Description FortiAnalyzer certificate does not reflect correct serial
number. Earlier license files (from 2018 or earlier) for the
FortiAnalyzer VMs did not include a certificate which reflected the
actual serial number of the FortiAnalyzer. This bec...
Description This article describes how to use a custom Event Handler and
Report in FortiAnalyzer to detect activity that may be related to
"Sunburst" backdoor software in a compromised SolarWind’s Orion IT
monitoring and management software update sy...
DescriptionAs part of a forensic analysis, it might be necessary to
gather data and generate reports for specific users. This article shows
how a user filter can be applied to a report in order to show detailed
activity for a specific user. The artic...
DescriptionOccasionally, FortiGuard will send updates to FortiGates for
existing predefined certificates as part of a certificate bundled
update. In some cases, the certificate uses a new name, which ends up
being considered "new configuration" on th...
Description When configuring Log Storage Policy, it is common to keep
Archive data longer than Analytic data. This article describes what
happens when running a report for a time period which is older than the
oldest Analytic data. Scope FortiAnalyze...
The FortiAnalyzer will learn about the new IP from the FortiGate. The IP
is only used by the FortiAnalyzer when adding the device for the first
time. After that, it is the serial # which is important.
Limitations of FortiAnalyzer Cloud (relative to FortiAnalyzer) are
listed in FortiAnalyzer Cloud Release Notes:
https://docs.fortinet.com...of-fortianalyzer-cloud
Assuming the header/footer policies are not yet on the FortiGate in
question ... Do the policies reference an interface which is not yet
mapped for the device you are installing on? You could turn on
securityconsole debug for more detail on what is h...