Known Issues
The following issues have been identified in FortiAnalyzer version 7.0.0. To inquire about a particular bug or to report a bug, please contact Fortinet Customer Service & Support.
Device Manager
Bug ID | Description |
---|---|
639479 | FortiGate v6.0 with sub-ca certificate may not be able to establish oftp connection with FortiAnalyzer without sub-ca certificate. |
Event Management
Bug ID |
Description |
---|---|
691220 | Event handler may not be triggered correctly when there is more than one match. |
FortiView
Bug ID | Description |
---|---|
579910 | SOC should show AP SSIDs and clients from Event Logs when the Service Profile is in Bridge mode. |
616675 | Bandwidth may not match between FortiAnalyzer and FortiGate. |
621453 | FortiGate cannot get FortiClient's vulnerability detail information from FortiAnalyzer. |
626530 | Bytes Sent/Received should match between Top Destinations and Policy Hit charts under FortiView when filtered by the same policy ID. |
640553 | FortiView monitor WiFi widget is not showing Bridged SSID information. |
641596 | FortiAnalyzer may show No Data in User Vulnerabilities Summary widget. |
642837 | If Sandbox detection only supports FortiGate in Fabric ADOM, there should be an indication on GUI. |
663930 | Ports status is not correct in Secure SD-WAN monitor and SD-WAN Performance status. |
667076 | FortiView Top Cloud Users may show "no entry found" message but there is a session graph shown. |
683525 | The return lines may be incorrect after adding filters to Top Website Categories. |
683580 | The Not operation may not work for advanced filter. |
685452 | The Not filer filter may not work properly. |
688141 | FortiAnalyzer should be able to apply multiple negative filters from the same type. |
707480 | Top Threats (FortiClient) may only display Threat level LOW and Allowed incidents. |
708006 | Monitors > Endpoints does not show all FortiClient endpoints in the logs. |
711810 | SSL Dialup IPSec connection count may not match with connection list. |
713083 |
FortiAnalyzer may show a No Data message for the Worldwide Threat Prevalence chart. |
Log View
Bug ID | Description |
---|---|
608139 | Opening compressed FortiClient traffic file on FortiAnalyzer may cause other compressed FortiClient traffic logs to fail to open. |
633393 | Some IPS archive files do not contain whole Attack Context but only contain BODY that is part of Attack Context. |
635598 | FortiAnalyzer may not display Traffic Logs in Log View and return Web Server Error 500. |
641013 | After creating an ADOM for FortiMail, the ADOM is not visible on GUI and mail domain logs are not going to the default FortiMail ADOM. |
653765 | Some log files under Log Browse may contain a mix of event and traffic messages. |
661094 | In Log View, importing log may fail. |
674027 | Filtering FortiClient event logs with wildcard UID filter returns no data. |
686924 |
Downloading CSV file contains tunnel-up and tunnel-down VPN logs from other devices that belong to different ADOMs. |
704206 | When filtering with Action and Source IP under the Traffic menu, the filter output may be incorrect with the combination of smart action with any other field. |
711711 | Log filter may show unfiltered values. |
Others
Bug ID | Description |
---|---|
584105 | The
/drive0/private/restapi/sync/fgt_intf_stat location may use too many inodes. |
616355 | FortiGate may display "SSL error" or "OFTP error" when testing connectivity with FortiAnalyzer. |
625343 |
FortiAnalyzer may consume high on I/O resources every hour by fazwatch. |
632971 | FortiAnalyzer should have the ability to query CPU utilization on individual CPU core. |
700562 | When creating a system admin user using JSON API, FortiAnalyzer may return an error: The data is invalid for selected url. |
701753 | SIEM database should be trimmed at the same time when quota enforcement occurs. |
724625 |
Upgrade from 6.4.6 to 7.0.0 will result in all configuration being lost. |
Reports
Bug ID | Description |
---|---|
628823 | FortiAnalyzer is not generating all local Event logs for reports. |
653207 | FortiAnalyzer may have incorrect dataset queries without considering the direction field. |
677090 | Report filter may not work with devname. |
683668 | The FortiClient report is always empty after enabling device filter. |
692097 |
Report sub-charts may not work after upgrade. |
System Settings
Bug ID | Description |
---|---|
630654 | Imported logs may not sync to slave. |
634253 | ADOMs may disappear randomly from ADOM configuration while editing it. |
638380 |
FortiAnalyzer may accept invalid dashboard configurations which may break some widgets. |
666767 | When log forwarding is enabled, there may be logfwd crashes with high log rate. |
669402 | FortiAnalyzer may not time out admin session after many hours. |
673591 | FortiAnalyzer may return error, cfgerror:1, when editing and saving an admin user. |