Version: FortiAuthenticator v6.0.0 and later.

The FortiAuthenticator device is an identity and access management solution. Identity and access management solutions are an important part of an enterprise network. It provides access to protected network assets and tracking user activities to comply with security policies.

Netsurion Open XDR integrates with FortiAuthenticator, enables users to view critical information related to user logon activities performed in FortiAuthenticator or other Fortinet devices. This information is represented in the form of report, alert and graphical/ pictorial representation (dashboard).

Flex reports contain a detailed overview of activities like, user login failed, the user login success, etc.

Alerts are provided as soon as any critical event is triggered by the FortiAuthenticator. Such as, user login failed. From visual representation/ overview of top activities being performed in FortiAuthenticator to user login failed, user login success and user login failed reasons can be viewed on Netsurion Open XDR ‘dashboard.

Netsurion Data Source Integration for FortiAuthenticator allows you to monitor the following components.

  • Compliance – User login failed events, user login success events.

After the eDirectory is configured to deliver events to the Netsurion Open XDR, the dashboards and reports can be configured into Netsurion Open XDR.

The following are the key Data Source Integration available in Netsurion Open XDR.


Type Name Description
Compliance FortiAuthenticator – Login failed This alert is triggered when user login failure occurs.


Type Name Description
Compliance FortiAuthenticator – Login failed This report gives you information about the login failure that occurred and gives information on the username that tried to login, Source IP Address and the reason for failure.
Compliance FortiAuthenticator – Login success This report gives you information about the successful login events that occurred and gives you information about the user that logged in and source IP address from where the login occurred.


The configuration details are consistent with Netsurion Open XDR 9.x or later, and FortiAuthenticator.

Download Integration Guide and How-to Guide for configuration instructions and more information.