Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Assistance Required in Identifying Logs for Patched Vulnerabilities
We are using FortiClient with EMS and FAZ integrated to manage and monitor endpoint security. Recently, EMS detected a vulnerability in Google Chrome on one of the endpoints. The user subsequently patched the vulnerability by updating Chrome to the latest version (e.g., version X.X.X).
However, I am unable to find any logs that indicate:
- The patching action: A record of the software being updated or the vulnerability being patched.
- Version information: Logs reflecting the software version before and after the update.
Despite reviewing logs in both EMS and FAZ, I could not identify relevant entries indicating the patching or update process.
Request for Support:
- Could you confirm if such events are logged by FortiClient and forwarded to EMS and FAZ?
- If yes, what log fields, indicators, or keywords (e.g., event type, status, or version details) should I search for in EMS and FAZ logs?
- Are there any specific configurations needed in FortiClient, EMS, or FAZ to ensure that logs for software updates and patched vulnerabilities are generated and visible?
Labels:
- Labels:
-
FortiAnalyzer
-
FortiClient
-
FortiClient EMS
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Anthony-Fortinet Community Team.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This tech tip should help.
AEK
AEK
