I'm having a problem on parsing the Fortinet Fortigate logs sent from Sumo Logic to CSE.
It seems that the correct Log Mapping Rule is Fortinet Traffic Syslog 1 and the mapping created is below.
Anyone having the same issue? Thanks
Please sign in to leave a comment.