Resolved Issues
The following issues have been fixed in FortiAnalyzer version 6.4.6. For inquires about a particular bug, please contact Customer Service & Support.
Device Manager
Bug ID | Description |
---|---|
521774 | Add and delete function for unregistered devices are greyed out even when the root ADOM is locked. |
523721 | FortiAnalyzer should support FortiADC device type. |
613115 | Device Manager view may show red icons for VDOMs even when the log is received. |
622649 | When a FortiGate HA device is deleted, their log files are not deleted. |
676662 | Collector may not be showing the same FortiGate device version as analyzer. |
681419 | Notification icon may still be present for hidden unauthorized devices. |
Event Management
Bug ID |
Description |
---|---|
504426 | Event list shall auto refreshed after events are acknowledged and Show Acknowledged is disabled. |
FortiSOC
Bug ID |
Description |
---|---|
685426 | FortiAnalyzer should be able to see the incident that corresponds to events under the incidents analysis page. |
FortiView
Bug ID |
Description |
---|---|
633960 | Filter is empty in request when drill-down Top Applications(FortiClient) view to Log View. |
682485 | Policy hit count may be shown as zero while there is traffic. |
682657 | FortiView may not refresh correctly after switching between ADOMs. |
683580 | The Not operation may not work for advanced filter. |
684131 | Top Sources response may be slow when filter by policy ID. |
684193 | Secure SD-WAN Monitor should not send request when device list fails to load. |
685452 | The NOT filer filter may not work properly. |
688141 | FortiAnalyzer should be able to apply multiple negative filters from the same type. |
690895 | FortiView > Monitors > Secure SD-WAN Monitor > SD-WAN Rules Utilization widget may show No Data for some FortiGates. |
692464 | While retrieving IPS error log details, FortiAnalyzer may prompt XSS error. |
692852 | After upgrade, the Secure SD-WAN Monitor may have issues and show No Data for Performance, Jitter, Latency, or Packet loss widget. |
702268 | When accessing from FortiGate, loading the FortiView page may be very slow when the source is set as FortiAnalyzer. |
708006 | Monitors Endpoints does not show all FortiClient endpoints as in logs. |
711810 | SSL Dialup IPSec connection count may not match the connection list. |
713083 | FortiAnalyzer may show a No Data message for the Worldwide Threat Prevalence chart. |
Log View
Bug ID | Description |
---|---|
600083 | Endpoint Identification should always show the same user tied to the same session. |
604850 | The remote IP for SSL-VPN is showing as IPsec Remote IP. |
652076 | Log view may take a while to load with Custom Time Period. |
660792 | FortiAnalyzer-1000E may take a long time to download a filtered log view file. |
686258 | FortiAnalyzer may return No entry found when the Log View filter has many devices selected. |
686924 | Downloading CSV file contains
tunnel-up and tunnel-down VPN logs from other devices that belong to
different ADOMs. |
690922 | The event logs filter should display logs only from its own VDOM. |
694307 | When increasing in memory usage, FortiAnalyzer may stop receiving logs via OFTP from FortiGate devices. |
704410 | FortiAnalyzer may stop handling
logs and the oftpd process becomes non-responsive. |
711711 | Log filter may show unfiltered values. |
Others
Bug ID | Description |
---|---|
656370 | FortiAnalyzer SCP backup cannot be stopped. |
671711 | SQL database rebuild may not start and return ERROR: sqlplugind(690):receiver.c:96: socket 70 poll() failed. |
677494 |
FortiAnalyzer may return SQL
query error when creating temporary table Workaround: Please set ioc-rescan days to less than database compression days. |
679268 | FortiAnalyzer is not able to backup via SFTP on a custom port. |
681884 | HA synchronization may stall at random percentage. |
682997 | FortiAnalyzer may show fmgd
crash during boot up after upgrade. |
686491 |
Postgres may keep causing OoM
with segmentation faults on multiple processes. |
690271 | The sqllogd daemon may crash. |
693161 | When frequently accessing different pages, FortiAnalyzer's GUI may become sluggish and pages may not transition. |
696211 | Secondary FortiAnalyzer accepts FTP connections after disabling FortiRecorder. |
697654 | FortiAnalyzer may return duplicated data within log view JSON response. |
698780 | FortiAnalyzer may intermittently provide empty response to FortiView JSON requests. |
700562 | When creating a system admin user using JSON API, FortiAnalyzer may return an error: The data is invalid for selected url. |
702140 | The disable-module
setting resets to default after reboot. |
709699 | FortiAnalyzer may contain a few
siemdb crashes. |
710178 | FortiAnalyzer is listening on
TCP/3000 even though accept-aggregation is disabled. |
713826 | The diagnose test
application siemdbd 6 command may show wrong information after removing
the last ADOM with diagnose siem remove database. |
Reports
Bug ID |
Description |
---|---|
683668 | FortiClient report is always empty after enabled device filter. |
692097 | Report's sub-charts may not work after upgrade. |
704544 | Application icons may not be displayed in report. |
710409 | Top5-Users-By-Bandwidth drill-down chart result may contain SQL error. |
713189 |
Dataset and Intrusions-Timeline-By-Severity, may not list low severity intrusions. |
718579 | While creating new or editing an Output Profile, the body section does not take any input. |
720897 |
Scheduled Report may not run when the |
System Settings
Bug ID | Description |
---|---|
560895 | FortiAnalyzer should separate the Admin profile setting for Log and SoC views. |
613526 | FortiAnalyzer VM should prompt a warning when reaching the maximum ADOM limit. |
626636 | The Allow button may now work in HA configuration page. |
631709 | Email should successfully sent out from FortiAnalyzer with SMTPS TCP/465. |
634253 | ADOMs may disappear randomly from ADOM configuration while editing it. |
668901 | After enabling Collector mode, FortiAnalyzer may not show FortiView. |
681321 | Avatar may keep synchronizing which results in init sync cannot be finished. |
685892 | FortiAnalyzer is not sending SMTP EHLO message with fully-qualified hostname. |
689824 | After upgrade, log filter setting may set to Equal to for log forwarding. |
691798 | The secondary unit in FortiAnalyzer HA cluster may report HA cluster config-sync DOWN, cause=keepalive failure every couple of days. |
696041 | FortiAnalyzer SSO should support URI format in entity ID. |
708047 | They may be multiple devid ,
devname , or tz columns when log is forwarded in syslog. |
Common Vulnerabilities and Exposures
Visit https://fortiguard.com/psirt for more information.
Bug ID | CVE references |
---|---|
672953 |
FortiAnalyzer 6.4.6 is no longer vulnerable to the following CVE-Reference:
|