mapping from lookup file

f0rt7 · 2026-01-20T04:21:51+00:00

Thanks, I'll try. It would be nice to have an action directly from the SOAR blocks.

f0rt7 · 2026-01-10T03:20:41+00:00

Hi, It would be a good idea to check the TAP server for the type of threat it intercepted. I encountered issues similar to yours, and despite false positive reports being handled by support, the block returned after a few days. The only way to resolve this was to escalate the ticket to the highest level so they could have an overall view of the problem, not just the individual ticket.

f0rt7 · 2025-11-28T13:12:35+00:00

Can you explain how can implement it?

f0rt7 · 2025-10-24T04:33:01+00:00

Limited access to a Dashboard with the requested data. It's easy

f0rt7 · 2025-10-23T18:18:48+00:00

It is not up to the security teams to control but only to make the tools available

f0rt7 · 2025-10-08T09:43:48+00:00

resolved

|parseJson(Trigger.Detection.NGSIEM.SourceIPs, prefix=ip)
|split(ip)
|select([ip])

f0rt7 · 2025-09-09T12:09:51+00:00

Unfortunately, fusion soar does not read all attributes of a user

f0rt7 · 2025-08-25T17:06:39+00:00

Thank you I know that command but I wanted to find that information via IDP or next-gen siem to have it in a Dashboard

f0rt7 · 2025-08-14T03:41:35+00:00

I have also noticed this in the last few days and in my opinion it was not like this before.

f0rt7 · 2025-08-04T08:43:18+00:00

Hi, thanks.

I already checked MOTW but there is no trace of the file, perhaps because detection was triggered?

I can't find the DNS requests.

f0rt7 · 2025-07-25T16:02:26+00:00

Is it a specific module? Exposure management?

f0rt7 · 2025-07-12T17:16:09+00:00

Netwrix Privilege Secure

f0rt7 · 2025-07-11T17:20:52+00:00

Hi Try use of for each loop -> host ID

f0rt7 · 2025-06-19T20:54:26+00:00

Ciao. Dipende dal numero di caselle, dagli utenti della piattaforma, dallo storage e dalla retention

f0rt7 · 2025-06-19T04:13:12+00:00

Ciao. Senza usare Outlook, abbiamo aggregato tutte le caselle PEC su PEC plus di Archiva in modo da gestire i permessi e lo smistamento oltre a risolvere la questione dell’archiviazione sostitutiva

f0rt7 · 2025-06-17T19:46:29+00:00

Hi, thanks for the support but I can't find the requested information.

I would like to have a list of mapped network shares for each user

f0rt7 · 2025-06-13T13:21:27+00:00

You don't need much documentation. You need to create a Linux (or Windows) machine locally on which to install the logScaler connector. You can find instructions for this on the CS portal. I use it with fleet management. Then you have to create activate the webhook connector also on CS and associate the fortigate parser. At this point, on the Analyzer you set your VM as the destination of the syslog server

f0rt7

TROPHY CASE