Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Resolved Issues

The following issues have been fixed in FortiAnalyzer version 7.0.2. For inquires about a particular bug, please contact Customer Service & Support.

Device Manager

Bug ID Description

639479

FortiGate v6.0 with sub-ca certificate may not be able to establish oftp connection with FortiAnalyzer without sub-ca certificate.

687527 CSF cannot be formed when including FortiGate-6000 or FortiGate-7000 series, as blades are not prompted on Device Manager.

724753

Display hidden units is not clickable when there is no unauthorized non-hidden devices present.

731063 FortiAnalyzer supports FortiAuthenticator-300F.

FortiSOC

Bug ID

Description

747193 FortiSoC EMS connector playbook may result in name error.

FortiView

Bug ID

Description

579910 SOC should show AP SSIDs and clients from Event Logs when the Service Profile is in Bridge mode.
640553 FortiView monitor WiFi widget is not showing Bridged SSID information.
678044 FortiAnalyzer may not show rescan icon, and drill-down for rescan may show an empty page.
691570 FortiAnalyzer may not be able to cancel IoC re-scan task.
719441 FortiView may return sql-report dataset query error when Export to Report Chart in FortiClient Software inventory.
722443 Top Destinations on FortiView may not display the correct information.

723799

Policy Name may not show up under FortiView > Traffic > Policy Hits > Policy Column for policies with name information.

724435 SD-WAN performance status widget may be empty if one of the SD-WAN members is down.
726637 FortiAnalyzer should be able to filter on device name and show the device name field properly in the Result column.
731348 FortiView may not apply country filter correctly.
733145 The SD-WAN Events widget may display Invalid params: device: only alphanumerics, '_', '-' and one pair of '[',']' are valid characters.
734359 FortiAnalyzer may return error when applying source IP filter and exporting data to PDF with Top Browsing Users.
735153 IoC incorrectly shows internal host as infected while IPS attack is initiated from outside.
735724 FortiView Monitors page may be showing two Traffic dashboards or VPN dashboards.

748014

FortiView may throw an exception when adding filters for Top Endpoint Vulnerabilities (FortiClient).

Log View

Bug ID Description
656507 FortiAnalyzer may lose sorting when clicking the header column in Log Browse.
661094 In Log View, importing logs may fail.
674027 Filtering FortiClient event logs with wildcard UID filter returns no data.
717160 FortiAnalyzer may show duplicated entries when filtering real-time logs in Log View.
726340 oftpd may not work properly if many log requests are received at the same time.
727355 FortiAnalyzer may take very long time on log searches.
745724 Bandwidth data from SD-WAN event logs may not be inserted.

Others

Bug ID Description
615795 Some IPS packets may be missing on FortiAnalyzer.
621473 FortiSOC is missing in cloud-based VMs.
682539 Local Connector Update Endpoint may fail due to endpoint's record contains unicode characters.
687180 When using the operator >= for "Greater than or Equal to" in FortiAnalyzer CLI, it does not accept the syntax and throws an error.
716576 User with read-only permissions cannot get the list of ADOMs via JSON request.
726012 FortiAnalyzer requires a FortiGuard Indicators of Compromise license in order to see compromised hosts.
726782 The percent of used memory is much higher in 7.0 than 6.4.
729741 An error message may appear on console during upgrade.
730554 FortiAnalyzer HA may use high memory usage.
731070 FortiAnalyzer should add support for FortiNAC v9.1 in supported-platforms.
731319 There may be high memory usage on logfwd with FortiAnalyzer collector.
733792 JSON RPC may fail with code -32603.
735510 sqllogd may cause high memory usage.
744293 Several extra ports are opened when scanning FortiAnalyzer HA cluster's virtual IP.
744918 fortilogd may not write logs for FortiGate-401E-DC.
745025 HMAC given in log-checksum md5-auth option does not match.
746022 There may be multiple siemdbd crashes on redisAppendCommand.
746625 siemagentd may crash.

Reports

Bug ID Description
677090 Report Filter may not work with devname.
715680 Default chart VPN User Logins may return different values in two reports for the same device or data range.
726688 All predefined report/template/chart/macro/dataset may be missing from newly created ADOM after a reboot.
728923 Log type selector for FortiGate has duplicate traffic log field names due to FortiClient Traffic is changed to Traffic.
734152 Report group filter may not work in FortiProxy ADOM.
734167 Report log field filter drop-down may be missing pick-list in non FortiGate ADOM.
744024 FortiAnalyzer is unable to disable and remove reports from hidden ADOM.
744915 FortiView summary does not match with the sessions shown in the session table.

System Settings

Bug ID Description
672273 Initial data sync may never finish on Azure or GCP HA cluster unless "diag test app clusterd 97 init-sync done" is run.
710986 An existing log forwarding entry is gone after its status changed from On to Off.
721627 FortiAnalyzer HA cluster always uses VIP for log forwarding to server instead of another interface.
730296 RADIUS authentication using mschap2 may not work.
739136 Task monitor shows incorrect user for newly created ADOM.

