In the rules engine, which condition instructs FortiSIEM to summarize and count the matching evaluated data?
In the rules engine, which condition instructs FortiSIEM to summarize and count the matching evaluated data?
In the rules engine, the condition that instructs FortiSIEM to summarize and count the matching evaluated data is 'Aggregation'. Aggregation combines multiple data records into a single summary record, which involves counting and summarizing the data based on specific criteria.
The option correct is B, see page 257 FortiSiem 6.3 Guide
Is this still valid for FortiSIEM 6.3?
page 257 FortiSiem 6.3 Guide
Correct is B