CSF cannot be formed when including FortiGate-6000 or FortiGate-7000 series as blades are not prompted on Device Manager.

Device Manager may not show FortiGate Fabric members under the root Fabric tree.

FortiAnalyzer may incorrectly detect FortiNAC firmware version.

FortiAnalyzer may not show rescan icon, and drill-down for rescan may show an empty page.

FortiAnalyzer may not be able to cancel IOC re-scan task.

Policy Name may not show up under FortiView > Traffic > Policy Hits > Policy Column for policies with name information.

SD-WAN Monitor may show incorrect bandwidth.

Top Cloud Applications may show 0 KB utilization under the Bandwidth column.

FortiView widgets may take a very long time to load.

FortiView Secure SD-WAN and Secure SD WAN report should display correct information for Health Checker's packet loss.

Monitor should be able to show values with faster response time.

Exporting to report chart may fail for "Top Apps by Installs fails".

In Log View, importing log may fail.

Filtering FortiClient event logs with wildcard "UID" filter returns no data.

FortiAnalyzer may show duplicated entries when filtering real-time logs in Log View.

oftpd may not work properly if many log requests are received at the same time.

FortiAnalyzer may not handle many re-connection requests causing FortiGate devices log system event on disconnecting or connecting.

ADOM archive should not be higher than the configured value.

Bandwidth data from SD-WAN event logs may not be inserted.

FortiAnalyzer may be showing two VDOMs, root and default, in Log Browse for FortiClient devices.

FortiAnalyzer may stop receiving logs every day until it has been rebooted.

FortiAnalyzer Log View filter vanishes after displayed log details and returns to the log page with filter.

ForiGate may show, "Failed to get FAZ's status. Authentication Failed. (-19)", when the device has been authorized and sending logs to FortiAnalyzer.

FortiAnalyzer should support more than 128 characters with the "from" and "to" log fields for FortiMail's History logs.

FortiAnalyzer may gradually stop to receiving logs due to leaks in receiving buffers.

FortiAnalyzer shows improper subject field values for FortiMail logs and in log details when the log has Cyrillic symbols.

FortiAnalyzer stops receiving logs randomly and CPU utilization by OFTPD spikes to 100%.

FortiAnalyzer should change login-max and docker-user-login-max range from 1-32 to 1-256.

When using the operator ">=" for "Greater than or Equal to" in FortiAnalyzer CLI, it does not accept the syntax and throws an error.

SNMPv3 engineBoots may not properly be initialized.

SIEM database should be trimmed at the same time when quota enforcement occurs.

When FortiAnalyzer is changed to Collector mode, siemdb should automatically stop working.

The login interface may crash if user inputs pre-login banner text in encoding other than UTF-8.

User with read-only permissions cannot get the list of ADOMs via JSON request.

High CPU usage has been observed after firmware upgrade (v5.6.8 to v6.4.5).

FortiAnalyzer requires a FortiGuard Indicators of Compromised license in order to see compromised hosts.

The "diag dvm support list" does not have FrotiWeb v6.4.0 GA and FortiMail v7.0.0 GA.

FortiAnalyzer HA may use high memory usage.

Several extra ports are opened when scanning FortiAnalyzer HA cluster's virtual IP.

Fortilogd may not write logs for FortiGate-401E-DC.

HMAC given in log-checksum md5-auth option does not match.

There may be multiple siemdbd crashes on "redisAppendCommand".

Log disk usage may frequently reach 99% due to calculation on the siemdb size.

There may no a lot of errors showing "could not read block 0 in file" in pgsvr.log.

When rebuilding database on the FortiAnalyzer HA's secondary unit, it may stuck at 1%.

Under Microsoft Azure, FortiAnalyzer HA's secondary IP does not move to new primary after HA failover.

FortiAnalyzer may frequently send 'csf-check' requests causing miglogd consuming 99% of the CPU resources.

The sqllogd may take a long time to startup.

Several old files on "/drive0/private" did not clean automatically.

Disk I/O is at 100% with no log insertion due to a device is wrongly recognized as a cell phone with multiple IP addresses.

Running the default report User Detailed Browsing Log finishes successfully without displaying any data.

GUI's scrollbar shows up partially on Output Profile configuration.

Template Secure SD-WAN Report may not show a graphic that includes both the SLA Name Object and WAN Interface fields.

Cyber Threat Assessment should show IPS attack count 0 when there are no IPS logs.

Syslog server can only send via UDP, and not TCP with TLS option configured.

An existing log forwarding entry is gone after its status changed from On to Off.

FortiAnalyzer HA cluster always uses VIP for log forwarding to server instead of another interface.

When Device Manager's permission is set at Read-Write and System Settings' permission is set at Read-Only, SAML login user cannot create new or edit ADOM.

RADIUS authentication using mschap2 may not work.

FortiAnalyzer may show ADOM that stores logs that exceeds FortiAnalyzer log storage criteria.

FortiAnalyzer should have time zone information for local logs.

The forwarded CEF start time is different than the original timestamp of the log.

Swap file size is restricted and can not be increased when storage is less than 1TB.

Several FortiAnalyzer service and daemons crashed due to the swap file size restriction.

Archive percentage should not exceed more than 100% of the disk space allocated.