Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiAnalyzer 7.2.2 Release Notes
    7.2.2
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.11
    5.6.10
    5.6.9
    5.6.8
    5.6.7
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.4.7
    5.4.6
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.2.10
    5.2.9
    5.2.7
    5.2.6
    5.2.5
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.0.13
    5.0.12
    5.0.11
    5.0.10
    5.0.9
    5.0.8
    5.0.7
    5.0.6
    5.0.5
    5.0.4
    5.0.3
    5.0.2
    5.0.1
    4.3.8

    Resolved Issues

    Resolved Issues

    The following issues have been fixed in FortiAnalyzer version 7.2.2. To inquire about a particular bug, please contact Customer Service & Support.

    Device Manager

    Bug ID Description
    798197 Under the Device Manager, FortiAnalyzer does not show the color of the logging devices properly (red or green).

    814008

    Sort function for logs and average log rate (logs/sec) does not work in Device Manager.
    819664 Under Device Manager, Average Log Rate is displayed zero for FortiGates HA Cluster.

    824296

    FortiAnalyzer does not show the "root VDOM" under its Device Manager.
    827276 FortiAnalyzer does not let all VDOMs to be added to the Device Manager if FortiGates has more than 10 VDOMs.

    833448

    The device SYSLOG-00000000 appears repeatedly even after being removed from the unregistered devices.
    835653 The FortiGate's IP address and firmware version are not updated when FortiGates are added manually to a non-root ADOM.
    837310 FortiAnalyzer does not show the correct IP addresses and firmware versions for its registered FortiGates.

    838727

    Log Status of the Devices are displayed red when the Primary has a zero lograte.

    846904

    Under the Device Manager, the Average Log Rates are not displayed.

    Event Management

    Bug ID Description
    825422 FortiAnalyzer Event Handler does not trigger any alerts when Log Field has been set to Virtual Domain (vd).

    FortiSOC

    Bug ID Description
    757650 Wrong device name (devname) is filled in event email notification.

    775589

    FortiAnalyzer does not provide any details on status of Fabric Connectors.
    833991 FortiOS connector does not display health status of the Security Fabric members.
    848284 Despite having relevant event logs, created playbook does not get triggered.
    849070 Playbook runs successfully on the FortiAnalyzer, but there is not any stitches triggered on the FortiGate.

    FortiView

    Bug ID Description
    727056 SD-WAN Monitor may show incorrect bandwidth.

    744791

    "Failed Authentication Attempts" logs under the System tab of FortiView are blanks.
    798347 The Filter in FortiView does not properly work for Compromised Hosts.
    798471 Top SD-WAN Device Throughput widget is displaying wrong numbers.
    818077 Top application axis labels are not displayed correctly in Monitor section.

    841717

    The Data displayed on FortiView is inconsistent with the exported "Top Website Domains" PDF report.

    856094

    Browsing time displayed "0s" for 'streaming media and download' category in the 'Top Website Categories' under the FortiView's 'Applications & Websites' tab.

    Log View

    Bug ID Description
    696451 Detected files by Content Disarm and Reconstruction (CDR) cannot be stored/quarantined to FortiAnalyzer despite quarantine destination set to FortiAnalyzer.
    797985 After downloading the IPS logs, the "cve field" is missing.
    816490 In Log Browse, for HA devices, only primary device's log files are displayed .
    836777 When admin profile is set as "Read-Only", Add Filter under the LogView/FortiView displays no fields.
    837554 The Fabric log contains "::ffff:" prefix in front of the value of any IPv4 related fields.
    839350 Devices' entries under the Log Group of the Log View are not displayed.

    855783

    FortiAnalyzer event log file cannot be downloaded in CSV format.

    858682

    The data icon under the Log View for ADOM FortiMail/FortiWeb do not properly display the log details.

