User may face an issue whereby the where FortiAnalyzer Report is showing IP in IPv6 format (prepending with '::ffff:') as per the screenshot below.

To resolve this, apply the following workaround by manually changing the IPv6 format strings to IPv4 format in the report datasets (Reports -> Report Definitions -> Datasets) such as changing 'dstip' to ipstr('dstip') as 'dstip'.

For example:

select count (*) as total_number, `devname`, `dstip`, `srcip`,`policyid` from ###(select `devname`, ipstr(dstip) as dstip, ipstr(srcip) as srcip,`policyid` from $log where $filter and (bitAnd(logflag,1)>0) group by `devname`,`srcip`,`dstip`,`policyid` order by `devname` desc)### t group by `devname`,`dstip`, `policyid`,`srcip` order by `devname` desc