In this course, you will learn the fundamentals of using FortiAnalyzer for centralized logging. You will also learn how to identify current and potential threats through log analysis. Finally, you will examine the management of events, incidents, reports, and task automation with playbooks. These skills will provide you with a solid foundation for becoming a SOC analyst in an environment using Fortinet products.

    Introduction and Initial Configuration
    Logging
    FortiSoC—Events and Incidents
    Reports
    FortiSoC—Playbooks

Anyone who is responsible for Fortinet Security Fabric analytics and automating tasks to detect and respond to cyberattacks using FortiAnalyzer should attend this course.

    Familiarity with all topics presented in the NSE 4 FortiGate Security and NSE 4 FortiGate Infrastructure courses
    Knowledge of SQL SELECT syntax is helpful, but not required

After completing this course, you should be able to:

    Understand basic concepts and features
    Describe the purpose of collecting and securing logs
    View and search for logs in Log View and FortiView
    Understand FortiSoC features
    Manage events and event handlers
    Configure and analyze incidents
    Perform threat hunting tasks
    Understand outbreak alerts
    Describe how reports function within ADOMs
    Customize and create charts and datasets
    Customize and run reports
    Configure external storage for reports
    Attach reports to incidents
    Troubleshoot reports
    Understand playbook concepts
    Create and monitor playbooks

If you take the online format of this class, you must use a computer that has the following:

    A high-speed Internet connection
    An up-to-date web browser
    A PDF viewer
    Speakers or headphones

One of the following:

    HTML 5 support
    An up-to-date Java Runtime Environment (JRE) with Java Plugin enabled on your web browser

You should use a wired Ethernet connection, not a WiFi connection. Firewalls, including Windows Firewall or FortiClient, must allow connections to the online labs.