Skip to main content
U_shah
U_shah
Visitor III
May 21, 2024
Question

Vulnerability path information in Diagnostic Logs

  • May 21, 2024
  • 4 replies
  • 2284 views

We are seeing lot of discrepancy on the vulnerability reported by FortiEMS on Dashboard and what shows up on client sometimes. Most of the time we would have to get access to the machine to find the path which is being reported as vulnerable for that application.

 

We fetched forticlient logs - but all it gives is the vulnerability details - same as the dashboard. Do we have more information about where this vulnerability is via Diagnostic logs if we fetch it from FortiEMS server?

 

Looking for path information about the vulnerability so that we can help end-users faster.

 

4 replies

Jean-Philippe_P
Staff & Editor
Jean-Philippe_P
Staff & Editor
May 24, 2024

Hello U_shah, 

 

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible. 

 

Thanks, 

Jean-Philippe - Fortinet Community Team
Jean-Philippe_P
Staff & Editor
Jean-Philippe_P
Staff & Editor
May 27, 2024

Hello,

 

We are still looking for an answer to your question.

 

We will come back to you ASAP.

 

 

Thanks,

Jean-Philippe - Fortinet Community Team
volkanavsar
Staff
volkanavsar
Staff
May 27, 2024

Hello,

 

There may be a synchronisation issue between EMS and FortiClient. We therefore recommend contacting our support team via a ticket to clearly understand the vulnerability discrepancy details between EMS and FortiClient and investigate the vulnerability details via FortiClient logs. This will allow us to address your issue promptly.

 

Regards.

    U_shah
    U_shahAuthor
    Visitor III
    May 28, 2024

    This question was more regarding where can I see the path details of various vulnerabilities reported in the diagnostic or Forticlient Logs that I can fetch from the FortiEMS server.

     

    For example, the EMS mentions that there is Microsoft Edge vulnerability on a particular machine, 9 times out of 10, it is an old installer present on a profile that does not login often and thus does not get updated although the machine has the latest patch for the profile that uses it the most. Since, we dont have any means to view the path of the vulnerability that gets reported on EMS, I wanted to check if this information is available on Diagnostic or the Forticlient Logs.

     

    We already have a ticket for vulnerability discrepancy between EMS and Forticlient.

    volkanavsar
    Staff
    volkanavsar
    Staff
    May 29, 2024

    Hello,

     

    Thank you for your message. Please review the file "vcm_result.txt" under the path "C:\Program Files\Fortinet\FortiClient\logs\vcm\" to see if this meets your request.

     

    Regards.

    Terms & ConditionsAccessibility statement