Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Release Notes

    Home FortiAnalyzer 7.0.3 Release Notes
    7.0.3
    7.6.1
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.11
    5.6.10
    5.6.9
    5.6.8
    5.6.7
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.4.7
    5.4.6
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.2.10
    5.2.9
    5.2.7
    5.2.6
    5.2.5
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.0.13
    5.0.12
    5.0.11
    5.0.10
    5.0.9
    5.0.8
    5.0.7
    5.0.6
    5.0.5
    5.0.4
    5.0.3
    5.0.2
    5.0.1
    4.3.8

    Resolved Issues

    Resolved Issues

    The following issues have been fixed in FortiAnalyzer version 7.0.3. To inquire about a particular bug, please contact Customer Service & Support.

    Device Manager

    Bug ID Description

    626506

    When FortiManager sends syslogs to FortiAnalyzer, the FortiManager device may appear twice as unauthenticated devices.

    638080

    FortiAnalyzer ha-member-auto-grouping may not work FortiGate HA devices.

    695804

    Device Manager may not show FortiGate Fabric members under the root Fabric tree.

    753567

    In some rare cases, only some fabric devices may appear in the fabric group tree.

    Fabric View

    Bug ID Description

    727056

    SD-WAN Monitor may show incorrect bandwidth.

    741910

    Top Cloud Applications may show 0 KB utilization under the Bandwidth column.

    744910

    "Bandwidth" should not be used in the FortiView's graphs or tables when they are actually showing "bytes received and sent".

    FortiSOC

    Bug ID Description

    760020

    The pre-filters in the event handler may cause the sqllogd to crash every two to three seconds.

    FortiView

    Bug ID Description

    742005

    FortiView widgets may take a very long time to load.

    751295

    FortiView's Secure SD-WAN and Secure SD WAN report should display correct information for Health Checker's packet loss.

    753911

    Monitor should be able to show values with faster response time.

    756502

    Exporting to Report Chart may fail for "Top Apps by Installs fails".

    770206

    FortiAnalzyer may take more than two minutes to show log details with Top threat view with two filters.

    Log View

    Bug ID Description

    653765

    Some log files under Log Browse may contain a mix of event and traffic messages.

    660274

    FortiAnalyzer should roll active logs on a weekly basis by default.

    691552

    FortiAnalyzer may be missing a double quote in direction log field.

    726340

    oftpd may not work properly if many log requests are received at the same time.

    735065

    FortiAnalyzer may not handle many re-connection requests causing FortiGate devices log system event on disconnecting or connecting.

    740046

    ADOM archive should not be higher than the configured value.

    746596

    FortiAnalyzer may be showing two VDOMs, root and default, in Log Browse for FortiClient devices.

    750515

    FortiAnalyzer may stop receiving logs every day until it has been rebooted.

    755515

    ForiGate may show, "Failed to get FAZ's status. Authentication Failed. (-19)", when the device has been authorized and sending logs to FortiAnalyzer.

    755988

    FortiAnalyzer may gradually stop to receiving logs due to leaks in receiving buffers.

    759107

    FortiAnalyzer may gradually stop to receiving logs due to leaks in receiving buffers.

    765710

    When service is not in the log entry, filter based on negative service still should show related logs in the filtered result.

    Others

    Bug ID Description

    660310

    Drilldown compromised host from FortiGate may not work.

    676446

    FortiAnalyzer should change login-max and docker-user-login-max range from 1-32 to 1-256.

    698361

    SNMPv3 engineBoots may not properly be initialized.

    701753

    SIEM database should be trimmed at the same time when quota enforcement occurs.

    712159

    When FortiAnalyzer is changed to Collector mode, siemdb should automatically stop working.

    714991

    The login interface may crash if user inputs pre-login banner text in encoding other than UTF-8.

    732116

    Setting of "FortiCloud Single Sign-On" is always displayed on login.

    752817

    Log disk usage may frequently reach 99% due to calculation on the siemdb size.

    755843

    There may no a lot of errors showing "could not read block 0 in file" in pgsvr.log.

    756659

    When rebuilding database on the FortiAnalyzer HA's secondary unit, it may stuck at 1%.

    756846

    Under Microsoft Azure, FortiAnalyzer HA's secondary IP does not move to new primary after HA failover.