    Others

    Bug ID Description
    779943 High memory usage has been observed when creating dataset or running reports on FortiAnalyzer.
    809133 Several process crashes (logfwd/filefwd/clusterd), which have been observed when loading the devices from Device Manager, made FortiAnalyzer unable to show any logs.
    818118 Logs between HA members are not synched.
    822619 Missing values when retrieving logstats using the JSON API requests.
    825927 FortiAnalyzer does not provide access to all available tiles under the FortiAuthenticator ADOM.
    827787 The CPU and Disk I/O usage of the FortiAnalyzer appear to be constantly high.
    829869 When FortiAnalyzer is working on Collector Mode, system storage size increases over time; hence, FortiAnalyzer might stop receiving new logs.
    837657 Creating ADOMs using JSON API, default ADOM configs like report, datasets, charts, etc. are not created.
    838031 FortiAnalyzer GUI does not display the "Rebuilding ADOM DB" in progress anymore.

    838182

    Logs are not being inserted into the secondary FortiAnalyzer.

    839191

    The HA config-sync status issue creates the sync failure frequently.
    839910 The diagnose test application oftpd command does not display any outputs for some FortiGate devices registered on FortiAnalyzer.
    841622 FortiAnalyzer does not download the IOC DB updates when FortiManager acts as the local FortiGuard Server.

    845871

    FortiAnalyzer stopped accepting logs and status of the devices turned into red.

    846315

    FortiAnalyzer does not display ADOM FortiNAC.

    860113

    The primary FortiAnalyzer can show the logs in Log View. The synchronization between primary and secondary fails and the secondary doesn't show the last logs.

    Reports

    Bug ID Description
    704187 "Bandwidth and Application" Report's data does not match with the Top Application data on FortiView.
    722233 The generated report does not display data but its dataset query contains data.
    764194 Playbooks run_report fails with "missing device(s)" if "Playbook Starter" as devices filter is selected.
    768843 FortiAnalyzer does not support importing outbreak alert reports to ADOM type FortiGate.

    771072

    Secure SD-WAN CSV report does not show device names for charts.
    788801 "Throughput utilization billing report" does not display the complete data for the "yesterday" time-period.
    835422 FortiAnalyzer does not display any data on its report when group filter and LDAP query is being used.
    837395 "Show Top" & "Drilldown Top" preview features under the "Edit Chart" do not display the chart based on the selected values.

    841750

    The report does not display any data for its tables.
    844563 Hodex Time shown on table chart does not match with the configured time period for the previous XX days in report.
    844975 The command "execute remove reports" does not remove the reports.
    848573 When specifying FortiWiFi as devices, "SD-WAN Device Link Bandwidth" and "SD-WAN Device Rules Donut Bandwidth" charts do not display any data.

    876136

    When running reports for all devices "Unknown SN" on the detailed device list can be observed.

    System Settings

    Bug ID Description
    478401 FortiAnalyzer shows an unnecessary warning message "Analytic is using 0% of allocated disk space", which can be very confusing.

    630654

    Imported logs may not sync to slave.
    752111 Traffic, Security, and Event logs section under the Log View tab are missing for Primary HA.
    759601 FortiAnalyzer using Azure AD SAML SSO may show "invalid_logout_response_error" after logout.

    782431

    SNMPv3 stopped working after upgrading.
    803074 The sorting feature does not work correctly for storage info columns under the System Settings.
    817558 Log Forwarding/Device filter window does not allow users to save/cancel the changes.
    829015 "Privacy Masking" feature does not work properly for admins whose admin type utilizes "Remote Authentication Server".
    832973 Analytics and Archive details are missing from "Edit Log Storage Policy".
    837203 Unable to fetch logs between FortiAnalyzer devices due to Invalid cross-device link error.
    842943 After upgrading FortiAnalyzer, "fortinet-ca2" is missing under the CA Certificates; this prevents devices to establish connections to FortiAnalyzer.

    849824

    Under the Event's System logs, adding Filter "Fortiguard web filter services are NOT reachable" does not display any logs.

    853855

    The log forwarding filter does not seem to work properly as expected on FortiAnalyzer.

    Common Vulnerabilities and Exposures

    Visit https://fortiguard.com/psirt for more information.

    Bug ID CVE references

    839861

    FortiAnalyzer 7.2.2 is no longer vulnerable to the following CVE Reference:

    • CVE-2023-23776

    862266

    FortiAnalyzer 7.2.2 is no longer vulnerable to the following CVE Reference:

    • CVE-2023-25606

    866168

    FortiAnalyzer 7.2.2 is no longer vulnerable to the following CVE Reference:

    • CVE-2023-25609

    868880

    FortiAnalyzer 7.2.2 is no longer vulnerable to the following CVE Reference:

    • CVE-2023-25611

    872712

    FortiAnalyzer 7.2.2 is no longer vulnerable to the following CVE Reference:

    • CVE-2023-22642
    Previous
    Next

    Resolved Issues

    Resolved Issues

    The following issues have been fixed in FortiAnalyzer version 7.2.2. To inquire about a particular bug, please contact Customer Service & Support.

