Version:

Version:

Version:


Table of Contents

New Features

Download PDF
Copy Link

Incident page improvement 6.4.1

This is an enhancement to the incident analysis page that offers a more useful view for users by introducing Processes, Software and Vulnerabilities tabs. These tabs include endpoint information that attaches to incidents.

To view the incident page improvements:
  1. Go to FortiSOC > Incidents, and select an incident to view the Incident Analysis page.
    • Incident attachment for endpoint processes:
      • Click the table view icon in the top-right corner in the attachment section to view endpoint processes in a table format.
      • Click the raw data icon in the top-right corner in the attachment section to view endpoint process information as raw data.
      • Select a time from the snapshots dropdown to view different snapshots.
      • Enter search keywords in the search field to view filtered records which match the keyword. Matching keywords are highlighted in the results.
    • Incident attachment for installed software.
      • Click the table view in the top-right corner in the attachment section to view installed software in a table format.
      • Click the raw data icon in the top-right corner in the attachment section to view installed software information as raw data.
      • Select a time from the snapshots dropdown to view different snapshots.
      • Enter search keywords in the search field to view filtered records which match the keyword. Matching keywords are highlighted in the results.
    • Incident attachment for endpoint vulnerabilities.
      • Click the table view icon in the top-right corner in the attachment section to view endpoint vulnerabilities in a table format.
      • Click the raw data icon in the top-right corner in the attachment section to view endpoint process information as raw data.
      • Select a time from the snapshots dropdown to view different snapshots.
      • Enter search keywords in the search field to view filtered records which match the keyword. Matching keywords are highlighted in the results.

Incident page improvement 6.4.1

This is an enhancement to the incident analysis page that offers a more useful view for users by introducing Processes, Software and Vulnerabilities tabs. These tabs include endpoint information that attaches to incidents.

To view the incident page improvements:
  1. Go to FortiSOC > Incidents, and select an incident to view the Incident Analysis page.
    • Incident attachment for endpoint processes:
      • Click the table view icon in the top-right corner in the attachment section to view endpoint processes in a table format.
      • Click the raw data icon in the top-right corner in the attachment section to view endpoint process information as raw data.
      • Select a time from the snapshots dropdown to view different snapshots.
      • Enter search keywords in the search field to view filtered records which match the keyword. Matching keywords are highlighted in the results.
    • Incident attachment for installed software.
      • Click the table view in the top-right corner in the attachment section to view installed software in a table format.
      • Click the raw data icon in the top-right corner in the attachment section to view installed software information as raw data.
      • Select a time from the snapshots dropdown to view different snapshots.
      • Enter search keywords in the search field to view filtered records which match the keyword. Matching keywords are highlighted in the results.
    • Incident attachment for endpoint vulnerabilities.
      • Click the table view icon in the top-right corner in the attachment section to view endpoint vulnerabilities in a table format.
      • Click the raw data icon in the top-right corner in the attachment section to view endpoint process information as raw data.
      • Select a time from the snapshots dropdown to view different snapshots.
      • Enter search keywords in the search field to view filtered records which match the keyword. Matching keywords are highlighted in the results.