In this demo, we'll demonstrate how to utilize IF conditions in #FortiSIEM's Analytics section to filter and analyze data, aiding in threat hunting and incident response. The IF function allows you to create conditional statements, where the outcome is determined by the evaluation of a Boolean expression, which can be either true or false. To detect potential data exfiltration, we will employ IF conditions to filter for file transfers exceeding a specific size threshold.

Learn more: https://ftnt.