Fortinet black logo

Administration Guide

About FortiSOAR

Copy Link
Copy Doc ID 5c3f3ace-db1f-11eb-97f7-00505692583a:861742
Download PDF

About FortiSOAR

The left-navigation panel contains a link that includes the version and build number of FortiSOAR that is installed in your environment. For example, in the following image, the version of FortiSOAR installed is 7.0.0, and the build number is 56:

About FortiSOAR™ link

Clicking on the FortiSOAR Version Number Build number link, for example, FortiSOAR 7.0.0-56 link in the above image displays the version information of major components of FortiSOAR, which are: Application Engine, Playbook Engine, Integration Engine, Authentication Engine, and Client Interface.

About FortiSOAR™ dialog

You can use the information presented in the FortiSOAR dialog, in the following cases:

  • If you require some issue resolution or feature enhancement, then you might need to know the exact version of FortiSOAR installed in your environment, since the fix or enhancement might vary based on the version.
  • There can be instances where you require only a component, for example, Client Interface, within FortiSOAR to be updated. In such cases, you might need to know the versions of all the components in your FortiSOAR system.

From version 7.0.0 onwards, the FortiSOAR dialog displays a notification when a new release (always the latest) is available. The notification contains a Details link to that version's release notes so that you can get details about the latest available release. This keeps users informed about the latest releases and then users can make informed decisions about upgrading to the latest available version. You can also view a similar notification when you click the Notifications icon on the top-right corner of FortiSOAR screen. To view the upgrade notification, click the Notifications icon and then expand the Updates section:

To view the details of the latest available release, click Details, and to dismiss the upgrade notification, click Dismiss.

Downloading FortiSOAR logs

From version 7.0.0 onwards, the FortiSOAR dialog also displays a Download Logs link using which you can collect logs directly from UI. Application logs are important and are often required to troubleshoot issues, and during upgrade and installation operations. Prior to version 7.0.0, log collection was only possible using CLI commands, and there could be some SOC environments where SSH access to systems are very restricted and required to go through various approvals. Therefore, in such cases, collecting logs would become a tedious task. To ease the process of log collection, you can directly collect logs from the FortiSOAR dialog and share them with support team for further troubleshooting.

Clicking the Download Logs link displays a Download Logs dialog that provides you with an option to either download the log files without a password or to password-protect the downloaded log files.

Download Logs Dialog

By default, the Yes option is selected, i.e., you must add a password to protect the downloaded log files, so that the log files get an added security and can be opened only by users who have the password and not by everyone who has access to the system. Clicking Yes opens the Download logs with password dialog where you can enter the password for the log files and then click Download. If you click No, download without password, then the process of collecting and downloading the logs starts immediately.

The following log files are downloaded:

/var/log/cyops 
/var/log/nginx
/var/log/elasticsearch
/var/log/messages*
/var/log/audit
/var/log/rabbitmq
/var/log/php-fpm

About FortiSOAR

The left-navigation panel contains a link that includes the version and build number of FortiSOAR that is installed in your environment. For example, in the following image, the version of FortiSOAR installed is 7.0.0, and the build number is 56:

About FortiSOAR™ link

Clicking on the FortiSOAR Version Number Build number link, for example, FortiSOAR 7.0.0-56 link in the above image displays the version information of major components of FortiSOAR, which are: Application Engine, Playbook Engine, Integration Engine, Authentication Engine, and Client Interface.

About FortiSOAR™ dialog

You can use the information presented in the FortiSOAR dialog, in the following cases:

  • If you require some issue resolution or feature enhancement, then you might need to know the exact version of FortiSOAR installed in your environment, since the fix or enhancement might vary based on the version.
  • There can be instances where you require only a component, for example, Client Interface, within FortiSOAR to be updated. In such cases, you might need to know the versions of all the components in your FortiSOAR system.

From version 7.0.0 onwards, the FortiSOAR dialog displays a notification when a new release (always the latest) is available. The notification contains a Details link to that version's release notes so that you can get details about the latest available release. This keeps users informed about the latest releases and then users can make informed decisions about upgrading to the latest available version. You can also view a similar notification when you click the Notifications icon on the top-right corner of FortiSOAR screen. To view the upgrade notification, click the Notifications icon and then expand the Updates section:

To view the details of the latest available release, click Details, and to dismiss the upgrade notification, click Dismiss.

Downloading FortiSOAR logs

From version 7.0.0 onwards, the FortiSOAR dialog also displays a Download Logs link using which you can collect logs directly from UI. Application logs are important and are often required to troubleshoot issues, and during upgrade and installation operations. Prior to version 7.0.0, log collection was only possible using CLI commands, and there could be some SOC environments where SSH access to systems are very restricted and required to go through various approvals. Therefore, in such cases, collecting logs would become a tedious task. To ease the process of log collection, you can directly collect logs from the FortiSOAR dialog and share them with support team for further troubleshooting.

Clicking the Download Logs link displays a Download Logs dialog that provides you with an option to either download the log files without a password or to password-protect the downloaded log files.

Download Logs Dialog

By default, the Yes option is selected, i.e., you must add a password to protect the downloaded log files, so that the log files get an added security and can be opened only by users who have the password and not by everyone who has access to the system. Clicking Yes opens the Download logs with password dialog where you can enter the password for the log files and then click Download. If you click No, download without password, then the process of collecting and downloading the logs starts immediately.

The following log files are downloaded:

/var/log/cyops 
/var/log/nginx
/var/log/elasticsearch
/var/log/messages*
/var/log/audit
/var/log/rabbitmq
/var/log/php-fpm