Podcast
Questions and Answers
Which node calculates the unused events and sends the value to the central decision-making engine?
Which node calculates the unused events and sends the value to the central decision-making engine?
What is the total incoming EPS from the three collectors in the example?
What is the total incoming EPS from the three collectors in the example?
What is the total unused events in the example?
What is the total unused events in the example?
What is the formula to calculate the total number of allowed events for the next three-minute interval?
What is the formula to calculate the total number of allowed events for the next three-minute interval?
Signup and view all the answers
What is the licensed EPS in the example?
What is the licensed EPS in the example?
Signup and view all the answers
What is the total number of allowed events for the next three-minute interval in the example?
What is the total number of allowed events for the next three-minute interval in the example?
Signup and view all the answers
When does the process of building the EPS reservoir start over for the next day?
When does the process of building the EPS reservoir start over for the next day?
Signup and view all the answers
What is the restriction on the number of events that can be carried over to the next day at midnight?
What is the restriction on the number of events that can be carried over to the next day at midnight?
Signup and view all the answers
What is the EPS reservoir used for in FortiSIEM?
What is the EPS reservoir used for in FortiSIEM?
Signup and view all the answers
What is the purpose of the 10% buffer in the formula to calculate the total number of allowed events?
What is the purpose of the 10% buffer in the formula to calculate the total number of allowed events?
Signup and view all the answers
FortiSIEM can use events in the EPS reservoir if the system suddenly needs to process more than the license.
FortiSIEM can use events in the EPS reservoir if the system suddenly needs to process more than the license.
Signup and view all the answers
In the phoenix.log file, you can see the licensed, allowed, used, and unused (reservoir) values every three minutes.
In the phoenix.log file, you can see the licensed, allowed, used, and unused (reservoir) values every three minutes.
Signup and view all the answers
What does the supervisor node in FortiSIEM do?
What does the supervisor node in FortiSIEM do?
Signup and view all the answers
What features are supported by the FortiSIEM Windows agent?
What features are supported by the FortiSIEM Windows agent?
Signup and view all the answers
What is the purpose of the auditd daemon on Linux?
What is the purpose of the auditd daemon on Linux?
Signup and view all the answers
What happens to the allowed events and unused reservoir values in the phoenix.log file?
What happens to the allowed events and unused reservoir values in the phoenix.log file?
Signup and view all the answers
What is the supervisor node's role in FortiSIEM agent management?
What is the supervisor node's role in FortiSIEM agent management?
Signup and view all the answers
How are logs collected by the Linux agent delivered to FortiSIEM?
How are logs collected by the Linux agent delivered to FortiSIEM?
Signup and view all the answers
What is the purpose of the EPS reservoir in FortiSIEM?
What is the purpose of the EPS reservoir in FortiSIEM?
Signup and view all the answers
What types of nodes are there in a FortiSIEM deployment?
What types of nodes are there in a FortiSIEM deployment?
Signup and view all the answers