We are seeing lot of discrepancy on the vulnerability reported by FortiEMS on Dashboard and what shows up on client sometimes. Most of the time we would have to get access to the machine to find the path which is being reported as vulnerable for that application.
We fetched forticlient logs - but all it gives is the vulnerability details - same as the dashboard. Do we have more information about where this vulnerability is via Diagnostic logs if we fetch it from FortiEMS server?
Looking for path information about the vulnerability so that we can help end-users faster.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello U_shah,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Hello,
We are still looking for an answer to your question.
We will come back to you ASAP.
Thanks,
Hello,
There may be a synchronisation issue between EMS and FortiClient. We therefore recommend contacting our support team via a ticket to clearly understand the vulnerability discrepancy details between EMS and FortiClient and investigate the vulnerability details via FortiClient logs. This will allow us to address your issue promptly.
Regards.
This question was more regarding where can I see the path details of various vulnerabilities reported in the diagnostic or Forticlient Logs that I can fetch from the FortiEMS server.
For example, the EMS mentions that there is Microsoft Edge vulnerability on a particular machine, 9 times out of 10, it is an old installer present on a profile that does not login often and thus does not get updated although the machine has the latest patch for the profile that uses it the most. Since, we dont have any means to view the path of the vulnerability that gets reported on EMS, I wanted to check if this information is available on Diagnostic or the Forticlient Logs.
We already have a ticket for vulnerability discrepancy between EMS and Forticlient.
Hello,
Thank you for your message. Please review the file "vcm_result.txt" under the path "C:\Program Files\Fortinet\FortiClient\logs\vcm\" to see if this meets your request.
Regards.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1661 | |
1077 | |
752 | |
443 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.