Fortinet black logo

Release Notes

Home FortiAnalyzer 7.0.3 Release Notes
7.0.3
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.3
6.2.2
6.2.1
6.2.0
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.10
5.2.9
5.2.7
5.2.6
5.2.5
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.0.13
5.0.12
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3
5.0.2
5.0.1
4.3.8

Resolved Issues

Resolved Issues

The following issues have been fixed in FortiAnalyzer version 7.0.3. To inquire about a particular bug, please contact Customer Service & Support.

Device Manager

Bug ID Description

626506

When FortiManager sends syslogs to FortiAnalyzer, the FortiManager device may appear twice as unauthenticated devices.

638080

FortiAnalyzer ha-member-auto-grouping may not work FortiGate HA devices.

695804

Device Manager may not show FortiGate Fabric members under the root Fabric tree.

753567

In some rare cases, only some fabric devices may appear in the fabric group tree.

Fabric View

Bug ID Description

727056

SD-WAN Monitor may show incorrect bandwidth.

741910

Top Cloud Applications may show 0 KB utilization under the Bandwidth column.

744910

"Bandwidth" should not be used in the FortiView's graphs or tables when they are actually showing "bytes received and sent".

FortiSOC

Bug ID Description

760020

The pre-filters in the event handler may cause the sqllogd to crash every two to three seconds.

FortiView

Bug ID Description

742005

FortiView widgets may take a very long time to load.

751295

FortiView's Secure SD-WAN and Secure SD WAN report should display correct information for Health Checker's packet loss.

753911

Monitor should be able to show values with faster response time.

756502

Exporting to Report Chart may fail for "Top Apps by Installs fails".

770206

FortiAnalzyer may take more than two minutes to show log details with Top threat view with two filters.

Log View

Bug ID Description

653765

Some log files under Log Browse may contain a mix of event and traffic messages.

660274

FortiAnalyzer should roll active logs on a weekly basis by default.

691552

FortiAnalyzer may be missing a double quote in direction log field.

726340

oftpd may not work properly if many log requests are received at the same time.

735065

FortiAnalyzer may not handle many re-connection requests causing FortiGate devices log system event on disconnecting or connecting.

740046

ADOM archive should not be higher than the configured value.

746596

FortiAnalyzer may be showing two VDOMs, root and default, in Log Browse for FortiClient devices.

750515

FortiAnalyzer may stop receiving logs every day until it has been rebooted.

755515

ForiGate may show, "Failed to get FAZ's status. Authentication Failed. (-19)", when the device has been authorized and sending logs to FortiAnalyzer.

755988

FortiAnalyzer may gradually stop to receiving logs due to leaks in receiving buffers.

759107

FortiAnalyzer may gradually stop to receiving logs due to leaks in receiving buffers.

765710

When service is not in the log entry, filter based on negative service still should show related logs in the filtered result.

Others

Bug ID Description

660310

Drilldown compromised host from FortiGate may not work.

676446

FortiAnalyzer should change login-max and docker-user-login-max range from 1-32 to 1-256.

698361

SNMPv3 engineBoots may not properly be initialized.

701753

SIEM database should be trimmed at the same time when quota enforcement occurs.

712159

When FortiAnalyzer is changed to Collector mode, siemdb should automatically stop working.

714991

The login interface may crash if user inputs pre-login banner text in encoding other than UTF-8.

732116

Setting of "FortiCloud Single Sign-On" is always displayed on login.

752817

Log disk usage may frequently reach 99% due to calculation on the siemdb size.

755843

There may no a lot of errors showing "could not read block 0 in file" in pgsvr.log.

756659

When rebuilding database on the FortiAnalyzer HA's secondary unit, it may stuck at 1%.

756846

Under Microsoft Azure, FortiAnalyzer HA's secondary IP does not move to new primary after HA failover.

758028

FortiAnalyzer may frequently send 'csf-check' requests causing miglogd consuming 99% of the CPU resources.

758237

The sqllogd may take a long time to startup.

