FCP – FortiAnalyzer Analyst 7.6 — Question 8

When there are no matching parsers for a device log, what does FortiAnalyzer do?

Answer options

• A. Stores the log but doesn’t normalize it
• B. Applies the generic SYSLOG parser
• C. Drops the log
• D. Archives the log for future analysis

Correct answer: B

Explanation

The correct answer is B because when there are no specific parsers available, FortiAnalyzer resorts to a generic SYSLOG parser to handle the log data. Options A and D are incorrect because they imply that the log is preserved without normalization or saved for future use, while option C incorrectly states that the log is dropped.