Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
sehran
New Contributor

Assistance Required in Identifying Logs for Patched Vulnerabilities

We are using FortiClient with EMS and FAZ integrated to manage and monitor endpoint security. Recently, EMS detected a vulnerability in Google Chrome on one of the endpoints. The user subsequently patched the vulnerability by updating Chrome to the latest version (e.g., version X.X.X).

However, I am unable to find any logs that indicate:

  1. The patching action: A record of the software being updated or the vulnerability being patched.
  2. Version information: Logs reflecting the software version before and after the update.

Despite reviewing logs in both EMS and FAZ, I could not identify relevant entries indicating the patching or update process.

Request for Support:

  1. Could you confirm if such events are logged by FortiClient and forwarded to EMS and FAZ?
  2. If yes, what log fields, indicators, or keywords (e.g., event type, status, or version details) should I search for in EMS and FAZ logs?
  3. Are there any specific configurations needed in FortiClient, EMS, or FAZ to ensure that logs for software updates and patched vulnerabilities are generated and visible?
2 REPLIES 2
Anthony_E
Community Manager
Community Manager

Hello,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Anthony-Fortinet Community Team.
AEK
SuperUser
SuperUser

AEK
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors