9542 root 20 0 266.5m 114.6m 0.7 0.4 134:38.92 S siemagentd.wkr03) Check if FortiAnalyzer FortiSIEM status is active.
9731 root 20 0 395.8m 119.7m 0.7 0.4 85:10.76 S siemagentd.wkr1
9824 root 20 0 396.0m 119.3m 0.7 0.4 85:05.22 S siemagentd.wkr2
9944 root 20 0 395.8m 119.4m 0.7 0.4 84:43.93 S siemagentd.wkr4
9882 root 20 0 395.8m 118.6m 0.3 0.4 85:27.23 S siemagentd.wkr3
# diagnose test app siemagentd 2,3 and 4If so, disable the siem module.
FAZ SIEM: up [status enabled]
siemagentd:
uptime: 16 day 12:52:05, shm-ver: 36, shm-fazid-max: 0
conf-ver: 1630607216 (refresh in 7 sec)
total: #msg=16861, #msgpack=11550, #logs(in)=1274557, #logs(out)=1258844, #logs(skipped)=0
last-5-sec: msg/s=0.0, msgpack/s=0.0, logs/s(in)=0.0, logs/s(out)=0.0
wkr-status: init=5, fini=31, orphan=0, kill=0, signal=31, crash=0, stuck=0
Workers (total: 5):
# config system globalCheck if FortiSIEM is included in 'disable-module' settings.
get
disable-module siem