Description |
The 'AuditLog Cleanup' playbook or any other playbooks that directly access the Gateway API will fail once you have installed the Security Patch (nginx-security-patch) since this security patch has blocked improper access control on the Gateway API. For more information on the security patch.
Related document: |
Scope | All FortiSOAR versions that have installed the nginx-security-patch prior to FortiSOAR version 7.2.0. |
Solution |
Modify the 'AuditLog Cleanup' playbook as follows:
1) Log onto FortiSOAR and open the Schedule Management Playbooks page (Settings -> System Fixtures -> Schedule Management Playbooks).
2) Open the 'AuditLog Cleanup' playbook.
3) Open the 'Delete AuditLogs' step.
4) Update the value in the IRI field to: /api/gateway/audit/activities/delete.
The change is to add /api at the start of the IRI field value. Save the step and then save the playbook.
Note. It is possible to perform similar steps for other playbooks that fail after installing the nginx-security-patch. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.