Fortinet FortiNDR Cloud for Microsoft Sentinel
Solution: Fortinet FortiNDR Cloud
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Publisher | Fortinet |
| Support Tier | Partner |
| Support Link | https://www.fortinet.com/support |
| Categories | domains |
| Version | 3.0.3 |
| Author | Fortinet - cs@fortinet.com |
| First Published | 2024-01-15 |
| Solution Folder | Fortinet FortiNDR Cloud |
| Marketplace | Azure Marketplace · Popularity: 🔵 Medium (62%) |
The Fortinet FortiNDR Cloud solution for Microsoft Sentinel provides the capability to ingest Fortinet FortiNDR Cloud events into Microsoft Sentinel. For questions about Fortinet FortiNDR Cloud, please contact Fortinet at fnc-sentinel@fortinet.com.
Contents
Data Connectors
This solution provides 1 data connector(s):
🔶 CLv1: This connector ingests into a table that uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g.
_s,_d,_b,_t,_g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.
Tables Used
This solution uses 3 table(s):
| Table | Used By Connectors | Used By Content |
|---|---|---|
FncEventsDetections_CL 🔶 |
Fortinet FortiNDR Cloud | Workbooks |
FncEventsObservation_CL 🔶 |
Fortinet FortiNDR Cloud | Workbooks |
FncEventsSuricata_CL 🔶 |
Fortinet FortiNDR Cloud | Workbooks |
🔶 CLv1: This table uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g.
_s,_d,_b,_t,_g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.
Content Items
This solution includes 2 content item(s):
| Content Type | Count |
|---|---|
| Workbooks | 1 |
| Parsers | 1 |
Workbooks
| Name | Tables Used |
|---|---|
| FortinetFortiNdrCloudWorkbook | FncEventsDetections_CLFncEventsObservation_CLFncEventsSuricata_CL |
Parsers
| Name | Description | Tables Used |
|---|---|---|
| Fortinet_FortiNDR_Cloud | - | FncEventsDetections_CL (read)FncEventsObservation_CL (read)FncEventsSuricata_CL (read) |
Release Notes
| Version | Date Modified (DD-MM-YYYY) | Change History |
|---|---|---|
| 3.0.3 | 05-05-2025 | Use Flex Consumption plan to hold Data Connector |
| 3.0.2 | 30-09-2024 | Show mitre attack ids and link to detection rule page |
| 3.0.1 | 31-05-2024 | Replace Metastream with FortiNDR Cloud API |
| 3.0.0 | 29-02-2024 | Initial Solution Release |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