Resolved Issues

The following issues have been fixed in FortiAnalyzer version 7.0.2. For inquires about a particular bug, please contact Customer Service & Support.

Device Manager

Bug ID Description

639479

FortiGate v6.0 with sub-ca certificate may not be able to establish oftp connection with FortiAnalyzer without sub-ca certificate.

687527 CSF cannot be formed when including FortiGate-6000 or FortiGate-7000 series, as blades are not prompted on Device Manager.

724753

Display hidden units is not clickable when there is no unauthorized non-hidden devices present.

731063 FortiAnalyzer supports FortiAuthenticator-300F.

FortiSOC

Bug ID

Description

747193 FortiSoC EMS connector playbook may result in name error.

FortiView

Bug ID

Description

579910 SOC should show AP SSIDs and clients from Event Logs when the Service Profile is in Bridge mode.
640553 FortiView monitor WiFi widget is not showing Bridged SSID information.
678044 FortiAnalyzer may not show rescan icon, and drill-down for rescan may show an empty page.
691570 FortiAnalyzer may not be able to cancel IoC re-scan task.
719441 FortiView may return sql-report dataset query error when Export to Report Chart in FortiClient Software inventory.
722443 Top Destinations on FortiView may not display the correct information.

723799

Policy Name may not show up under FortiView > Traffic > Policy Hits > Policy Column for policies with name information.

724435 SD-WAN performance status widget may be empty if one of the SD-WAN members is down.
726637 FortiAnalyzer should be able to filter on device name and show the device name field properly in the Result column.
731348 FortiView may not apply country filter correctly.
733145 The SD-WAN Events widget may display Invalid params: device: only alphanumerics, '_', '-' and one pair of '[',']' are valid characters.
734359 FortiAnalyzer may return error when applying source IP filter and exporting data to PDF with Top Browsing Users.
735153 IoC incorrectly shows internal host as infected while IPS attack is initiated from outside.
735724 FortiView Monitors page may be showing two Traffic dashboards or VPN dashboards.

748014

FortiView may throw an exception when adding filters for Top Endpoint Vulnerabilities (FortiClient).

Log View

Bug ID Description
656507 FortiAnalyzer may lose sorting when clicking the header column in Log Browse.
661094 In Log View, importing logs may fail.
674027 Filtering FortiClient event logs with wildcard UID filter returns no data.
717160 FortiAnalyzer may show duplicated entries when filtering real-time logs in Log View.
726340 oftpd may not work properly if many log requests are received at the same time.
727355 FortiAnalyzer may take very long time on log searches.
745724 Bandwidth data from SD-WAN event logs may not be inserted.

Others

Bug ID Description
615795 Some IPS packets may be missing on FortiAnalyzer.
621473 FortiSOC is missing in cloud-based VMs.
682539 Local Connector Update Endpoint may fail due to endpoint's record contains unicode characters.
687180 When using the operator >= for "Greater than or Equal to" in FortiAnalyzer CLI, it does not accept the syntax and throws an error.
716576 User with read-only permissions cannot get the list of ADOMs via JSON request.
726012 FortiAnalyzer requires a FortiGuard Indicators of Compromise license in order to see compromised hosts.
726782 The percent of used memory is much higher in 7.0 than 6.4.
729741 An error message may appear on console during upgrade.
730554 FortiAnalyzer HA may use high memory usage.
731070 FortiAnalyzer should add support for FortiNAC v9.1 in supported-platforms.
731319 There may be high memory usage on logfwd with FortiAnalyzer collector.
733792 JSON RPC may fail with code -32603.
735510 sqllogd may cause high memory usage.
744293 Several extra ports are opened when scanning FortiAnalyzer HA cluster's virtual IP.
744918 fortilogd may not write logs for FortiGate-401E-DC.
745025 HMAC given in log-checksum md5-auth option does not match.
746022 There may be multiple siemdbd crashes on redisAppendCommand.
746625 siemagentd may crash.

Reports

Bug ID Description
677090 Report Filter may not work with devname.
715680 Default chart VPN User Logins may return different values in two reports for the same device or data range.
726688 All predefined report/template/chart/macro/dataset may be missing from newly created ADOM after a reboot.
728923 Log type selector for FortiGate has duplicate traffic log field names due to FortiClient Traffic is changed to Traffic.
734152 Report group filter may not work in FortiProxy ADOM.
734167 Report log field filter drop-down may be missing pick-list in non FortiGate ADOM.
744024 FortiAnalyzer is unable to disable and remove reports from hidden ADOM.
744915 FortiView summary does not match with the sessions shown in the session table.

System Settings

Bug ID Description
672273 Initial data sync may never finish on Azure or GCP HA cluster unless "diag test app clusterd 97 init-sync done" is run.
710986 An existing log forwarding entry is gone after its status changed from On to Off.
721627 FortiAnalyzer HA cluster always uses VIP for log forwarding to server instead of another interface.
730296 RADIUS authentication using mschap2 may not work.
739136 Task monitor shows incorrect user for newly created ADOM.