Which statement about FortiSIEM is correct?

FortiSIEM leverages both global and per-device thresholds for performance metrics, allowing for a nuanced approach to monitoring and managing network performance. By using global thresholds, FortiSIEM can establish baseline performance levels that apply across an entire organization, encapsulating typical usage patterns and system behavior. This aspect ensures that anomalies can be identified at a structural level.

On the other hand, having per-device thresholds enables FortiSIEM to account for the unique behaviors and performance benchmarks of individual devices within the network. Different devices may have varying performance capabilities and usage patterns, so a generic approach might not capture specific issues. The combination of global and per-device thresholds ensures that the system remains responsive to both general trends and localized performance issues, enhancing the overall efficiency of network management and incident response.

This dual threshold approach is essential for creating an effective monitoring environment, as it empowers network administrators with the granularity required to quickly detect issues and address them appropriately.