765146

Disk I/O is at 100% with no log insertion due to a device is wrongly recognized as a cell phone with multiple IP addresses.

765214

After a HA device is deleted, its device ID still appears in "diag test app sqllogd 81".

Reports

Bug ID Description

653207

FortiAnalzyer may have incorrect dataset queries without considering the 'direction' field.

683353

After exported report template from FortiAnalyzer 6.2 and imported the template to a later version, FortiAnalyzer may show an error, "Invalid Device or Vdom".

694181

Customized cover page may not be consistent with the configuration preview with editor.

703772

Scheduled report created from JSON API may not be visible on GUI.

713906

Report may show no active users when there are logs for active users.

722573

Restoring reports for a thousand of ADOMs may take many hours with high memory usage.

740220

Log field list for filter may be empty with FortiClient ADOM.

742288

FortiAnalyzer may not be able to clone SD-WAN Device-Interface Inbandwidth Line chart.

748847

Report filtering may not work when five hundreds plus FortiGate devices are selected.

756363

"Template Secure SD-WAN Report" may not show a graphic that includes both the "SLA Name object" and "WAN interface" fields.

756620

"360-Degree Security Review" Report has typo in chart header, "Spayware".

767358

When using report with report group, Application and Bandwidth Report may not show the correct values and data.

System Settings

Bug ID Description

682026

When creating a log forwarding entry, user should be able to select a FortiADC device from GUI.

694724

After upgraded FortiAnalyzer, FortiGate HA devices may get removed from the list of devices defined within the log forwarding configurations.

708958

Changing Timezone on FortiAnalyzer does not take effect on FortiSOC.

722250

When Device Manager's permission is set at Read-Write and System Settings' permission is set at Read-Only, SAML login user cannot create new or edit ADOM.

723132

When FortiAnalyzer receives logs after there is an offline event, FortiAnalayzer should show status changes with event messages.

742804

TACACS user is not able to browse Log View.

748184

FortiAnalyzer may show ADOM that stores logs that exceeds FortiAnalyzer log storage criteria.

765818

The forwarded CEF start time is different than the original timestamp of the log.

773055

Archive percentage should not exceed more than 100% of the disk space allocated.
Previous
Next

Resolved Issues

The following issues have been fixed in FortiAnalyzer version 7.0.3. To inquire about a particular bug, please contact Customer Service & Support.

Device Manager

Bug ID Description

626506

When FortiManager sends syslogs to FortiAnalyzer, the FortiManager device may appear twice as unauthenticated devices.

638080

FortiAnalyzer ha-member-auto-grouping may not work FortiGate HA devices.

695804

Device Manager may not show FortiGate Fabric members under the root Fabric tree.

753567

In some rare cases, only some fabric devices may appear in the fabric group tree.

Fabric View

Bug ID Description

727056

SD-WAN Monitor may show incorrect bandwidth.

741910

Top Cloud Applications may show 0 KB utilization under the Bandwidth column.

744910

"Bandwidth" should not be used in the FortiView's graphs or tables when they are actually showing "bytes received and sent".

FortiSOC

Bug ID Description

760020

The pre-filters in the event handler may cause the sqllogd to crash every two to three seconds.

FortiView

Bug ID Description

742005

FortiView widgets may take a very long time to load.

751295

FortiView's Secure SD-WAN and Secure SD WAN report should display correct information for Health Checker's packet loss.

753911

Monitor should be able to show values with faster response time.

756502

Exporting to Report Chart may fail for "Top Apps by Installs fails".

770206

FortiAnalzyer may take more than two minutes to show log details with Top threat view with two filters.

Log View

Bug ID Description

653765

Some log files under Log Browse may contain a mix of event and traffic messages.

660274

FortiAnalyzer should roll active logs on a weekly basis by default.

691552

FortiAnalyzer may be missing a double quote in direction log field.

726340

oftpd may not work properly if many log requests are received at the same time.

735065

FortiAnalyzer may not handle many re-connection requests causing FortiGate devices log system event on disconnecting or connecting.

