Fortinet FortiMail

The IBM QRadar SIEM DSM for Fortinet FortiMail Gate parses events that are issued by Fortinet FortiMail.

To integrate Fortinet FortiMail with QRadar, complete the following steps:
  1. If automatic updates are not enabled, RPMs are available for download from the IBM® Support Website (http://www.ibm.com/support). Download and install the most recent version of the following RPM on yourQRadar Console:
    FortinetFortiMailDSM RPM
  2. Configure your Fortinet FortiMail server to send events to QRadar. For more information, see Configure Fortinet FortiMail.
  3. If QRadar does not automatically detect the log source, add a Fortinet FortiMail log source on the QRadar Console. For more information, see Syslog log source parameters for add Fortinet FortiMail.