There is no current DSM for Fortimail or Fortisandbox. I found a Reddit thread on this from this week as well where a user responded that they created their own custom DSM for this integration. I added some info for IBM Ideas and how to vote/comment in the Reddit thread. For more information, see https://www.reddit.com/r/QRadar/comments/14as7im/fortimail_and_fortisandbox_integration_with_qradar/
------------------------------
Jonathan Pechta
QRadar Support Content Lead
Support forums: ibm.biz/qradarforums
jonathan.pechta1@ibm.com------------------------------
Original Message:
Sent: Fri June 16, 2023 10:38 AM
From: Andrius
Subject: FortiMail and FortiSandBox Integration
Hello,
I have same issue. I manged to find this issue also mentioned in Reddit Qradar chanel. However there is no solution too. It seams this problem is going for 3+ years.
------------------------------
Andrius
Original Message:
Sent: Fri June 16, 2023 05:30 AM
From: Dany El-Nghaywe
Subject: FortiMail and FortiSandBox Integration
Hello guys,
I successfully integrated FortiMail and FortiSandbox with QRadar 7.5 UP4 in a production environment, but unfortunately, most of the events are currently not parsed. Is there a specific DSM/application available for download that can resolve this issue, or do I need to manually parse the events? Please advise on this.
P.S: After thoroughly examining the DSM Guide, I found that it only provides information on integrating FortiGate, with no specific details regarding the integration of FortiMail and FortiSandbox.
Awaiting your feedback,
Thank you,
Dany
------------------------------
Dany El-Nghaywe
------------------------------