Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Resolved Issues

The following issues have been fixed in FortiAnalyzer version 7.0.4. For inquires about a particular bug, please contact Customer Service & Support.

FortiSOC

Bug ID Description

703843

Automation stitch does not work when logdevice type is FortiMail.

728350

"Ioc_Rescan" tag does not show up for the rescanned Compromised Host under the FortiSoC.

769793

Incidents cannot be modified.

773382

Running AV scan playbook takes long time to load for all the endpoints and users cannot see any progress bar.

783212

Error Message "403 Client Error" is seen when configuring FML connector under the Connectors.

783569

Automation Stitch Action "Ban IP" does not work on FortiGate because FortiAnalyzer did not send the srcip to FGT.

FortiView

Bug ID Description

758817

The "User Data Flow" does not display the device name under the Traffic.

767221

The gateways for clients are not plotted properly in Monitors under the "Top Dialup VPN".

777156

"Domain" and "Category" tabs are empty for "Top Sources" and "Top Sources Addresses".

794491

SD-WAN widgets does not display data properly.

798471

Top SD-WAN Device Throughput widget is displaying wrong numbers.

Log View

Bug ID Description

708842

FortiAnalyzer fails to complete FortiGate log query when filter is set using dropdown menu with value entered manually.

769430

The log browse device list does not display all the devices.

779893

"dstowner" field is not allowed for filter in traffic Logs.

787988

Downloading a high volume of logs takes a long time and fails.

Others

Bug ID Description

750709

Policy Analyzer application exists on the MEA of FortiAnalyzer.

773745

FortiAnalyzer should try to connect to FortiClient or forticlient-emsproxy.forticloud.com when enabling EMS cloud.

778123

Not able to get device connection stats using SNMP get.

778984

IOC module uses too much memory.

783105

SIEM daemons are still running even if SIEM module is disabled.

784964

FortiAnalyzer in the collector mode did not forward syslog to the Splunk server.

789866

Logs related to the removed devices are archived and took disk space.

790518

"svc dvmdb reader" uses high CPU percentage.

798630

Typo in widget name "Top SD-WAN Device Throughout".

Reports

Bug ID Description

720891

"Device ID (devid)" does not work properly for default reports.

766123

"Selected data binding is invalid" is shown for "Data Binding" in the chart details for "Traffic statistic".

766505

Report's header may not be repositioned.

769473

FortiAnalyzer displays the error message "At least one column is required." when creating a join statement from temporary tables and mapping it to a chart.

770191

The SD-WAN Internal and External throughput values are displayed wrongly.

771154

Date format is not applied to report cover page dates.

806284

FortiAnalyzer wrongly mixes and displays multiple devices/customers info into the same report.

794020

Unable delete an incident if the attached report was deleted from Shell.

System Settings

Bug ID Description

695968

In the local event logs, Device Name doesn't match the FortiAnalyzer's Hostname.

741288

SSO users cannot connect to the map server.

749245

Not able to change RAID level from GUI for FAZ300F/3000.

777779

FortiAnalyzer can restrict ADOM access for super users.

783984

After applying the "All Devices" filter under the log forwarding "All FortiGate" option will be showed up.

784290

Primary FortiAnalyzer shows the secondary FortiAnalyzer hostname wrongly.

784345

FortiAnalyzer connects to map server and GeoIP server directly even when the web-proxy is enabled.

793006

When Forward server is disabled, user has no visibility on the log forwarding servers setting.

804897

The log forward configuration with IPv6 address destination cannot be set from the GUI.

Resolved Issues

The following issues have been fixed in FortiAnalyzer version 7.0.4. For inquires about a particular bug, please contact Customer Service & Support.

FortiSOC

Bug ID Description

703843

Automation stitch does not work when logdevice type is FortiMail.

728350

"Ioc_Rescan" tag does not show up for the rescanned Compromised Host under the FortiSoC.

769793

Incidents cannot be modified.

773382

Running AV scan playbook takes long time to load for all the endpoints and users cannot see any progress bar.

783212

Error Message "403 Client Error" is seen when configuring FML connector under the Connectors.

783569

Automation Stitch Action "Ban IP" does not work on FortiGate because FortiAnalyzer did not send the srcip to FGT.

FortiView

Bug ID Description

758817

The "User Data Flow" does not display the device name under the Traffic.

767221

The gateways for clients are not plotted properly in Monitors under the "Top Dialup VPN".

777156

"Domain" and "Category" tabs are empty for "Top Sources" and "Top Sources Addresses".

794491

SD-WAN widgets does not display data properly.

798471

Top SD-WAN Device Throughput widget is displaying wrong numbers.

Log View

Bug ID Description

708842

FortiAnalyzer fails to complete FortiGate log query when filter is set using dropdown menu with value entered manually.

769430

The log browse device list does not display all the devices.

779893

"dstowner" field is not allowed for filter in traffic Logs.

787988

Downloading a high volume of logs takes a long time and fails.

Others

Bug ID Description

750709

Policy Analyzer application exists on the MEA of FortiAnalyzer.

773745

FortiAnalyzer should try to connect to FortiClient or forticlient-emsproxy.forticloud.com when enabling EMS cloud.

778123

Not able to get device connection stats using SNMP get.

778984

IOC module uses too much memory.

783105

SIEM daemons are still running even if SIEM module is disabled.

784964

FortiAnalyzer in the collector mode did not forward syslog to the Splunk server.

789866

Logs related to the removed devices are archived and took disk space.

790518

"svc dvmdb reader" uses high CPU percentage.

798630

Typo in widget name "Top SD-WAN Device Throughout".

Reports

Bug ID Description

720891

"Device ID (devid)" does not work properly for default reports.

766123

"Selected data binding is invalid" is shown for "Data Binding" in the chart details for "Traffic statistic".

766505

Report's header may not be repositioned.

769473

FortiAnalyzer displays the error message "At least one column is required." when creating a join statement from temporary tables and mapping it to a chart.

770191

The SD-WAN Internal and External throughput values are displayed wrongly.

771154

Date format is not applied to report cover page dates.

806284

FortiAnalyzer wrongly mixes and displays multiple devices/customers info into the same report.

794020

Unable delete an incident if the attached report was deleted from Shell.

System Settings

Bug ID Description

695968

In the local event logs, Device Name doesn't match the FortiAnalyzer's Hostname.

741288

SSO users cannot connect to the map server.

749245

Not able to change RAID level from GUI for FAZ300F/3000.

777779

FortiAnalyzer can restrict ADOM access for super users.

783984

After applying the "All Devices" filter under the log forwarding "All FortiGate" option will be showed up.

784290

Primary FortiAnalyzer shows the secondary FortiAnalyzer hostname wrongly.

784345

FortiAnalyzer connects to map server and GeoIP server directly even when the web-proxy is enabled.

793006

When Forward server is disabled, user has no visibility on the log forwarding servers setting.

804897

The log forward configuration with IPv6 address destination cannot be set from the GUI.