Troubleshooting Tip: Why the hash value for file a...

FortiNDR (on-premise)

On-premise where solution process and store data on customer’s network. Supports Netflow and OT deployments.

Article Id 394495

Description

This article describes why the hash value for a file added to the allow list does not appear in the static filter allow list.

Scope

FortiNDR.

Solution

When selecting '+ Add to Allow List' in the malware log view sample details, it shows the file successfully added to the Allow List.

The successful file added in the Allow List should be showing the hash value for the MD5, SHA1 and SHA256 in the Virtual Security Analyst -> Static Filter -> Allow List.

If the hash value for the file added in the Allow List does not appear in the Virtual Security Analyst -> Static Filter -> Allow List, check the Administrator account that is used when adding the file in the Allow List. The Admin Profile used for that Administrator account should have 'Read/Write' enabled in the Access Permissions.

Contributors

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Troubleshooting Tip: Why the hash value for file added to the allow list not appear in the static filter allow list

You are leaving our website