740046

ADOM archive should not be higher than the configured value.

746596

FortiAnalyzer may be showing two VDOMs, root and default, in Log Browse for FortiClient devices.

750515

FortiAnalyzer may stop receiving logs every day until it has been rebooted.

755515

ForiGate may show, "Failed to get FAZ's status. Authentication Failed. (-19)", when the device has been authorized and sending logs to FortiAnalyzer.

755988

FortiAnalyzer may gradually stop to receiving logs due to leaks in receiving buffers.

759107

FortiAnalyzer may gradually stop to receiving logs due to leaks in receiving buffers.

765710

When service is not in the log entry, filter based on negative service still should show related logs in the filtered result.

Others

Bug ID Description

660310

Drilldown compromised host from FortiGate may not work.

676446

FortiAnalyzer should change login-max and docker-user-login-max range from 1-32 to 1-256.

698361

SNMPv3 engineBoots may not properly be initialized.

701753

SIEM database should be trimmed at the same time when quota enforcement occurs.

712159

When FortiAnalyzer is changed to Collector mode, siemdb should automatically stop working.

714991

The login interface may crash if user inputs pre-login banner text in encoding other than UTF-8.

732116

Setting of "FortiCloud Single Sign-On" is always displayed on login.

752817

Log disk usage may frequently reach 99% due to calculation on the siemdb size.

755843

There may no a lot of errors showing "could not read block 0 in file" in pgsvr.log.

756659

When rebuilding database on the FortiAnalyzer HA's secondary unit, it may stuck at 1%.

756846

Under Microsoft Azure, FortiAnalyzer HA's secondary IP does not move to new primary after HA failover.

758028

FortiAnalyzer may frequently send 'csf-check' requests causing miglogd consuming 99% of the CPU resources.

758237

The sqllogd may take a long time to startup.

765146

Disk I/O is at 100% with no log insertion due to a device is wrongly recognized as a cell phone with multiple IP addresses.

765214

After a HA device is deleted, its device ID still appears in "diag test app sqllogd 81".

Reports

Bug ID Description

653207

FortiAnalzyer may have incorrect dataset queries without considering the 'direction' field.

683353

After exported report template from FortiAnalyzer 6.2 and imported the template to a later version, FortiAnalyzer may show an error, "Invalid Device or Vdom".

694181

Customized cover page may not be consistent with the configuration preview with editor.

703772

Scheduled report created from JSON API may not be visible on GUI.

713906

Report may show no active users when there are logs for active users.

722573

Restoring reports for a thousand of ADOMs may take many hours with high memory usage.

740220

Log field list for filter may be empty with FortiClient ADOM.

742288

FortiAnalyzer may not be able to clone SD-WAN Device-Interface Inbandwidth Line chart.

748847

Report filtering may not work when five hundreds plus FortiGate devices are selected.

756363

"Template Secure SD-WAN Report" may not show a graphic that includes both the "SLA Name object" and "WAN interface" fields.

756620

"360-Degree Security Review" Report has typo in chart header, "Spayware".

767358

When using report with report group, Application and Bandwidth Report may not show the correct values and data.

System Settings

Bug ID Description

682026

When creating a log forwarding entry, user should be able to select a FortiADC device from GUI.

694724

After upgraded FortiAnalyzer, FortiGate HA devices may get removed from the list of devices defined within the log forwarding configurations.

708958

Changing Timezone on FortiAnalyzer does not take effect on FortiSOC.

722250

When Device Manager's permission is set at Read-Write and System Settings' permission is set at Read-Only, SAML login user cannot create new or edit ADOM.

723132

When FortiAnalyzer receives logs after there is an offline event, FortiAnalayzer should show status changes with event messages.

742804

TACACS user is not able to browse Log View.

748184

FortiAnalyzer may show ADOM that stores logs that exceeds FortiAnalyzer log storage criteria.

765818

The forwarded CEF start time is different than the original timestamp of the log.

773055

Archive percentage should not exceed more than 100% of the disk space allocated.
Previous
Next