Resolved Issues
The following issues have been fixed in FortiAnalyzer version 5.4.0. For inquires about a particular bug, please contact Customer Service & Support.
Device Manager
| Bug ID | Description |
| 298415 | FortiAnalyzer cannot add FortiController 5103B as a syslog device. |
| 292606 | FortiAnalyzer cannot accept logs from FortiADC. |
| 279319 | Non-existing VDOMs with strange characters are displayed. |
| Bug ID | Description |
| 307732 | F3K2D-DC logs are recognized as Syslogs. |
Event Management
| Bug ID | Description |
| 299664 | The RPI field is missing from Syslog alert. |
| 287216 | Event Handlers returns SQL error: duplicated key (Alert ID) when inserting alert_logs. |
| 284440 | There is an invalid Ref Field in the FortiGate Logs. |
| 270264 | Change Device ID to Device Name in an Email subject line subject line. |
FortiView
| Bug ID | Description |
| 298726 | Top Threats may not show any results that reflect the corresponding threat logs. |
| 291597 | The Application icons are not displayed in FortiView and Log View. |
| 280309 | FortiView Resource Usage does not display peak values. |
| 280181 | FortiAnalyzer does not display IP/MAC information in DHCP logs. |
Logging
| Bug ID | Description |
| 300877 | Users are unable to choose columns when creating a table chart from dataset. |
Resolved Issues
| Bug ID | Description |
| 299509 | IPv6 logs that are sent to Syslog server via log forwarding are different from IPv6 logs that are sent directly from FortiGate. |
| 291652 | Fortilogd may be blocked by slow TCP log forwarding and stop receiving incoming logs. |
| 286804 | Search takes longer than expected and may return unexpected results. |
| 286190 | The “Last 5 min” interval option is missing from the FortiLog Time Interval List . |
| 284658 | FortiAnalyzer does not refresh the list of logs with the Go button. |
| 281953 | Advanced ADOM mixes up logs from different VDOMs. |
| 280891 | Several fields are missing when viewing FortiSandbox logs. |
| 280873 | String value in the Extension Field that is formatted using CEF is surrounded by quotes. |
| 280578 | When the Language setting is set to Japanese, FortiAnalyzer shows columns with the same heading. |
| 280192 | Base64 encoded “log-attack-context” log is not readable. |
| 280192 | Base64 encoded log-attack-context events are not readable on FortiAnalyzer. |
| 280053 | Attack Context ID for Intrusion Prevention logs are not parsed properly. |
| 278804 | FortiAnalyzer does not restrict the number for Last N days in Log View. |
| 278453 | FortiAnalyzer returns an error and stops a query when the Source IP is an invalid IP address. |
| 278077 | Traffic log table still displays the Date/Time column even though it has been disabled via Column Settings. |
| 276989 | Scan Start and End times should be displayed in a readable format instead of in epoch mode. |
| 276491 | GTP specific fields are missing in Event Log Viewer after an upgrade. |
Reporting
Resolved
| Bug ID | Description |
| 300569 | When there are many hcache tables, the SQL query for report generation may fail. |
| 298217 | The report generated for “Active Traffic Users” has data inconsistent with the dataset output. |
| 295987 | The “Top 20 Bandwidth Users” report that runs with the “Webfilter-Top-Web-Users-ByBandwidth” data set may not return correct data. |
| 292983 | The apprisk-ctrl-Common-Virus-Botnet-Spyware dataset may filter out botnet applications. |
| 291808 | Some VDOMs are missing under the Configuration tab of a report. |
| 286653 | When selecting a background image, the footer background color does not apply to the cover page. |
| 286588 | Creating hcache does not work after enabling the Report Group. |
| 284133 | When using the $flex_timescale, the Start time and End time are not correct in the SQL. |
| 283433 | User filter does not work when the username contains the \ character. |
| 275394 | FortiAnalyzer loses auto column update in chart when the dataset is changed. |
| 272777 | When query results contain the # character, it cannot be displayed in the table chart. |
| 262593 | Japanese characters in a PDF formatted report are displayed in an unexpected front style. |
| 257691 | Report line chart limits the number of items depending on the period specified for the report. |
| 231536 | A Group Report should not be generated when the Multiple Reports (Per-Device) option is selected. |
System Settings
| Bug ID | Description |
| 278334 | FortiAnalyzer displays inconsistent behavior for read-only admin profiles. |
| 270785 | When the license count is exceeded, the alert message does not appear. |
Resolved Issues
Others
| Bug ID | Description |
| 306160 | Syslog is trimmed when being forwarded to a syslog server. |
| 296481 | The getFazGeneratedReport XML call should include macro data in the report_ data.txt file. |
| 296228 | FortiAnalyzer should support TLS v1.1 and v1.2. |
| 295051 | Within a XML response, the report name always has prefix “S-{layout-id}_t{layout-id}-
“. |
| 294453 | Some SOAP API calls may not close connections. |
| 291013 | Oftpd may crash in some situations. |
| 286512 | Device version is not set in the CEF message header field. |
| 286498 | FortiAnalyzer does not back up logs to FTP when using log-file-archive-name extended . |
| 283832 | Oftp keeps updating the address from multiple VDOMs when the FortiAnalyzer override is enabled in each of the VDOMs. |
| 279760 | FortiAnalyzer returns an error when running searchFazLog using duration or sentbyte as searchCriteria with the XML API. |
| 277478 | Several ERROR: extra data after last expected column messages appear in the pgsvr.log. |
| 275008 | The fazmaild daemon stops working. |
| 241924 | The Drilldown to UTM tabs of FortiGate do not show the correct UTM log entry when the device is FortiAnalyzer. |
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!