Therule engineinFortiSIEMloadsbaseline data valuesfrom theprofile database. This database stores historical trends and behavioral baselines for various metrics, such asCPU usage, network activity, and authentication patterns.
●Baseline valuesare used to comparecurrent eventsagainst expected behavior.
● This helps indetecting deviations, such as a sudden increase in failed logins or unusual traffic spikes.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit