Hot!IOC rescan not running

Author
tama893
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/04/28 19:15:22
  • Status: offline
2020/04/28 19:17:09 (permalink)
0

IOC rescan not running

Hi
I have IOC rescan enabled globally and it doesn't run as scheduled. What is wrong?
#1

3 Replies Related Threads

    tama893
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/04/28 19:15:22
    • Status: offline
    Re: IOC rescan not running 2020/05/05 20:27:11 (permalink)
    0
    help please cuz fortinet support won't help me. I think we'll have to return this if it's not working.
    #2
    localhost
    Silver Member
    • Total Posts : 114
    • Scores: 16
    • Reward points: 0
    • Joined: 2015/05/21 02:47:51
    • Location: Zug, Switzerland
    • Status: offline
    Re: IOC rescan not running 2020/05/06 13:44:14 (permalink)
    0
    If you have a valid support contract, fortinet should be able to help you.
     
    Anyway..
     
    First check if your IOC license is valid:
    System Settings->Dashboard->License Information->Fortiguard->Indicator of Compromise Service
     
    Do you have rescan for ADOM Settings configured as well?
     
     
     
    CLI Commands:
     
    Maybe these diagnose commands can narrow down your problem:
    #diagnose test application scansched 11 current all
    #diagnose test application scansched 11 history all
    #diagnose test application scansched 2
     
    Debugging IOC:
    #diagnose debug application scansched 1000
    #diagnose debug enable
     
    Restart the IOC daemon:
    #diagnose test application scansched 99
     
     
     
    post edited by localhost - 2020/05/06 13:54:49

    Attached Image(s)

    #3
    localhost
    Silver Member
    • Total Posts : 114
    • Scores: 16
    • Reward points: 0
    • Joined: 2015/05/21 02:47:51
    • Location: Zug, Switzerland
    • Status: offline
    Re: IOC rescan not running 2020/05/18 08:30:41 (permalink)
    0
    Wel.. I'm running into the same problem on three different FAZ running 6.2.3 and 6.2.4 and 6.0.8.
     
    In my case I think it's because the IOC database is not updating.
    #diag test application sqllogd 204 stats

    #diagnose fmupdate fds-getobject

     
    Last ThreatIntel DB update on the 6.0.8 was on April 15th. The others never received any ThreatIntel DB updates, because were updated recently.
     
    Let's see if TAC can fix it.. to me looks more like a global issue.
    #4
    Jump to:
    © 2020 APG vNext Commercial Version 5.5