Assistance Required in Identifying Logs for Patched Vulnerabilities

sehran · ‎01-17-2025

We are using FortiClient with EMS and FAZ integrated to manage and monitor endpoint security. Recently, EMS detected a vulnerability in Google Chrome on one of the endpoints. The user subsequently patched the vulnerability by updating Chrome to the latest version (e.g., version X.X.X).

However, I am unable to find any logs that indicate:

The patching action: A record of the software being updated or the vulnerability being patched.
Version information: Logs reflecting the software version before and after the update.

Despite reviewing logs in both EMS and FAZ, I could not identify relevant entries indicating the patching or update process.

Request for Support:

Could you confirm if such events are logged by FortiClient and forwarded to EMS and FAZ?
If yes, what log fields, indicators, or keywords (e.g., event type, status, or version details) should I search for in EMS and FAZ logs?
Are there any specific configurations needed in FortiClient, EMS, or FAZ to ensure that logs for software updates and patched vulnerabilities are generated and visible?

Anthony_E · ‎01-19-2025

Hello,

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Thanks,

Anthony-Fortinet Community Team.

AEK · ‎01-23-2025

This tech tip should help.

https://community.fortinet.com/t5/FortiClient/Technical-Tip-How-to-send-FortiClient-logs-to-FortiAna...

AEK

Assistance Required in Identifying Logs for Patched Vulnerabilities

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website