Fortinet black logo

Release Notes

Home FortiAnalyzer 7.0.0 Release Notes

Known Issues

7.0.0
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.3
6.2.2
6.2.1
6.2.0
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.10
5.2.9
5.2.7
5.2.6
5.2.5
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.0.13
5.0.12
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3
5.0.2
5.0.1
4.3.8
Copy Link
Copy Doc ID e9f08078-9b99-11eb-b70b-00505692583a:35134
Download PDF

Known Issues

The following issues have been identified in FortiAnalyzer version 7.0.0. To inquire about a particular bug or to report a bug, please contact Fortinet Customer Service & Support.

Device Manager

Bug ID Description
639479 FortiGate v6.0 with sub-ca certificate may not be able to establish oftp connection with FortiAnalyzer without sub-ca certificate.

Event Management

Bug ID

Description
691220 Event handler may not be triggered correctly when there is more than one match.

FortiView

Bug ID Description
579910 SOC should show AP SSIDs and clients from Event Logs when the Service Profile is in Bridge mode.
616675 Bandwidth may not match between FortiAnalyzer and FortiGate.
621453 FortiGate cannot get FortiClient's vulnerability detail information from FortiAnalyzer.
626530 Bytes Sent/Received should match between Top Destinations and Policy Hit charts under FortiView when filtered by the same policy ID.
640553 FortiView monitor WiFi widget is not showing Bridged SSID information.
641596 FortiAnalyzer may show No Data in User Vulnerabilities Summary widget.
642837 If Sandbox detection only supports FortiGate in Fabric ADOM, there should be an indication on GUI.
663930 Ports status is not correct in Secure SD-WAN monitor and SD-WAN Performance status.
667076 FortiView Top Cloud Users may show "no entry found" message but there is a session graph shown.
683525 The return lines may be incorrect after adding filters to Top Website Categories.
683580 The Not operation may not work for advanced filter.
685452 The Not filer filter may not work properly.
688141 FortiAnalyzer should be able to apply multiple negative filters from the same type.
707480 Top Threats (FortiClient) may only display Threat level LOW and Allowed incidents.
708006 Monitors > Endpoints does not show all FortiClient endpoints in the logs.
711810 SSL Dialup IPSec connection count may not match with connection list.

713083

FortiAnalyzer may show a No Data message for the Worldwide Threat Prevalence chart.

Log View

Bug ID Description
608139 Opening compressed FortiClient traffic file on FortiAnalyzer may cause other compressed FortiClient traffic logs to fail to open.
633393 Some IPS archive files do not contain whole Attack Context but only contain BODY that is part of Attack Context.
635598 FortiAnalyzer may not display Traffic Logs in Log View and return Web Server Error 500.
641013 After creating an ADOM for FortiMail, the ADOM is not visible on GUI and mail domain logs are not going to the default FortiMail ADOM.
653765 Some log files under Log Browse may contain a mix of event and traffic messages.
661094 In Log View, importing log may fail.
674027 Filtering FortiClient event logs with wildcard UID filter returns no data.

686924

Downloading CSV file contains tunnel-up and tunnel-down VPN logs from other devices that belong to different ADOMs.
704206 When filtering with Action and Source IP under the Traffic menu, the filter output may be incorrect with the combination of smart action with any other field.
711711 Log filter may show unfiltered values.

Others

Bug ID Description
584105 The /drive0/private/restapi/sync/fgt_intf_stat location may use too many inodes.
616355 FortiGate may display "SSL error" or "OFTP error" when testing connectivity with FortiAnalyzer.

625343

FortiAnalyzer may consume high on I/O resources every hour by fazwatch.
632971 FortiAnalyzer should have the ability to query CPU utilization on individual CPU core.
700562 When creating a system admin user using JSON API, FortiAnalyzer may return an error: The data is invalid for selected url.
701753 SIEM database should be trimmed at the same time when quota enforcement occurs.

724625

Upgrade from 6.4.6 to 7.0.0 will result in all configuration being lost.

Reports

Bug ID Description
628823 FortiAnalyzer is not generating all local Event logs for reports.
653207 FortiAnalyzer may have incorrect dataset queries without considering the direction field.
677090 Report filter may not work with devname.
683668 The FortiClient report is always empty after enabling device filter.

692097

Report sub-charts may not work after upgrade.

System Settings

Bug ID Description
630654 Imported logs may not sync to slave.
634253 ADOMs may disappear randomly from ADOM configuration while editing it.

