|Description||This article describes how to mitigate the FortiAnalyzer high CPU usage when the FortiSIEM module is enabled but not used.|
In FortiAnalyzer 6.4, the FortiSIEM database is introduced and it consumes resources that may affect performance (i.e. CPU usage can significantly increase when the FortiSIEM module feature is enabled).
In order to improve FortiAnalyzer performances, it is recommended to disable FortiSIEM module by keeping in mind that if disabled:
To review the current licenses:
diagnose license list
To verify if FortiSIEM module is up and running, the following CLI command can be used:
diagnose test app siemagentd 2
config system global
As prompted above, FortiAnalyzer needs to be reloaded to make the change effective.