Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Known Issues

The following issues have been identified in FortiAnalyzer version 7.0.2. For inquires about a particular bug or to report a bug, please contact Fortinet Customer Service & Support.

Event Management

Bug ID

Description

691220

Event handler may not be triggered correctly when there is more than one match.

FortiSOC

Bug ID

Description

717841

IOC events and FortiGate Event Handler events are not being sent to FortiGate from FortiAnalyzer.

FortiView

Big ID Description
641596 FortiAnalyzer may show "No Data" in "User Vulnerabilities Summary" widget.
727056 SD-WAN Monitor may show incorrect bandwidth.
741910 Top Cloud Applications may show 0 KB utilization under the Bandwidth column.

744910

Bandwidth should not be used in the FortiView's graphs or tables when they are actually showing bytes received and sent.

Log View

Bug ID

Description

704206

When filtering with "Action" and "Source IP" under Traffic menu, the filter output may be incorrect with the combination of smart action with any other field.

691552

FortiAnalyzer may be missing a double quote in direction log field.

Others

Bug ID

Description

616355 FortiGate may display "SSL error" or "OFTP error" when testing connectivity with FortiAnalyzer.
701753 SIEM database should be trimmed at the same time when quota enforcement occurs.

740046

ADOM archive quota in GUI shows older undeleted files.

Workaround: In CLI, type command diag test application logfiled 12 force. Wait for the system to check the ADOM retention policy. When the system finds log files that are older than the number of retention days, it deletes the old log files and its directory. The deletion is recorded in the event log, and the System Settings > Storage Info widget is updated.

Reports

Bug ID

Description

653207 FortiAnalyzer may have incorrect dataset queries without considering the 'direction' field.

740220

Log field list for filter may be empty with FortiClient ADOM.

System Settings

Bug ID Description

624331

System Settings > License Information widget should not display Security Operations/SOC Service for unsupported devices, such as FAZ-200F and FAZ-300F.

653371 CEF log forwarding start time does not match with event time.
669402 FortiAnalyzer may not time out admin a session after many hours.
708958 Changing Timezone on FortiAnalyzer does not take effect on FortiSOC.

734001

FortiAnalyzer HA may randomly fail-over.

742804

TACACS user is not able to browse Log View.

748107

Additional timestamp, tz field, is being added to forwarded logs from FortiAnalyzer.

Known Issues

The following issues have been identified in FortiAnalyzer version 7.0.2. For inquires about a particular bug or to report a bug, please contact Fortinet Customer Service & Support.

Event Management

Bug ID

Description

691220

Event handler may not be triggered correctly when there is more than one match.

FortiSOC

Bug ID

Description

717841

IOC events and FortiGate Event Handler events are not being sent to FortiGate from FortiAnalyzer.

FortiView

Big ID Description
641596 FortiAnalyzer may show "No Data" in "User Vulnerabilities Summary" widget.
727056 SD-WAN Monitor may show incorrect bandwidth.
741910 Top Cloud Applications may show 0 KB utilization under the Bandwidth column.

744910

Bandwidth should not be used in the FortiView's graphs or tables when they are actually showing bytes received and sent.

Log View

Bug ID

Description

704206

When filtering with "Action" and "Source IP" under Traffic menu, the filter output may be incorrect with the combination of smart action with any other field.

691552

FortiAnalyzer may be missing a double quote in direction log field.

Others

Bug ID

Description

616355 FortiGate may display "SSL error" or "OFTP error" when testing connectivity with FortiAnalyzer.
701753 SIEM database should be trimmed at the same time when quota enforcement occurs.

740046

ADOM archive quota in GUI shows older undeleted files.

Workaround: In CLI, type command diag test application logfiled 12 force. Wait for the system to check the ADOM retention policy. When the system finds log files that are older than the number of retention days, it deletes the old log files and its directory. The deletion is recorded in the event log, and the System Settings > Storage Info widget is updated.

Reports

Bug ID

Description

653207 FortiAnalyzer may have incorrect dataset queries without considering the 'direction' field.

740220

Log field list for filter may be empty with FortiClient ADOM.

System Settings

Bug ID Description

624331

System Settings > License Information widget should not display Security Operations/SOC Service for unsupported devices, such as FAZ-200F and FAZ-300F.

653371 CEF log forwarding start time does not match with event time.
669402 FortiAnalyzer may not time out admin a session after many hours.
708958 Changing Timezone on FortiAnalyzer does not take effect on FortiSOC.

734001

FortiAnalyzer HA may randomly fail-over.

742804

TACACS user is not able to browse Log View.

748107

Additional timestamp, tz field, is being added to forwarded logs from FortiAnalyzer.