638380

FortiAnalyzer may accept invalid dashboard configurations which may break some widgets.
666767 When log forwarding is enabled, there may be logfwd crashes with high log rate.
669402 FortiAnalyzer may not time out admin session after many hours.
673591 FortiAnalyzer may return error, cfgerror:1, when editing and saving an admin user.
Previous
Next

Known Issues

The following issues have been identified in FortiAnalyzer version 7.0.0. To inquire about a particular bug or to report a bug, please contact Fortinet Customer Service & Support.

Device Manager

Bug ID Description
639479 FortiGate v6.0 with sub-ca certificate may not be able to establish oftp connection with FortiAnalyzer without sub-ca certificate.

Event Management

Bug ID

Description
691220 Event handler may not be triggered correctly when there is more than one match.

FortiView

Bug ID Description
579910 SOC should show AP SSIDs and clients from Event Logs when the Service Profile is in Bridge mode.
616675 Bandwidth may not match between FortiAnalyzer and FortiGate.
621453 FortiGate cannot get FortiClient's vulnerability detail information from FortiAnalyzer.
626530 Bytes Sent/Received should match between Top Destinations and Policy Hit charts under FortiView when filtered by the same policy ID.
640553 FortiView monitor WiFi widget is not showing Bridged SSID information.
641596 FortiAnalyzer may show No Data in User Vulnerabilities Summary widget.
642837 If Sandbox detection only supports FortiGate in Fabric ADOM, there should be an indication on GUI.
663930 Ports status is not correct in Secure SD-WAN monitor and SD-WAN Performance status.
667076 FortiView Top Cloud Users may show "no entry found" message but there is a session graph shown.
683525 The return lines may be incorrect after adding filters to Top Website Categories.
683580 The Not operation may not work for advanced filter.
685452 The Not filer filter may not work properly.
688141 FortiAnalyzer should be able to apply multiple negative filters from the same type.
707480 Top Threats (FortiClient) may only display Threat level LOW and Allowed incidents.
708006 Monitors > Endpoints does not show all FortiClient endpoints in the logs.
711810 SSL Dialup IPSec connection count may not match with connection list.

713083

FortiAnalyzer may show a No Data message for the Worldwide Threat Prevalence chart.

Log View

Bug ID Description
608139 Opening compressed FortiClient traffic file on FortiAnalyzer may cause other compressed FortiClient traffic logs to fail to open.
633393 Some IPS archive files do not contain whole Attack Context but only contain BODY that is part of Attack Context.
635598 FortiAnalyzer may not display Traffic Logs in Log View and return Web Server Error 500.
641013 After creating an ADOM for FortiMail, the ADOM is not visible on GUI and mail domain logs are not going to the default FortiMail ADOM.
653765 Some log files under Log Browse may contain a mix of event and traffic messages.
661094 In Log View, importing log may fail.
674027 Filtering FortiClient event logs with wildcard UID filter returns no data.

686924

Downloading CSV file contains tunnel-up and tunnel-down VPN logs from other devices that belong to different ADOMs.
704206 When filtering with Action and Source IP under the Traffic menu, the filter output may be incorrect with the combination of smart action with any other field.
711711 Log filter may show unfiltered values.

Others

Bug ID Description
584105 The /drive0/private/restapi/sync/fgt_intf_stat location may use too many inodes.
616355 FortiGate may display "SSL error" or "OFTP error" when testing connectivity with FortiAnalyzer.

625343

FortiAnalyzer may consume high on I/O resources every hour by fazwatch.
632971 FortiAnalyzer should have the ability to query CPU utilization on individual CPU core.
700562 When creating a system admin user using JSON API, FortiAnalyzer may return an error: The data is invalid for selected url.
701753 SIEM database should be trimmed at the same time when quota enforcement occurs.

724625

Upgrade from 6.4.6 to 7.0.0 will result in all configuration being lost.

Reports

Bug ID Description
628823 FortiAnalyzer is not generating all local Event logs for reports.
653207 FortiAnalyzer may have incorrect dataset queries without considering the direction field.
677090 Report filter may not work with devname.
683668 The FortiClient report is always empty after enabling device filter.

692097

Report sub-charts may not work after upgrade.

System Settings

Bug ID Description
630654 Imported logs may not sync to slave.
634253 ADOMs may disappear randomly from ADOM configuration while editing it.

638380

FortiAnalyzer may accept invalid dashboard configurations which may break some widgets.
666767 When log forwarding is enabled, there may be logfwd crashes with high log rate.
669402 FortiAnalyzer may not time out admin session after many hours.
673591 FortiAnalyzer may return error, cfgerror:1, when editing and saving an admin user.
Previous
Next