Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 26.2.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Administration Guide

    Home FortiCNAPP Administration Guide

    Example workflow: Show all hosts with Log4j vulnerability

    Example workflow: Show all hosts with Log4j vulnerability

    The following workflow uses the Show all hosts with Log4j Vulnerability to identity vulnerabilities in a specific Resource Group in a specific region.

    1. Run the query

    In the Explorer landing page, click the Show all hosts with Log4j Vulnerability query.

    The query results displays all hosts affected by log4j.

    2. Use the query builder to include resource groups by region

    To narrow the results to Resource Group by region:

    1. Click the query string at the top of the page.
    2. Click Add Clause.
    3. Click Resource Groups. Search for the region and select it, then click Add clause.

    4. Note that you have the option to save this revision as a new query. Click Search.

    3. View the results in the Explorer Graph

    After the results are returned, click View in Graph. The Explorer graph displays the affected resources.

    You can also see what other vulnerabilities are affecting the resources.

    4. Identify the resources that are internet exposed

    Now you will identify which resources are internet exposed. Click the hamburger menu at the bottom of the graph to return to your results and click the query string at the top of the page.

    Click Add Clause. Select Internet Exposed and set the condition to is equal to True. Click Add clause and click Search.

    If the query returns resources that are internet exposed, you can identify those resources and address the vulnerability.

    Previous
    Next

    Example workflow: Show all hosts with Log4j vulnerability

    Example workflow: Show all hosts with Log4j vulnerability

    The following workflow uses the Show all hosts with Log4j Vulnerability to identity vulnerabilities in a specific Resource Group in a specific region.

    1. Run the query

    In the Explorer landing page, click the Show all hosts with Log4j Vulnerability query.

    The query results displays all hosts affected by log4j.

    2. Use the query builder to include resource groups by region

    To narrow the results to Resource Group by region:

    1. Click the query string at the top of the page.
    2. Click Add Clause.
    3. Click Resource Groups. Search for the region and select it, then click Add clause.

    4. Note that you have the option to save this revision as a new query. Click Search.

    3. View the results in the Explorer Graph

    After the results are returned, click View in Graph. The Explorer graph displays the affected resources.

    You can also see what other vulnerabilities are affecting the resources.

    4. Identify the resources that are internet exposed

    Now you will identify which resources are internet exposed. Click the hamburger menu at the bottom of the graph to return to your results and click the query string at the top of the page.

    Click Add Clause. Select Internet Exposed and set the condition to is equal to True. Click Add clause and click Search.

    If the query returns resources that are internet exposed, you can identify those resources and address the vulnerability.

    Previous
    Next