Refer to the exhibit.
A FortiSlEM administrator wants to group some attributes for a report, but is not able to do so
successfully.
As shown in the exhibit, why are some of the fields highlighted in red?
Question No 2
In the rules engine, which condition instructs FortiSIEM to summarize and count the matching
evaluated data?
Question No 3
Refer to the exhibit.
How was the FortiGate device discovered by FortiSIEM?
Question No 4
Refer to the exhibit.
If events are grouped by Reporting IP, Event Type, and user attributes in FortiSIEM, how ,many
results will be displayed?
Question No 5
Which two FortiSIEM components work together to provide real - time event correlation?