Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.0.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiAnalyzer 7.0.0 Release Notes
    7.0.0
    8.0.0
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.11
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.11
    5.6.10
    5.6.9
    5.6.8
    5.6.7
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.4.7
    5.4.6
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.2.10
    5.2.9
    5.2.7
    5.2.6
    5.2.5
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.0.13
    5.0.12
    5.0.11
    5.0.10
    5.0.9
    5.0.8
    5.0.7
    5.0.6
    5.0.5
    5.0.4
    5.0.3
    5.0.2
    5.0.1
    4.3.8

    Known Issues

    Known Issues

    The following issues have been identified in FortiAnalyzer version 7.0.0. To inquire about a particular bug or to report a bug, please contact Fortinet Customer Service & Support.

    Device Manager

    Bug ID Description
    639479 FortiGate v6.0 with sub-ca certificate may not be able to establish oftp connection with FortiAnalyzer without sub-ca certificate.

    Event Management

    Bug ID

    Description
    691220 Event handler may not be triggered correctly when there is more than one match.

    FortiView

    Bug ID Description
    579910 SOC should show AP SSIDs and clients from Event Logs when the Service Profile is in Bridge mode.
    616675 Bandwidth may not match between FortiAnalyzer and FortiGate.
    621453 FortiGate cannot get FortiClient's vulnerability detail information from FortiAnalyzer.
    626530 Bytes Sent/Received should match between Top Destinations and Policy Hit charts under FortiView when filtered by the same policy ID.
    640553 FortiView monitor WiFi widget is not showing Bridged SSID information.
    641596 FortiAnalyzer may show No Data in User Vulnerabilities Summary widget.
    642837 If Sandbox detection only supports FortiGate in Fabric ADOM, there should be an indication on GUI.
    663930 Ports status is not correct in Secure SD-WAN monitor and SD-WAN Performance status.
    667076 FortiView Top Cloud Users may show "no entry found" message but there is a session graph shown.
    683525 The return lines may be incorrect after adding filters to Top Website Categories.
    683580 The Not operation may not work for advanced filter.
    685452 The Not filer filter may not work properly.
    688141 FortiAnalyzer should be able to apply multiple negative filters from the same type.
    707480 Top Threats (FortiClient) may only display Threat level LOW and Allowed incidents.
    708006 Monitors > Endpoints does not show all FortiClient endpoints in the logs.
    711810 SSL Dialup IPSec connection count may not match with connection list.

    713083

    FortiAnalyzer may show a No Data message for the Worldwide Threat Prevalence chart.

    Log View

    Bug ID Description
    608139 Opening compressed FortiClient traffic file on FortiAnalyzer may cause other compressed FortiClient traffic logs to fail to open.
    633393 Some IPS archive files do not contain whole Attack Context but only contain BODY that is part of Attack Context.
    635598 FortiAnalyzer may not display Traffic Logs in Log View and return Web Server Error 500.
    641013 After creating an ADOM for FortiMail, the ADOM is not visible on GUI and mail domain logs are not going to the default FortiMail ADOM.
    653765 Some log files under Log Browse may contain a mix of event and traffic messages.
    661094 In Log View, importing log may fail.
    674027 Filtering FortiClient event logs with wildcard UID filter returns no data.

    686924

    Downloading CSV file contains tunnel-up and tunnel-down VPN logs from other devices that belong to different ADOMs.
    704206 When filtering with Action and Source IP under the Traffic menu, the filter output may be incorrect with the combination of smart action with any other field.
    711711 Log filter may show unfiltered values.

    Others

    Bug ID Description
    584105 The /drive0/private/restapi/sync/fgt_intf_stat location may use too many inodes.
    616355 FortiGate may display "SSL error" or "OFTP error" when testing connectivity with FortiAnalyzer.

    625343

    FortiAnalyzer may consume high on I/O resources every hour by fazwatch.
    632971 FortiAnalyzer should have the ability to query CPU utilization on individual CPU core.
    700562 When creating a system admin user using JSON API, FortiAnalyzer may return an error: The data is invalid for selected url.
    701753 SIEM database should be trimmed at the same time when quota enforcement occurs.

    724625

    Upgrade from 6.4.6 to 7.0.0 will result in all configuration being lost.

    Reports

    Bug ID Description
    628823 FortiAnalyzer is not generating all local Event logs for reports.
    653207 FortiAnalyzer may have incorrect dataset queries without considering the direction field.
    677090 Report filter may not work with devname.
    683668 The FortiClient report is always empty after enabling device filter.

    692097

    Report sub-charts may not work after upgrade.

    System Settings

    Bug ID Description
    630654 Imported logs may not sync to slave.
    634253 ADOMs may disappear randomly from ADOM configuration while editing it.

