Fortinet Document Library

Version:


Table of Contents

6.2.1
Download PDF
Copy Link

Event handlers updated to detect risky access over SSL and SSH

Default event handlers have been updated to detect risky access over SSL and SSH, and generate security events.

  1. Predefined event handlers are updated in the Event Handler List to include Default-Risky-Destination-Detection-By-Endpoint and Default-Risky-Destination-Detection-By-Threat.

  2. The following is an example of the updated Default-Risky-Destination-Detection-By-Endpoint handler for SSL and SSH logs.

  3. The following is an example of the updated Default-Risky-Destination-Detection-By-Threat handler for SSL and SSH logs.

  4. The following is an example of events triggered by SSL and SSH logs from Default-Risky-Destination-Detection-By-Threat/By-Endpoint handlers.

Event handlers updated to detect risky access over SSL and SSH

Default event handlers have been updated to detect risky access over SSL and SSH, and generate security events.

  1. Predefined event handlers are updated in the Event Handler List to include Default-Risky-Destination-Detection-By-Endpoint and Default-Risky-Destination-Detection-By-Threat.

  2. The following is an example of the updated Default-Risky-Destination-Detection-By-Endpoint handler for SSL and SSH logs.

  3. The following is an example of the updated Default-Risky-Destination-Detection-By-Threat handler for SSL and SSH logs.

  4. The following is an example of events triggered by SSL and SSH logs from Default-Risky-Destination-Detection-By-Threat/By-Endpoint handlers.