Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiSIEM 7.1.8 Release Notes
    7.1.8
    7.5.0
    7.4.2
    7.4.1
    7.4.0
    7.3.5
    7.3.4
    7.3.3
    7.3.2
    7.3.1
    7.3.0
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.1.9
    7.1.8
    7.1.7
    7.1.6
    7.1.5
    7.1.4
    7.1.3
    7.1.2
    7.1.1
    7.1.0
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.7.10
    6.7.9
    6.7.8
    6.7.7
    6.7.6
    6.7.5
    6.7.4
    6.7.3
    6.7.2
    6.7.1
    6.7.0
    6.6.5
    6.6.4
    6.6.3
    6.6.2
    6.6.1
    6.6.0
    6.5.3
    6.5.2
    6.5.1
    6.5.0
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.3.3
    6.3.2
    6.3.1
    6.3.0
    6.2.1
    6.2.0
    6.1.2
    6.1.1
    6.1.0
    5.4.0
    5.3.3
    5.3.2
    5.3.1
    5.3.0
    5.2.8
    5.2.7
    5.2.6
    5.2.5
    5.2.5
    5.2.1
    5.1.2
    5.1.1
    5.1.0
    5.0.1
    4.10.0
    4.9.0

    What's New in 7.1.8

    What's New in 7.1.8

    This release contains the following bug fixes and enhancements.

    System Update

    This release includes Rocky Linux OS 8.10 patches until March 17, 2025. Details can be found at https://rockylinux.org/news/rocky-linux-8-10-ga-release. FortiSIEM Rocky Linux Repositories (os-pkgs-cdn.fortisiem.fortinet.com and os-pkgs-r8.fortisiem.fortinet.com) have also been updated to include Rocky Linux 8.10. FortiSIEM customers in versions 6.4.1 and above, can upgrade their Rocky Linux versions by following the FortiSIEM OS Update Procedure.

    Bug Fixes and Enhancements

    Bug ID

    Severity

    Module

    Description
    1077901 Major App Server Improve App Server performance by handling PostGreSQL Idle Transaction issue.

    1079987

    Major

    Parser

    Improper TLS handling can result in phParser module consuming large memory.

    1116583

    Enhancement

    System

    Enable FortiSIEM deployment for VMware versions 7 and 8.
    1012778

    Enhancement

    System

    		 Change pg_dump output from gzip to pigz for faster processing.

    Implementation Notes

    PostGreSQL Related

    FortiSIEM 7.1.8 includes PostGreSQL v13.14 containing the patch for CVE-2024-0985.

    • If you are doing a fresh install of FortiSIEM 7.1.8, then the patch is included and there is nothing to do.

    • If you are upgrading to FortiSIEM 7.1.8, then the patch is included and there is nothing to do.

    • If you want to remain on a version of FortiSIEM 7.1.4 or earlier, then you can't get this patch by running yum upgrade, since Postgres changed the repo gpg key as per this change
      (https://yum.postgresql.org/news/pgdg-rpm-repo-gpg-key-update/). To get this Postgres patch, on the Supervisor, run the following script:

    curl -s https://os-pkgs-cdn.fortisiem.fortinet.com/postgres/misc/switch-pgdg-repo-and-upgrade-to-pg13.14.sh | bash -xe

    Post-Upgrade ClickHouse IP Index Rebuilding

    If you are upgrading ClickHouse based deployment from pre-7.1.1 to 7.1.8, then after upgrading to 7.1.8, you need to run a script to rebuild ClickHouse indices. If you are running 7.1.2, 7.1.3, 7.1.4, 7.1.5, 7.1.6 or 7.1.7, and have already executed the rebuilding steps, then nothing more needs to be done.

    For details about this issue, see Release Notes 7.1.3 Known Issue.

    The rebuilding steps are available in Release Notes 7.1.4 - Script for Rebuilding/Recreating pre-7.1.1 ClickHouse Database Indices Involving IP Fields.

    Upgrade Related

    You may encounter a blank Global Dashboard after upgrading to 7.1.8. There are two workarounds.

    1. If you have not upgraded yet, then run the script updateDashboard.sh as root on Supervisor before upgrade. You can upgrade after running the script.

    2. If you have upgraded to 7.1.8 and then see a blank Global Dashboard, then run the script updateImportDashboard.sh as root on Supervisor.

    Previous
    Next

    What's New in 7.1.8

    What's New in 7.1.8

    This release contains the following bug fixes and enhancements.

    System Update

    This release includes Rocky Linux OS 8.10 patches until March 17, 2025. Details can be found at https://rockylinux.org/news/rocky-linux-8-10-ga-release. FortiSIEM Rocky Linux Repositories (os-pkgs-cdn.fortisiem.fortinet.com and os-pkgs-r8.fortisiem.fortinet.com) have also been updated to include Rocky Linux 8.10. FortiSIEM customers in versions 6.4.1 and above, can upgrade their Rocky Linux versions by following the FortiSIEM OS Update Procedure.

    Bug Fixes and Enhancements

    Bug ID

    Severity

    Module

    Description
    1077901 Major App Server Improve App Server performance by handling PostGreSQL Idle Transaction issue.

    1079987

    Major

    Parser

    Improper TLS handling can result in phParser module consuming large memory.

    1116583

    Enhancement

    System

    Enable FortiSIEM deployment for VMware versions 7 and 8.
    1012778

    Enhancement

    System

    		 Change pg_dump output from gzip to pigz for faster processing.

    Implementation Notes

    PostGreSQL Related

    FortiSIEM 7.1.8 includes PostGreSQL v13.14 containing the patch for CVE-2024-0985.

    • If you are doing a fresh install of FortiSIEM 7.1.8, then the patch is included and there is nothing to do.

    • If you are upgrading to FortiSIEM 7.1.8, then the patch is included and there is nothing to do.

    • If you want to remain on a version of FortiSIEM 7.1.4 or earlier, then you can't get this patch by running yum upgrade, since Postgres changed the repo gpg key as per this change
      (https://yum.postgresql.org/news/pgdg-rpm-repo-gpg-key-update/). To get this Postgres patch, on the Supervisor, run the following script:

    curl -s https://os-pkgs-cdn.fortisiem.fortinet.com/postgres/misc/switch-pgdg-repo-and-upgrade-to-pg13.14.sh | bash -xe

    Post-Upgrade ClickHouse IP Index Rebuilding

    If you are upgrading ClickHouse based deployment from pre-7.1.1 to 7.1.8, then after upgrading to 7.1.8, you need to run a script to rebuild ClickHouse indices. If you are running 7.1.2, 7.1.3, 7.1.4, 7.1.5, 7.1.6 or 7.1.7, and have already executed the rebuilding steps, then nothing more needs to be done.

    For details about this issue, see Release Notes 7.1.3 Known Issue.

    The rebuilding steps are available in Release Notes 7.1.4 - Script for Rebuilding/Recreating pre-7.1.1 ClickHouse Database Indices Involving IP Fields.

    Upgrade Related

    You may encounter a blank Global Dashboard after upgrading to 7.1.8. There are two workarounds.

    1. If you have not upgraded yet, then run the script updateDashboard.sh as root on Supervisor before upgrade. You can upgrade after running the script.

    2. If you have upgraded to 7.1.8 and then see a blank Global Dashboard, then run the script updateImportDashboard.sh as root on Supervisor.

    Previous
    Next