Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Resolved Issues

The following issues have been fixed in FortiAnalyzer version 6.4.4. For inquires about a particular bug, please contact Customer Service & Support.

FortiSOC

Bug ID

Description

677276 Maximum 256 entries for subnet is not sufficient. Maximum address-obj and address-group limit increased to 10000.

FortiView

Bug ID

Description

616914 Some graphs may not render data in FortiView.
667745 FortiView > Traffic > Top Sources may return a zero value for a time period of less than four hours.
668494 FortiView may not apply filter correctly for many of the entries.
668922 Selecting FortiGate in FortiView Traffic logs returns Invalid params: Cannot find device XXX under adom XXX.

670844

Resources Usage Peak shows higher bandwidth than real usage.

673477 FortiView map may fail to display traffic.
674461 Within FortiView VPN logs, the Country Flags may be incorrect.
678250 FortiView may show error when drill-down IOC rescan details.

Log View

Bug ID

Description

522202 FortiAnalyzer may not able to accept syslog from FortiVoice.
591272 Download Logs files from Log View or browse are not in the correct CSV format.

638388

When two filters are defined and the first filter is removed, clicking on the remaining filter may incorrectly reference the removed filter.

639228 FortiAnalyzer needs to synchronize FortiClient 6.4.1 new log format changes for Value of Type, Sub-type, and Event Type.
643858 Actual analytics logs do not match what is observed in log view.
672350 FortiAnalyzer should able to view the space in between the user name on Log View > Event > VPN > User column.
672763 Level Column is empty in GUI when switching to Real-time Log on a FortiAnalyzer ADOM.

Others

Bug ID Description
578907 exec log-aggregate all should aggregate all log files without any error.
610161 FortiAnalyzer may unexpectedly set Don't Fragment flag with jumbo frame related packets in OFTP communications and in log forwarding.
621473 FortiSOC is missing in cloud-based VMs.
653646 When formatting disk, database server may fail to shut down.
665273 The diagnose system ntp status command may return error /bin/ntpq: read: Connection refused.
666940 ADOM Mode Information has outdated wording about Reduced operation.
673224 The sqllogd may keep crashing after upgraded FAZ-3700F secondary unit.
675273 FortiAnalyzer to add SFTP and port support for all export commands.
675930 When calling an API, FortiAnalyzer may not update the progress with the correct percentage.
676103 Webhook Fabric Connector sends a wrong Sever Name Indication (SNI) in the TLSv1.2 Client Hello.
678200 FortiAnalyzer may stop inserting logs using high CPU usage.

Reports

Bug ID

Description

547496 FortiAnalyzer generates a report for the selected device with outputs for all devices.
647868 After upgrade, all default reports and event handler list are lost.
662442 FortiAnalyzer should show Report, Template, Chart Library, and Dataset under report section.
677060 Default Reports, Templates, Chart Library, Macro Library, or Datasets are missing on newly created ADOMs.
677109 Graphics may not be complete for FortiGate Performance Statistics Report.

System Settings

Bug ID

Description

580629 Chromebooks are unable to log to FortiAnalyzer if the admin has trusted hosts configured.
627683 The GB/day displayed in License Widget may not be correct.
629663 Free text filter does not work when using (~) tilde sign on syslog ADOM for the msg field.
639102 FortiAnalyzer may not applying Not equal to operator when Log Forwarding > Log Filter is configured via GUI.
660798 Device Log Settings > upload to FTP may not work correctly in collector-analyzer setup.
668067 NTPv3 enabled with authentication is not sending NTP client request with hardware platforms.
672633 FortiAnalyzer HA primary unit may stop log insertion when there is postgres UPDATE on IOC.
681321 Avatar may always be synchronizing resulting in init sync cannot be finished.

Resolved Issues

The following issues have been fixed in FortiAnalyzer version 6.4.4. For inquires about a particular bug, please contact Customer Service & Support.

FortiSOC

Bug ID

Description

677276 Maximum 256 entries for subnet is not sufficient. Maximum address-obj and address-group limit increased to 10000.

FortiView

Bug ID

Description

616914 Some graphs may not render data in FortiView.
667745 FortiView > Traffic > Top Sources may return a zero value for a time period of less than four hours.
668494 FortiView may not apply filter correctly for many of the entries.
668922 Selecting FortiGate in FortiView Traffic logs returns Invalid params: Cannot find device XXX under adom XXX.

670844

Resources Usage Peak shows higher bandwidth than real usage.

673477 FortiView map may fail to display traffic.
674461 Within FortiView VPN logs, the Country Flags may be incorrect.
678250 FortiView may show error when drill-down IOC rescan details.

Log View

Bug ID

Description

522202 FortiAnalyzer may not able to accept syslog from FortiVoice.
591272 Download Logs files from Log View or browse are not in the correct CSV format.

638388

When two filters are defined and the first filter is removed, clicking on the remaining filter may incorrectly reference the removed filter.

639228 FortiAnalyzer needs to synchronize FortiClient 6.4.1 new log format changes for Value of Type, Sub-type, and Event Type.
643858 Actual analytics logs do not match what is observed in log view.
672350 FortiAnalyzer should able to view the space in between the user name on Log View > Event > VPN > User column.
672763 Level Column is empty in GUI when switching to Real-time Log on a FortiAnalyzer ADOM.

Others

Bug ID Description
578907 exec log-aggregate all should aggregate all log files without any error.
610161 FortiAnalyzer may unexpectedly set Don't Fragment flag with jumbo frame related packets in OFTP communications and in log forwarding.
621473 FortiSOC is missing in cloud-based VMs.
653646 When formatting disk, database server may fail to shut down.
665273 The diagnose system ntp status command may return error /bin/ntpq: read: Connection refused.
666940 ADOM Mode Information has outdated wording about Reduced operation.
673224 The sqllogd may keep crashing after upgraded FAZ-3700F secondary unit.
675273 FortiAnalyzer to add SFTP and port support for all export commands.
675930 When calling an API, FortiAnalyzer may not update the progress with the correct percentage.
676103 Webhook Fabric Connector sends a wrong Sever Name Indication (SNI) in the TLSv1.2 Client Hello.
678200 FortiAnalyzer may stop inserting logs using high CPU usage.

Reports

Bug ID

Description

547496 FortiAnalyzer generates a report for the selected device with outputs for all devices.
647868 After upgrade, all default reports and event handler list are lost.
662442 FortiAnalyzer should show Report, Template, Chart Library, and Dataset under report section.
677060 Default Reports, Templates, Chart Library, Macro Library, or Datasets are missing on newly created ADOMs.
677109 Graphics may not be complete for FortiGate Performance Statistics Report.

System Settings

Bug ID

Description

580629 Chromebooks are unable to log to FortiAnalyzer if the admin has trusted hosts configured.
627683 The GB/day displayed in License Widget may not be correct.
629663 Free text filter does not work when using (~) tilde sign on syslog ADOM for the msg field.
639102 FortiAnalyzer may not applying Not equal to operator when Log Forwarding > Log Filter is configured via GUI.
660798 Device Log Settings > upload to FTP may not work correctly in collector-analyzer setup.
668067 NTPv3 enabled with authentication is not sending NTP client request with hardware platforms.
672633 FortiAnalyzer HA primary unit may stop log insertion when there is postgres UPDATE on IOC.
681321 Avatar may always be synchronizing resulting in init sync cannot be finished.