NSE 5 — FortiAnalyzer 7.2 — Question 25

What is the purpose of using prefilters when configuring event handlers?

Answer options

• A. They limit which logs are checked for matches by the other filters.
• B. They can filter the logs before they are processed by FortiAnalyzer.
• C. They download new filters to be used in event handlers.
• D. They are common filters applied simultaneously to all event handlers.

Correct answer: A

Explanation

The correct answer is A because prefilters specifically limit the logs that are evaluated by other filters, streamlining the filtering process. Option B is incorrect as it suggests prefilters work after logs are processed, which is not their function. Option C refers to downloading new filters, which is unrelated to the role of prefilters. Option D mischaracterizes prefilters as common filters across all handlers, rather than focusing on log limitation.