What’s new in Release 4.5.2
Bug Fixes
New Device Support
Bug Fixes
| Bug ID | Severity | Component | Description |
| 15260 | Major | GUI | Group By cannot be saved in Rule sub-patterns when creating / editing rules |
| 15346 | Major | GUI | VCenter Cluster level CPU and Memory Utilization events are not generated |
| 15368 | Major | App Server | Sometimes airline monitoring events have customer id 1 (Super/local) instead of correct customer id
(corresponding airline) |
| 15398 | Major | System | Upgrade issue – VMware pulling via Collectors – Old VMware SDK libraries (vim25-4.0.jar,vim-4.0.jar) in Collector causes VMware event pulling problems |
| 15399 | Major | System | Upgrade issue – missing perl-IO-Socket-SSL and perl-NetAddr-IP packages on 4.5.1 Collector causes eStreamer communication to fail from Collelctor |
| 15400 | Major | Parser | “use_dns_lookup=no” flag NOT working for SyslogNGParser and UnixParser |
| 15266,
15330 |
Normal | Parser | Excessive DNS failed login causes phoenix.log to grow |
| 15373 | Normal | Data | Windows successful logon event parsed incorrectly as logon failure events |
| 15317 | Normal | GUI | Mistakenly removes Event Receive Status for Windows Agent when user disables WMI event pull |
| 15397 | Normal | Data
Manager |
Occasional crash in phDataManager due to out-of-scope pointer usage |
| 15294 | Normal | Parser | Strange device types created in CMDB from Netflow discovery |
| 15313 | Normal | App Server | Exception causes App server task cache and database to go out of synch – this causes memory leak in Agent
Manager |
| 15343 | Normal | App Server | Creating a rule exception in Super Local will erroneously remove the corresponding entry from system watch list |
| 15120 | Minor | Data | Fortinet IPS Event Severity Parsing is incorrect |
| 15249 | Minor | Data | Some CMDB Reports containing single quote in Filter condition incorrectly displayed and do not produce correct results |
| 15253 | Minor | Data | Reporting device name is parsed wrong in LinuxInotifyParser |
| 15255 | Minor | Data | Windows Server Failed Logons report definition is incorrect because logon failure events do not have winLogonType |
| 15265 | Minor | Data | Reporting Device name is parsed incorrectly in agentless FIM events |
| 15320 | Minor | Data | AccelOps-WUA-WinLog should be parsed to syslog |
| 15344 | Minor | Data | Parsing error for sourcefire, cisco acs, junos |
| 15371 | Minor | Data | H3C syslog events have incorrect Reporting IP 0.0.7.224 |
| 15376 | Minor | Data | One system CMDB report in Ungrouped category |
| 15345 | Minor | Data | Some profile rules did not report incident attributes correctly |
| 15369 | Minor | Data | Should not show SSH credential for Cisco FirePower in Credential tab |
| 15285 | Enhancement | Data | Parse IOS-CDP-NATIVE_VLAN_MISMATCH |
| 15372 | Enhancement | Enhancement | Parse attribute from Windows System Time Change events and add a PCI report |
New Device Support
Symantec DLP – log analysis – see here
IBM OS400 (iSeries) Log Parsing via Townsend Agent – see here
Tufin SecureTrack – log analysis – see here
IBM Guardium – log analysis – see here
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!