    638380

    FortiAnalyzer may accept invalid dashboard configurations which may break some widgets.
    666767 When log forwarding is enabled, there may be logfwd crashes with high log rate.
    669402 FortiAnalyzer may not time out admin session after many hours.
    673591 FortiAnalyzer may return error, cfgerror:1, when editing and saving an admin user.
    Previous
    Next

    Known Issues

    Known Issues

    The following issues have been identified in FortiAnalyzer version 7.0.0. To inquire about a particular bug or to report a bug, please contact Fortinet Customer Service & Support.

    Device Manager

    Bug ID Description
    639479 FortiGate v6.0 with sub-ca certificate may not be able to establish oftp connection with FortiAnalyzer without sub-ca certificate.

    Event Management

    Bug ID

    Description
    691220 Event handler may not be triggered correctly when there is more than one match.

    FortiView

    Bug ID Description
    579910 SOC should show AP SSIDs and clients from Event Logs when the Service Profile is in Bridge mode.
    616675 Bandwidth may not match between FortiAnalyzer and FortiGate.
    621453 FortiGate cannot get FortiClient's vulnerability detail information from FortiAnalyzer.
    626530 Bytes Sent/Received should match between Top Destinations and Policy Hit charts under FortiView when filtered by the same policy ID.
    640553 FortiView monitor WiFi widget is not showing Bridged SSID information.
    641596 FortiAnalyzer may show No Data in User Vulnerabilities Summary widget.
    642837 If Sandbox detection only supports FortiGate in Fabric ADOM, there should be an indication on GUI.
    663930 Ports status is not correct in Secure SD-WAN monitor and SD-WAN Performance status.
    667076 FortiView Top Cloud Users may show "no entry found" message but there is a session graph shown.
    683525 The return lines may be incorrect after adding filters to Top Website Categories.
    683580 The Not operation may not work for advanced filter.
    685452 The Not filer filter may not work properly.
    688141 FortiAnalyzer should be able to apply multiple negative filters from the same type.
    707480 Top Threats (FortiClient) may only display Threat level LOW and Allowed incidents.
    708006 Monitors > Endpoints does not show all FortiClient endpoints in the logs.
    711810 SSL Dialup IPSec connection count may not match with connection list.

    713083

    FortiAnalyzer may show a No Data message for the Worldwide Threat Prevalence chart.

    Log View

    Bug ID Description
    608139 Opening compressed FortiClient traffic file on FortiAnalyzer may cause other compressed FortiClient traffic logs to fail to open.
    633393 Some IPS archive files do not contain whole Attack Context but only contain BODY that is part of Attack Context.
    635598 FortiAnalyzer may not display Traffic Logs in Log View and return Web Server Error 500.
    641013 After creating an ADOM for FortiMail, the ADOM is not visible on GUI and mail domain logs are not going to the default FortiMail ADOM.
    653765 Some log files under Log Browse may contain a mix of event and traffic messages.
    661094 In Log View, importing log may fail.
    674027 Filtering FortiClient event logs with wildcard UID filter returns no data.

    686924

    Downloading CSV file contains tunnel-up and tunnel-down VPN logs from other devices that belong to different ADOMs.
    704206 When filtering with Action and Source IP under the Traffic menu, the filter output may be incorrect with the combination of smart action with any other field.
    711711 Log filter may show unfiltered values.

    Others

    Bug ID Description
    584105 The /drive0/private/restapi/sync/fgt_intf_stat location may use too many inodes.
    616355 FortiGate may display "SSL error" or "OFTP error" when testing connectivity with FortiAnalyzer.

    625343

    FortiAnalyzer may consume high on I/O resources every hour by fazwatch.
    632971 FortiAnalyzer should have the ability to query CPU utilization on individual CPU core.
    700562 When creating a system admin user using JSON API, FortiAnalyzer may return an error: The data is invalid for selected url.
    701753 SIEM database should be trimmed at the same time when quota enforcement occurs.

    724625

    Upgrade from 6.4.6 to 7.0.0 will result in all configuration being lost.

    Reports

    Bug ID Description
    628823 FortiAnalyzer is not generating all local Event logs for reports.
    653207 FortiAnalyzer may have incorrect dataset queries without considering the direction field.
    677090 Report filter may not work with devname.
    683668 The FortiClient report is always empty after enabling device filter.

    692097

    Report sub-charts may not work after upgrade.

    System Settings

    Bug ID Description
    630654 Imported logs may not sync to slave.
    634253 ADOMs may disappear randomly from ADOM configuration while editing it.

    638380

    FortiAnalyzer may accept invalid dashboard configurations which may break some widgets.
    666767 When log forwarding is enabled, there may be logfwd crashes with high log rate.
    669402 FortiAnalyzer may not time out admin session after many hours.
    673591 FortiAnalyzer may return error, cfgerror:1, when editing and saving an admin user.
    Previous
    Next