Recently, by purchasing a per TB licence, I integrated the logs of the Fortinet firewall, but I found that the daily data volume in the data ingestion dashboard and the log volume in the Fortinet datasets do not match. The dataset of the Fortinet only shows 411G. According to the data ingestion dashboard, the total number should be 592G. I checked other datasets and found no mixing of Fortinet logs. Has anyone encountered this situation?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!