Почетна Преглед Помоћ
Пријавите се
mirrors
/
wazuh-fortigate-rules-decoders
огледало од https://github.com/alextibor/wazuh-fortigate-rules-decoders
1
0
Креирај огранак 0
Датотеке Дискусије 0 Вики

Нема описа

Дрво: 32743b162e
Гране Ознаке
wazuh-fortigate...
ZIP TAR.GZ
alexwsdebian 32743b162e up пре 1 година
0100-fortigate_decoders.xml 834a425961 update пре 1 година
0391-fortigate_rules.xml b87ba46914 Update 0391-fortigate_rules.xml пре 1 година
README.md 32743b162e up пре 1 година

README.md

wazuh-fortigate-rules-decoders

This project provides a robust set of decoders and rules designed to integrate Fortigate logs with Wazuh, developed based on the Fortigate Log Reference for versions 7.0.14, 7.2.7, 7.2.8, and 7.4.3.

Features

  • 738 Decoders: For decoding and analyzing Fortigate logs.
  • 1387 Rules: For categorizing specific logs, facilitating monitoring and event analysis.

Installation

  1. Copy the decoders and rules to your Wazuh Manager

    • Copy 0100-fortigate_decoders.xml to /var/ossec/etc/decoders/
    • Copy 0391-fortigate_rules.xml to /var/ossec/etc/rules/

  2. Restart the Wazuh Manager

    systemctl restart wazuh-manager

I am working hard on that to improve and expand the functionalities. Leave a star and follow this repo for updates.