Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Administration Guide

FortiAnalyzer 6.0.3

FortiAnalyzer 6.0.3 includes the following new features and enhancements:

Event Manager

New Default Event Handlers

The following new default Event Handlers have been added for malicious, suspicious, and high risk events:

  • Default-High-Risk-App-Detection
  • Default-Malicious-Code-Detection
  • Default-Malicious-Destination-Detection
  • Default-Malicious-File-Detetion
  • Default-Suspicious-File-Detection

FortiView

Log ID for long sessions

In FortiView, Log ID = 0000000020 indicates a long session that is not yet closed. A long session has multiple logs but is still considered one session. The sent/received data of long sessions counts all interim traffic data reported by lines with Log ID = 0000000020.

When the session is closed, the Log ID is 13.

FortiAnalyzer 6.0.3

FortiAnalyzer 6.0.3 includes the following new features and enhancements:

Event Manager

New Default Event Handlers

The following new default Event Handlers have been added for malicious, suspicious, and high risk events:

  • Default-High-Risk-App-Detection
  • Default-Malicious-Code-Detection
  • Default-Malicious-Destination-Detection
  • Default-Malicious-File-Detetion
  • Default-Suspicious-File-Detection

FortiView

Log ID for long sessions

In FortiView, Log ID = 0000000020 indicates a long session that is not yet closed. A long session has multiple logs but is still considered one session. The sent/received data of long sessions counts all interim traffic data reported by lines with Log ID = 0000000020.

When the session is closed, the Log ID is 13.