    758028

    FortiAnalyzer may frequently send 'csf-check' requests causing miglogd consuming 99% of the CPU resources.

    758237

    The sqllogd may take a long time to startup.

    765146

    Disk I/O is at 100% with no log insertion due to a device is wrongly recognized as a cell phone with multiple IP addresses.

    765214

    After a HA device is deleted, its device ID still appears in "diag test app sqllogd 81".

    Reports

    Bug ID Description

    653207

    FortiAnalzyer may have incorrect dataset queries without considering the 'direction' field.

    683353

    After exported report template from FortiAnalyzer 6.2 and imported the template to a later version, FortiAnalyzer may show an error, "Invalid Device or Vdom".

    694181

    Customized cover page may not be consistent with the configuration preview with editor.

    703772

    Scheduled report created from JSON API may not be visible on GUI.

    713906

    Report may show no active users when there are logs for active users.

    722573

    Restoring reports for a thousand of ADOMs may take many hours with high memory usage.

    740220

    Log field list for filter may be empty with FortiClient ADOM.

    742288

    FortiAnalyzer may not be able to clone SD-WAN Device-Interface Inbandwidth Line chart.

    748847

    Report filtering may not work when five hundreds plus FortiGate devices are selected.

    756363

    "Template Secure SD-WAN Report" may not show a graphic that includes both the "SLA Name object" and "WAN interface" fields.

    756620

    "360-Degree Security Review" Report has typo in chart header, "Spayware".

    767358

    When using report with report group, Application and Bandwidth Report may not show the correct values and data.

    System Settings

    Bug ID Description

    682026

    When creating a log forwarding entry, user should be able to select a FortiADC device from GUI.

    694724

    After upgraded FortiAnalyzer, FortiGate HA devices may get removed from the list of devices defined within the log forwarding configurations.

    708958

    Changing Timezone on FortiAnalyzer does not take effect on FortiSOC.

    722250

    When Device Manager's permission is set at Read-Write and System Settings' permission is set at Read-Only, SAML login user cannot create new or edit ADOM.

    723132

    When FortiAnalyzer receives logs after there is an offline event, FortiAnalayzer should show status changes with event messages.

    742804

    TACACS user is not able to browse Log View.

    748184

    FortiAnalyzer may show ADOM that stores logs that exceeds FortiAnalyzer log storage criteria.

    765818

    The forwarded CEF start time is different than the original timestamp of the log.

    773055

    Archive percentage should not exceed more than 100% of the disk space allocated.
    Previous
    Next

    Resolved Issues

    Resolved Issues

    The following issues have been fixed in FortiAnalyzer version 7.0.3. To inquire about a particular bug, please contact Customer Service & Support.

    Device Manager

    Bug ID Description

    626506

    When FortiManager sends syslogs to FortiAnalyzer, the FortiManager device may appear twice as unauthenticated devices.

    638080

    FortiAnalyzer ha-member-auto-grouping may not work FortiGate HA devices.

    695804

    Device Manager may not show FortiGate Fabric members under the root Fabric tree.

    753567

    In some rare cases, only some fabric devices may appear in the fabric group tree.

    Fabric View

    Bug ID Description

    727056

    SD-WAN Monitor may show incorrect bandwidth.

    741910

    Top Cloud Applications may show 0 KB utilization under the Bandwidth column.

    744910

    "Bandwidth" should not be used in the FortiView's graphs or tables when they are actually showing "bytes received and sent".

    FortiSOC

    Bug ID Description

    760020

    The pre-filters in the event handler may cause the sqllogd to crash every two to three seconds.

    FortiView

    Bug ID Description

    742005

    FortiView widgets may take a very long time to load.

    751295

    FortiView's Secure SD-WAN and Secure SD WAN report should display correct information for Health Checker's packet loss.

    753911

    Monitor should be able to show values with faster response time.

    756502

    Exporting to Report Chart may fail for "Top Apps by Installs fails".

    770206

    FortiAnalzyer may take more than two minutes to show log details with Top threat view with two filters.

    Log View

    Bug ID Description

    653765

    Some log files under Log Browse may contain a mix of event and traffic messages.

    660274

    FortiAnalyzer should roll active logs on a weekly basis by default.

    691552

    FortiAnalyzer may be missing a double quote in direction log field.

    726340

    oftpd may not work properly if many log requests are received at the same time.

