Fortinet opublikował aktualizację oprogramowania dla produktu FortiAnalyzer, oznaczoną numerem wersji 7.4.2. Nowa wersja rozwiązuje problemy z synchronizacją informacji o serwerze FortiClient EMS, brakiem możliwości dodania FortiNAC, z automatyzacją polegającą na przekazywaniu skryptów do FortiGate, oraz nieprawidłowym wyświetlaniu logów w Log View. Poprawiono również sekcję raportów, w której rozwiązano problemy braku danych mimo wprowadzenia prawidłowych chartów do raportu.
Aktualnie wspierane modele:
FortiAnalyzer | FAZ-150G, FAZ-300F, FAZ-300G, FAZ-400E, FAZ-800F, FAZ-800G, FAZ-1000F, FAZ-2000E, FAZ-3000F, FAZ-3000G, FAZ-3500F, FAZ-3500G, FAZ-3700F, and FAZ-3700G. |
FortiAnalyzer VM | FAZ_DOCKER, FAZ_VM64, FAZ_VM64_ALI, FAZ_VM64_AWS, FAZ_VM64_AWSOnDemand, FAZ_VM64_Azure, FAZ_VM64_GCP, FAZ_VM64_IBM, FAZ_VM64_HV (including Hyper-V 2016, 2019), FAZ_VM64_KVM, FAZ_VM64_OPC, FAZ_VM64_XEN (for both Citrix and Open Source Xen), |
Rozwiązane problemy:
Device Manager
Bug ID | Description |
---|---|
861979 | FortiAnalyzer generates „Invalid user/password for Security Fabric device in Device manager” even though the password is correct. |
888797 | The IP address is not updated on FortiAnalyzer when the FortiGate is forwarded from Collector mode FortiAnalyzer. |
927113 | FortiAnalyzer displays incorrect EMS server version, IP address, and connectivity status. |
927747 | Connectivity status of FortiMail/FortiClient EMS shows the status Unknown. |
956536 | Unable to add FortiNAC device to FortiAnalyzer. |
Fabric View
Bug ID | Description |
---|---|
924444 | In the Fabric View, the Asset List download option is not functioning. |
949748 | MS_TEAMS & SERVICENOW Connectors are not available under the Automation Fabric View. |
FortiSOC
Bug ID | Description |
---|---|
783569 | Automation Stitch Action „Ban IP” does not work on FortiGate because FortiAnalyzer did not send the srcip to FortiGate. |
951343 | The 'logdesc’ log field message is sent incomplete. |
959875 | In the Playbook Monitor, the status of the default playbook Update Asset and Identity Database is displayed as failed. |
FortiView
Bug ID | Description |
---|---|
914317 | The Monitor tab under FortiView displays an error message when querying certain Endpoints widgets. |
946188 | Unable to get more details about the Compromised Hosts in FortiView. |
Log View
Bug ID | Description |
---|---|
775185 | Duplicated logs have the potential to adversely impact the overall performance of the FortiAnalyzer. |
941273 | When selecting a log attribute for filtering, no value options are provided. |
961520 | Log View does not display log entries as per the configured number per page. |
967641 | Intermittent and frequent issues occur when loading the Log View page. This happens when users click on the Log View pane, select FortiGates, or set filters. |
974762 | The horizontal scroll bar is missing from the detailed information window for events in Log View. |
Others
Bug ID | Description |
---|---|
812931 | VIP access is not supported due to the new Azure API changes in HA VRRP. |
893699 | Login failed for restapi request due to invalid user/password. |
922549 | The FortiAnalyzer HA cluster synchronization is stuck at the 'HA_SYNC_STATE_SENDING_METADATA’ status. |
924123 | FortiAnalyzer-1000F does not support FortiWeb-1000F. |
933475 | Logs of HA Secondary are not visible when the HA is a CSFs member. |
942465 | Excessive „oftpd process” usage may adversely affect the proper functioning of the FortiAnalyzer. |
948471 | Upon upgrading to FortiAnalyzer 7.4.1, analytical features like Log View, FortiView, and Reports are unavailable.
For more details, see „PostgreSQL database upgrade” in Special Notices for the FortiAnalyzer 7.4.1 Release Notes. |
950115 | When FortiAnalyzer forwards logs to a syslog server, quotation marks are missing for the field values. |
950464 | FortiAnalyzer under the event logs displays the following error message „Failed to upgrade alerts table FMGADOM118 from v5 to v6 ret=-1, reboot required.” |
950501 | The execmd process enters the Zombie state causes temporary slowdown and unresponsiveness in the FortiAnalyzer GUI. |
951791 | Continuous crashes for the „fileparsed Application” on FortiAnalyzer HA have been observed. |
952295 | FortiAnalyzer does not remove the logs after forwarding then to the cloud storage. |
957433 | When creating the FortiManager/FortiAnalyzer docker instances, UUID is missing under the „diagnose debug vminfo „. |
965803 | Due to some Redis-related issues, the diag log device command displays Information Not Available for all ADOMs, and newly generated reports are not visible on the GUI. |
Reports
Bug ID | Description |
---|---|
821783 | Predefined Report User Detailed Browsing Log returns no matching data. |
936084 | No data shows up in report when filter applied to chart in FortiMail ADOM. |
947800 | The chart/dataset cannot be saved from chart builder. |
948993 | Export a report with custom datasets, and the datasets contents will be missing when importing it. |
952229 | Certain charts in the reports are not employing consistent session counting logic within the base hcache for FGT_DATASET_BASE_TRAFFIC_BANDWIDTH_SESSION. This inconsistency might result in inaccurate results. |
952367 | Cannot create Datasets for non-Fabric type ADOMs. |
958246 | When creating a new dataset, timestamps are not only displayed in epoch time but are also inaccurate. |
System Settings
Bug ID | Description |
---|---|
829015 | Privacy Masking feature does not work properly for admins whose admin type utilizes Remote Authentication Server. |
898944 | When the ADOM name is changed, it does not update under the Log Forward in the Select Device Filter. |
927773 | When specific ADOMs are selected as Filters, Log Forwarding stops functioning. |
934625 | Adding devices to Log-forward filter creates duplicates of previously added devices. |
941261 | Users can’t access the „Log Forwarding” section; it displays a „Failed to load” error message. |
945233 | Log Forwarding configuration is automatically disabled by FortiAnalyzer when it fails to resolve FQDN addresses due to DNS issues. |
953842 | Log Forwarding does not filter logs based on the specific ADOMs. |
Znane problemy:
FortiView
Bug ID | Description |
---|---|
954542 | When the time range is extensive, FortiAnalyzer may experience limitations in handling data points, resulting in potential omissions of data entries in the final results for FortiView SD-WAN Monitors widgets. |
Log View
Bug ID | Description |
---|---|
930785 | Under Log View, navigating to IPS and clicking on ’Attack Name’ tab successfully opens the attack description but promptly redirects back to the home page. |
Reports
Bug ID | Description |
---|---|
895106 | Top destination by bandwidth dataset does not exclude long-live session. |
894454 | When creating customized reports filtered by multiple specific interfaces, the operator „or” does not work. |
System Settings
Bug ID | Description |
---|---|
766197 | An admin user limited to a device group can view all devices’ logs. |
956884 | FortiAnalyzer’s HA Status consistently switches to „Negotiating” during the process of HA configuration synchronization. |
Notatki producenta: FortiAnalyzer 7.4.2
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie