Resolved Issues
The following issues have been fixed in FortiAnalyzer version 7.2.2. To inquire about a particular bug, please contact Customer Service & Support.
Device Manager
Bug ID | Description |
---|---|
798197 | Under the Device Manager, FortiAnalyzer does not show the color of the logging devices properly (red or green). |
814008 |
Sort function for logs and average log rate (logs/sec) does not work in Device Manager. |
819664 | Under Device Manager, Average Log Rate is displayed zero for FortiGates HA Cluster. |
824296 |
FortiAnalyzer does not show the "root VDOM" under its Device Manager. |
827276 | FortiAnalyzer does not let all VDOMs to be added to the Device Manager if FortiGates has more than 10 VDOMs. |
833448 |
The device SYSLOG-00000000 appears repeatedly even after being removed from the unregistered devices. |
835653 | The FortiGate's IP address and firmware version are not updated when FortiGates are added manually to a non-root ADOM. |
837310 | FortiAnalyzer does not show the correct IP addresses and firmware versions for its registered FortiGates. |
838727 |
Log Status of the Devices are displayed red when the Primary has a zero lograte. |
846904 |
Under the Device Manager, the Average Log Rates are not displayed. |
Event Management
Bug ID | Description |
---|---|
825422 | FortiAnalyzer Event Handler does not trigger any alerts when Log Field has been set to Virtual Domain (vd). |
FortiSOC
Bug ID | Description |
---|---|
757650 | Wrong device name (devname) is filled in event email notification. |
775589 |
FortiAnalyzer does not provide any details on status of Fabric Connectors. |
833991 | FortiOS connector does not display health status of the Security Fabric members. |
848284 | Despite having relevant event logs, created playbook does not get triggered. |
849070 | Playbook runs successfully on the FortiAnalyzer, but there is not any stitches triggered on the FortiGate. |
FortiView
Bug ID | Description |
---|---|
727056 | SD-WAN Monitor may show incorrect bandwidth. |
744791 |
"Failed Authentication Attempts" logs under the System tab of FortiView are blanks. |
798347 | The Filter in FortiView does not properly work for Compromised Hosts. |
798471 | Top SD-WAN Device Throughput widget is displaying wrong numbers. |
818077 | Top application axis labels are not displayed correctly in Monitor section. |
841717 |
The Data displayed on FortiView is inconsistent with the exported "Top Website Domains" PDF report. |
856094 |
Browsing time displayed "0s" for 'streaming media and download' category in the 'Top Website Categories' under the FortiView's 'Applications & Websites' tab. |
Log View
Bug ID | Description |
---|---|
696451 | Detected files by Content Disarm and Reconstruction (CDR) cannot be stored/quarantined to FortiAnalyzer despite quarantine destination set to FortiAnalyzer. |
797985 | After downloading the IPS logs, the "cve field" is missing. |
816490 | In Log Browse, for HA devices, only primary device's log files are displayed . |
836777 | When admin profile is set as "Read-Only", Add Filter under the LogView/FortiView displays no fields. |
837554 | The Fabric log contains "::ffff:" prefix in front of the value of any IPv4 related fields. |
839350 | Devices' entries under the Log Group of the Log View are not displayed. |
855783 |
FortiAnalyzer event log file cannot be downloaded in CSV format. |
858682 |
The data icon under the Log View for ADOM FortiMail/FortiWeb do not properly display the log details. |
Others
Bug ID | Description |
---|---|
779943 | High memory usage has been observed when creating dataset or running reports on FortiAnalyzer. |
809133 | Several process crashes (logfwd/filefwd/clusterd), which have been observed when loading the devices from Device Manager, made FortiAnalyzer unable to show any logs. |
818118 | Logs between HA members are not synched. |
822619 | Missing values when retrieving logstats using the JSON API requests. |
825927 | FortiAnalyzer does not provide access to all available tiles under the FortiAuthenticator ADOM. |
827787 | The CPU and Disk I/O usage of the FortiAnalyzer appear to be constantly high. |
829869 | When FortiAnalyzer is working on Collector Mode, system storage size increases over time; hence, FortiAnalyzer might stop receiving new logs. |
