Fortinet Community

ck_FTNT · 02-16-2023

Description This article describes how to use a custom event handler in FortiAnalyzer to raise alerts for incident response related to attacks that attempt to leverage the Cacti Command Injection Vulnerability. A report is also provided to gain histo...

ck_FTNT · 02-15-2023

Description This article describes how to use a custom event handler in FortiAnalyzer to raise alerts for incident response related to attacks that attempt to leverage the Fortra GoAnywhere MFT RCE vulnerability. A report is also provided to gain his...

ck_FTNT · 02-07-2023

Description This article describes how to use a custom event handler in FortiAnalyzer to raise alerts for incident response related to attacks that attempt to leverage the VMware ESXi Server Ransomware Attack. A report is also provided to gain histor...

ck_FTNT · 02-01-2023

Description This article describes how to use a custom event handler in FortiAnalyzer to raise alerts for incident response related to attacks that attempt to leverage the following Router Malware Attacks (CVE-2019-10891, CVE-2015-2051, CVE-2018-1056...

ck_FTNT · 01-11-2023

Description This article describes how to use a custom event handler in FortiAnalyzer to raise alerts for incident response related to attacks that attempt to leverage the FortiOS heap-based buffer overflow in sslvpnd (FG-IR-22-398). A report is also...

ck_FTNT · 10-27-2022

Hi FortiMax_it, The first issue is likely a bug 781654 EMS does not remove dashboard outbreak alerts when endpoint disconnects. https://docs.fortinet.com/document/forticlient/7.0.7/ems-release-notes/310815/known-issues To elaborate, the root cause of...

ck_FTNT · 12-15-2021

The error "adom type mismatching" when uploading "Log4j2 Report.dat" means you are not uploading the report to a Fabric type ADOM as mentioned in step 4). https://docs.fortinet.com/document/fortianalyzer/6.4.7/administration-guide/718923/root-adom

ck_FTNT · 10-25-2019

NON-JOIN combination: SELECT t.srcip, t.dstip, t.dstcountry, v.eventtype, v.ref FROM $log-virus v, $log-traffic t WHERE t.srcip=v.srcip AND t.srcport=v.srcport AND t.dstip=v.dstip AND t.dstport=v.dstport INNER JOIN: SELECT t.srcip, t.dstip, t.dstcoun...

ck_FTNT · 01-30-2019

Hi Mark, You can download the full installer from our support site (support.fortinet.com). After logging in, hover over Download and select Firmware Images. Then use the dropdown to select FortiClient and adjust the red box below from Release Notes t...

ck_FTNT · 01-30-2019

Hi Ju, You did not specify which version you are on, however there is a known issue which was resolved in FortiClient 6.0.4. Please see the 6.0.4 release notes Resolved Issues section (https://docs.fortinet.com/d/forticlient-6.0.4-windows-release-not...

Fortinet Community

User Statistics

User Activity

Technical Tip: Using FortiAnalyzer to detect activities related to the Cacti Command Injection Vulnerability

Technical Tip: Using FortiAnalyzer to detect activities related to the Fortra GoAnwhere MFT RCE Vulnerability

Technical Tip: Using FortiAnalyzer to detect activities related to the VMware ESXI OpenSLP Vulnerability Ransomware Attack

Technical Tip: Using FortiAnalyzer to detect activities related to Router Malware Attack (CVE-2019-10891, CVE-2015-2051, CVE-2018-10562, CVE-2018-10561)

Technical Tip: Using FortiAnalyzer to detect the FortiOS heap-based buffer overflow in sslvpnd (FG-IR-22-398)

Re: ForticlientEMS: FortiGuard Outbreak Detection

Re: Technical Tip: Using FortiAnalyzer to detect activities related to exploits of Apache Log4j2 vulnerability

Re: How to join two logs on SQL?

Re: FortiClient offline installer

Re: "FortiClient Logging daemon - FCDBLog.exe" high CPU and RAM

Technical Tip: Using FortiAnalyzer to detect the F...

Technical Tip: Creating alerts when FortiAnalyzer ...

Technical Tip: Using FortiAnalyzer to detect the B...

Technical Tip: Using FortiAnalyzer to detect OpenS...

Re: ForticlientEMS: FortiGuard Outbreak Detection

Re: ForticlientEMS: FortiGuard Outbreak Detection

Re: How to join two logs on SQL?