Technical Tip: FortiAnalyzer – How to include the NULL values when using NOT operator in the log search
Description
Using a NOT operator (!=) in the log search is excluding the NULL values from the result.
For example, the column 'Action' contains values 'perf-stats', 'change', 'disconnect' and 'NULL'.
action!="perf-stats" returns only records containing 'change' and 'disconnect'. 'NULL' is excluded.
Solution
To display the NULL value, the filter must explicitly include the following:
action!="perf-stats" OR action=""
