Technical Tip: How to unmask Elasticsearch process on FortiSOAR node
| Description | This article describes how to unmask the Elasticsearch process on the FortiSOAR Node due to deployment on low resources. |
| Scope | FortiSOAR. |
| Solution | In certain cases, where FortiSOAR is deployed and installed on low resources in a VM, such as the below:
In /opt/cyops/scripts/config-vm.sh , the Elasticsearch process will be masked. Thus, unable to see the status of Elasticsearch process in:
# csadm services --status
    To safely unmask the Elasticsearch process, run the following commands on the FortiSOAR node backend SSH.
# systemctl unmask elasticsearch # systemctl enable elasticsearch # systemctl start elasticsearch
   Now the Elasticsearch process is safely unmasked and visible in '# csadm services --status'.
Note: Check for indices folder appearing in '/var/lib/elasticsearch'.
If there are no indices appearing, reach out to FortiSOAR support for further troubleshooting. |
