So, for those of you that utilize the FortiAnalyzer (in place of or in addition to Splunk, ArcSight etc) here is the “What’s New” for FortiAnalyzer 5.2. This is a copy of the Fortinet direct documentation for those that don’t have access to it.
FortiAnalyzer v5.2 includes the following new features and enhancements.
FortiAnalyzer v5.2.0 includes the following new features and enhancements.
- Event Handler for local FortiAnalyzer event logs
- FortiOS v4.0 MR3 logs are now supported.
- Support subject customization of alert email.
- New FortiView module
- Updated compact log v3 format from FortiGate • Explicit proxy traffic logging support
- Improved FortiAnalyzer insert rate performance
- Log filter improvements
- FortiSandbox logging support
- Syslog server logging support
- Improvements to report configuration
- Improvements to the Admin and System Events Report template
- Improvements to the VPN Report template
- Improvements to the Wireless PCI Compliance Report template
- Improvements to the Security Analysis Report template
- New Intrusion Prevention System (IPS) Report template
- New Detailed Application Usage and Risk Report template
- New FortiMail Analysis Report template
- New pre-defined Application and Websites report templates
- Macro library support
- Option to display or upload reports in HTML format
- FortiCache reporting support
- HA cluster auto discover
Having trouble configuring your Fortinet hardware or have some questions you need answered? Ask your questions in the comments below!!! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!