I have a denial of service policy setup on one of my FW and it's set to log everything but I'm not sure how to search for DOS logs in Splunk?
The Fortigate Documentation says that banned_src=dos should work but I'm not seeing anything like that.
Has anyone been able to query DOS using this app?