    735065

    FortiAnalyzer may not handle many re-connection requests causing FortiGate devices log system event on disconnecting or connecting.

    740046

    ADOM archive should not be higher than the configured value.

    746596

    FortiAnalyzer may be showing two VDOMs, root and default, in Log Browse for FortiClient devices.

    750515

    FortiAnalyzer may stop receiving logs every day until it has been rebooted.

    755515

    ForiGate may show, "Failed to get FAZ's status. Authentication Failed. (-19)", when the device has been authorized and sending logs to FortiAnalyzer.

    755988

    FortiAnalyzer may gradually stop to receiving logs due to leaks in receiving buffers.

    759107

    FortiAnalyzer may gradually stop to receiving logs due to leaks in receiving buffers.

    765710

    When service is not in the log entry, filter based on negative service still should show related logs in the filtered result.

    Others

    Bug ID Description

    660310

    Drilldown compromised host from FortiGate may not work.

    676446

    FortiAnalyzer should change login-max and docker-user-login-max range from 1-32 to 1-256.

    698361

    SNMPv3 engineBoots may not properly be initialized.

    701753

    SIEM database should be trimmed at the same time when quota enforcement occurs.

    712159

    When FortiAnalyzer is changed to Collector mode, siemdb should automatically stop working.

    714991

    The login interface may crash if user inputs pre-login banner text in encoding other than UTF-8.

    732116

    Setting of "FortiCloud Single Sign-On" is always displayed on login.

    752817

    Log disk usage may frequently reach 99% due to calculation on the siemdb size.

    755843

    There may no a lot of errors showing "could not read block 0 in file" in pgsvr.log.

    756659

    When rebuilding database on the FortiAnalyzer HA's secondary unit, it may stuck at 1%.

    756846

    Under Microsoft Azure, FortiAnalyzer HA's secondary IP does not move to new primary after HA failover.

    758028

    FortiAnalyzer may frequently send 'csf-check' requests causing miglogd consuming 99% of the CPU resources.

    758237

    The sqllogd may take a long time to startup.

    765146

    Disk I/O is at 100% with no log insertion due to a device is wrongly recognized as a cell phone with multiple IP addresses.

    765214

    After a HA device is deleted, its device ID still appears in "diag test app sqllogd 81".

    Reports

    Bug ID Description

    653207

    FortiAnalzyer may have incorrect dataset queries without considering the 'direction' field.

    683353

    After exported report template from FortiAnalyzer 6.2 and imported the template to a later version, FortiAnalyzer may show an error, "Invalid Device or Vdom".

    694181

    Customized cover page may not be consistent with the configuration preview with editor.

    703772

    Scheduled report created from JSON API may not be visible on GUI.

    713906

    Report may show no active users when there are logs for active users.

    722573

    Restoring reports for a thousand of ADOMs may take many hours with high memory usage.

    740220

    Log field list for filter may be empty with FortiClient ADOM.

    742288

    FortiAnalyzer may not be able to clone SD-WAN Device-Interface Inbandwidth Line chart.

    748847

    Report filtering may not work when five hundreds plus FortiGate devices are selected.

    756363

    "Template Secure SD-WAN Report" may not show a graphic that includes both the "SLA Name object" and "WAN interface" fields.

    756620

    "360-Degree Security Review" Report has typo in chart header, "Spayware".

    767358

    When using report with report group, Application and Bandwidth Report may not show the correct values and data.

    System Settings

    Bug ID Description

    682026

    When creating a log forwarding entry, user should be able to select a FortiADC device from GUI.

    694724

    After upgraded FortiAnalyzer, FortiGate HA devices may get removed from the list of devices defined within the log forwarding configurations.

    708958

    Changing Timezone on FortiAnalyzer does not take effect on FortiSOC.

    722250

    When Device Manager's permission is set at Read-Write and System Settings' permission is set at Read-Only, SAML login user cannot create new or edit ADOM.

    723132

    When FortiAnalyzer receives logs after there is an offline event, FortiAnalayzer should show status changes with event messages.

    742804

    TACACS user is not able to browse Log View.

    748184

    FortiAnalyzer may show ADOM that stores logs that exceeds FortiAnalyzer log storage criteria.

    765818

    The forwarded CEF start time is different than the original timestamp of the log.

    773055

    Archive percentage should not exceed more than 100% of the disk space allocated.
    Previous
    Next