Refer to the exhibit. You are reviewing the Triggering Events page for a FortiSIEM incident. You want to remove the Reporting IP column because you have only one firewall in the topology. How do you accomplish this? (Choose one answer)

• A. Clear the Reporting IP field from the Triggered Attributes section when you configure the Incident Action.
• B. Disable correlation for the Reporting IP field in the rule subpattern.
• C. Remove the Reporting IP attribute from the raw logs using parsing rules.
• D. Customize the display columns for this incident.

Correct Answer: D

Brave-Dump Clients Votes