837657 | Creating ADOMs using JSON API, default ADOM configs like report, datasets, charts, etc. are not created. |
838031 | FortiAnalyzer GUI does not display the "Rebuilding ADOM DB" in progress anymore. |
838182 |
Logs are not being inserted into the secondary FortiAnalyzer. |
839191 |
The HA config-sync status issue creates the sync failure frequently. |
839910 | The diagnose test
application oftpd command does not display any outputs for some
FortiGate devices registered on FortiAnalyzer. |
841622 | FortiAnalyzer does not download the IOC DB updates when FortiManager acts as the local FortiGuard Server. |
845871 |
FortiAnalyzer stopped accepting logs and status of the devices turned into red. |
846315 |
FortiAnalyzer does not display ADOM FortiNAC. |
860113 |
The primary FortiAnalyzer can show the logs in Log View. The synchronization between primary and secondary fails and the secondary doesn't show the last logs. |
Reports
Bug ID | Description |
---|---|
704187 | "Bandwidth and Application" Report's data does not match with the Top Application data on FortiView. |
722233 | The generated report does not display data but its dataset query contains data. |
764194 | Playbooks run_report fails with "missing device(s)" if "Playbook Starter" as devices filter is selected. |
768843 | FortiAnalyzer does not support importing outbreak alert reports to ADOM type FortiGate. |
771072 |
Secure SD-WAN CSV report does not show device names for charts. |
788801 | "Throughput utilization billing report" does not display the complete data for the "yesterday" time-period. |
835422 | FortiAnalyzer does not display any data on its report when group filter and LDAP query is being used. |
837395 | "Show Top" & "Drilldown Top" preview features under the "Edit Chart" do not display the chart based on the selected values. |
841750 |
The report does not display any data for its tables. |
844563 | Hodex Time shown on table chart does not match with the configured time period for the previous XX days in report. |
844975 | The command "execute
remove reports " does not remove the reports. |
848573 | When specifying FortiWiFi as devices, "SD-WAN Device Link Bandwidth" and "SD-WAN Device Rules Donut Bandwidth" charts do not display any data. |
876136 |
When running reports for all devices "Unknown SN" on the detailed device list can be observed. |
System Settings
Bug ID | Description |
---|---|
478401 | FortiAnalyzer shows an unnecessary warning message "Analytic is using 0% of allocated disk space", which can be very confusing. |
630654 |
Imported logs may not sync to slave. |
752111 | Traffic, Security, and Event logs section under the Log View tab are missing for Primary HA. |
759601 | FortiAnalyzer using Azure AD SAML SSO may show "invalid_logout_response_error" after logout. |
782431 |
SNMPv3 stopped working after upgrading. |
803074 | The sorting feature does not work correctly for storage info columns under the System Settings. |
817558 | Log Forwarding/Device filter window does not allow users to save/cancel the changes. |
829015 | "Privacy Masking" feature does not work properly for admins whose admin type utilizes "Remote Authentication Server". |
832973 | Analytics and Archive details are missing from "Edit Log Storage Policy". |
837203 | Unable to fetch logs between FortiAnalyzer devices due to Invalid cross-device link error. |
842943 | After upgrading FortiAnalyzer, "fortinet-ca2" is missing under the CA Certificates; this prevents devices to establish connections to FortiAnalyzer. |
849824 |
Under the Event's System logs, adding Filter "Fortiguard web filter services are NOT reachable" does not display any logs. |
853855 |
The log forwarding filter does not seem to work properly as expected on FortiAnalyzer. |
Common Vulnerabilities and Exposures
Visit https://fortiguard.com/psirt for more information.
Bug ID | CVE references |
---|---|
839861 |
FortiAnalyzer 7.2.2 is no longer vulnerable to the following CVE Reference:
|
862266 |
FortiAnalyzer 7.2.2 is no longer vulnerable to the following CVE Reference:
|
866168 |
FortiAnalyzer 7.2.2 is no longer vulnerable to the following CVE Reference:
|
868880 |
FortiAnalyzer 7.2.2 is no longer vulnerable to the following CVE Reference:
|
872712 |
FortiAnalyzer 7.2.2 is no longer vulnerable to the following CVE Reference:
|