    Device Manager

    Bug ID Description
    798197 Under the Device Manager, FortiAnalyzer does not show the color of the logging devices properly (red or green).

    814008

    Sort function for logs and average log rate (logs/sec) does not work in Device Manager.
    819664 Under Device Manager, Average Log Rate is displayed zero for FortiGates HA Cluster.

    824296

    FortiAnalyzer does not show the "root VDOM" under its Device Manager.
    827276 FortiAnalyzer does not let all VDOMs to be added to the Device Manager if FortiGates has more than 10 VDOMs.

    833448

    The device SYSLOG-00000000 appears repeatedly even after being removed from the unregistered devices.
    835653 The FortiGate's IP address and firmware version are not updated when FortiGates are added manually to a non-root ADOM.
    837310 FortiAnalyzer does not show the correct IP addresses and firmware versions for its registered FortiGates.

    838727

    Log Status of the Devices are displayed red when the Primary has a zero lograte.

    846904

    Under the Device Manager, the Average Log Rates are not displayed.

    Event Management

    Bug ID Description
    825422 FortiAnalyzer Event Handler does not trigger any alerts when Log Field has been set to Virtual Domain (vd).

    FortiSOC

    Bug ID Description
    757650 Wrong device name (devname) is filled in event email notification.

    775589

    FortiAnalyzer does not provide any details on status of Fabric Connectors.
    833991 FortiOS connector does not display health status of the Security Fabric members.
    848284 Despite having relevant event logs, created playbook does not get triggered.
    849070 Playbook runs successfully on the FortiAnalyzer, but there is not any stitches triggered on the FortiGate.

    FortiView

    Bug ID Description
    727056 SD-WAN Monitor may show incorrect bandwidth.

    744791

    "Failed Authentication Attempts" logs under the System tab of FortiView are blanks.
    798347 The Filter in FortiView does not properly work for Compromised Hosts.
    798471 Top SD-WAN Device Throughput widget is displaying wrong numbers.
    818077 Top application axis labels are not displayed correctly in Monitor section.

    841717

    The Data displayed on FortiView is inconsistent with the exported "Top Website Domains" PDF report.

    856094

    Browsing time displayed "0s" for 'streaming media and download' category in the 'Top Website Categories' under the FortiView's 'Applications & Websites' tab.

    Log View

    Bug ID Description
    696451 Detected files by Content Disarm and Reconstruction (CDR) cannot be stored/quarantined to FortiAnalyzer despite quarantine destination set to FortiAnalyzer.
    797985 After downloading the IPS logs, the "cve field" is missing.
    816490 In Log Browse, for HA devices, only primary device's log files are displayed .
    836777 When admin profile is set as "Read-Only", Add Filter under the LogView/FortiView displays no fields.
    837554 The Fabric log contains "::ffff:" prefix in front of the value of any IPv4 related fields.
    839350 Devices' entries under the Log Group of the Log View are not displayed.

    855783

    FortiAnalyzer event log file cannot be downloaded in CSV format.

    858682

    The data icon under the Log View for ADOM FortiMail/FortiWeb do not properly display the log details.

    Others

    Bug ID Description
    779943 High memory usage has been observed when creating dataset or running reports on FortiAnalyzer.
    809133 Several process crashes (logfwd/filefwd/clusterd), which have been observed when loading the devices from Device Manager, made FortiAnalyzer unable to show any logs.
    818118 Logs between HA members are not synched.
    822619 Missing values when retrieving logstats using the JSON API requests.
    825927 FortiAnalyzer does not provide access to all available tiles under the FortiAuthenticator ADOM.
    827787 The CPU and Disk I/O usage of the FortiAnalyzer appear to be constantly high.
    829869 When FortiAnalyzer is working on Collector Mode, system storage size increases over time; hence, FortiAnalyzer might stop receiving new logs.
    837657 Creating ADOMs using JSON API, default ADOM configs like report, datasets, charts, etc. are not created.
    838031 FortiAnalyzer GUI does not display the "Rebuilding ADOM DB" in progress anymore.

