wazuh-fortigate-rules-decoders

This project provides a robust set of decoders and rules designed to integrate Fortigate logs with Wazuh, developed based on the Fortigate Log Reference for versions 7.0.14, 7.2.7, 7.2.8, and 7.4.3.

I am working hard on that to improve and expand the functionalities. Leave a star and follow this repo for updates.

Features

738 Decoders: For decoding and analyzing Fortigate logs.
1387 Rules: For categorizing specific logs, facilitating monitoring and event analysis.

Installation

Copy the decoders and rules to your Wazuh Manager
- Copy 0100-fortigate_decoders.xml to /var/ossec/etc/decoders/
- Copy 0391-fortigate_rules.xml to /var/ossec/etc/rules/
Restart the Wazuh Manager
```
systemctl restart wazuh-manager
```

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
0100-fortigate_decoders.xml		0100-fortigate_decoders.xml
0391-fortigate_rules.xml		0391-fortigate_rules.xml
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

wazuh-fortigate-rules-decoders

Features

Installation

About

Releases

Packages

alextibor/wazuh-fortigate-rules-decoders

Folders and files

Latest commit

History

Repository files navigation

wazuh-fortigate-rules-decoders

Features

Installation

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages