[^"]*"\s+devid="[^"]*"\s+eventtime=\d+\s+tz="[^"]*"\s+logid="\d+"</prematch>
 </decoder>

README.md

@@ -1,8 +1,23 @@
 # wazuh-fortigate-rules-decoders
 
-Rules and decoders created based on the Fortigate Log Reference from version 7.0.14, 7.2.7, 7.2.8 and 7.4.3
+This project provides a robust set of decoders and rules designed to integrate Fortigate logs with Wazuh, developed based on the Fortigate Log Reference for versions 7.0.14, 7.2.7, 7.2.8, and 7.4.3.
 
-738 Decoders
-1387 Rules
+## Features
 
-Work in progress 
+- **738 Decoders**: For decoding and analyzing Fortigate logs.
+- **1387 Rules**: For categorizing specific logs, facilitating monitoring and event analysis.
+
+## Installation
+
+1. **Copy the decoders and rules to your Wazuh Manager**
+
+   - Copy `0100-fortigate_decoders.xml` to `/var/ossec/etc/decoders/`
+   - Copy `0391-fortigate_rules.xml` to `/var/ossec/etc/rules/`
+
+2. **Restart the Wazuh Manager**
+
+   ```bash
+   systemctl restart wazuh-manager
+   ```
+
+I am working to improve and expand the functionalities of the decoders and rules based on Fortigate logs.