    838182

    Logs are not being inserted into the secondary FortiAnalyzer.

    839191

    The HA config-sync status issue creates the sync failure frequently.
    839910 The diagnose test application oftpd command does not display any outputs for some FortiGate devices registered on FortiAnalyzer.
    841622 FortiAnalyzer does not download the IOC DB updates when FortiManager acts as the local FortiGuard Server.

    845871

    FortiAnalyzer stopped accepting logs and status of the devices turned into red.

    846315

    FortiAnalyzer does not display ADOM FortiNAC.

    860113

    The primary FortiAnalyzer can show the logs in Log View. The synchronization between primary and secondary fails and the secondary doesn't show the last logs.

    Reports

    Bug ID Description
    704187 "Bandwidth and Application" Report's data does not match with the Top Application data on FortiView.
    722233 The generated report does not display data but its dataset query contains data.
    764194 Playbooks run_report fails with "missing device(s)" if "Playbook Starter" as devices filter is selected.
    768843 FortiAnalyzer does not support importing outbreak alert reports to ADOM type FortiGate.

    771072

    Secure SD-WAN CSV report does not show device names for charts.
    788801 "Throughput utilization billing report" does not display the complete data for the "yesterday" time-period.
    835422 FortiAnalyzer does not display any data on its report when group filter and LDAP query is being used.
    837395 "Show Top" & "Drilldown Top" preview features under the "Edit Chart" do not display the chart based on the selected values.

    841750

    The report does not display any data for its tables.
    844563 Hodex Time shown on table chart does not match with the configured time period for the previous XX days in report.
    844975 The command "execute remove reports" does not remove the reports.
    848573 When specifying FortiWiFi as devices, "SD-WAN Device Link Bandwidth" and "SD-WAN Device Rules Donut Bandwidth" charts do not display any data.

    876136

    When running reports for all devices "Unknown SN" on the detailed device list can be observed.

    System Settings

    Bug ID Description
    478401 FortiAnalyzer shows an unnecessary warning message "Analytic is using 0% of allocated disk space", which can be very confusing.

    630654

    Imported logs may not sync to slave.
    752111 Traffic, Security, and Event logs section under the Log View tab are missing for Primary HA.
    759601 FortiAnalyzer using Azure AD SAML SSO may show "invalid_logout_response_error" after logout.

    782431

    SNMPv3 stopped working after upgrading.
    803074 The sorting feature does not work correctly for storage info columns under the System Settings.
    817558 Log Forwarding/Device filter window does not allow users to save/cancel the changes.
    829015 "Privacy Masking" feature does not work properly for admins whose admin type utilizes "Remote Authentication Server".
    832973 Analytics and Archive details are missing from "Edit Log Storage Policy".
    837203 Unable to fetch logs between FortiAnalyzer devices due to Invalid cross-device link error.
    842943 After upgrading FortiAnalyzer, "fortinet-ca2" is missing under the CA Certificates; this prevents devices to establish connections to FortiAnalyzer.

    849824

    Under the Event's System logs, adding Filter "Fortiguard web filter services are NOT reachable" does not display any logs.

    853855

    The log forwarding filter does not seem to work properly as expected on FortiAnalyzer.

    Common Vulnerabilities and Exposures

    Visit https://fortiguard.com/psirt for more information.

    Bug ID CVE references

    839861

    FortiAnalyzer 7.2.2 is no longer vulnerable to the following CVE Reference:

    • CVE-2023-23776

    862266

    FortiAnalyzer 7.2.2 is no longer vulnerable to the following CVE Reference:

    • CVE-2023-25606

    866168

    FortiAnalyzer 7.2.2 is no longer vulnerable to the following CVE Reference:

    • CVE-2023-25609

    868880

    FortiAnalyzer 7.2.2 is no longer vulnerable to the following CVE Reference:

    • CVE-2023-25611

    872712

    FortiAnalyzer 7.2.2 is no longer vulnerable to the following CVE Reference:

    • CVE-2023-22642
    Previous
    Next