FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
Article Id 204613
Description This article describes why you may be unable to log in to FortiAnalyzer and FortiManager GUI because of a JSON error.
Scope Resolving GUI access due to JSON error.

The errors shown below are usually because of low resources. 




To troubleshoot this, follow these steps:


  1. Run the following CLI command below to check what resources already exist.


get system performance




  1. Verify the filesystem that should be EXT4 and the device versions with below CLI command.


get system status




  1. Run the following CLI command and check logs around the date when the issue appeared, mainly focusing on Out Of memory messages as shown below:

diag debug klog

<3>[15699134.242437] Out of memory: Kill process 782 (sqllogd) score 213 or sacrifice child

<3>[15699134.242460] Killed process 782 (sqllogd) total-vm:5260756kB, anon-rss:1423176kB, file-rss:48kB, shmem-rss:18796kB

Or other logs related to capability

<6>[   76.684710] capability: warning: `BackgrProcPool' uses 32-bit capabilities (legacy support in use)


  1. In this case, see below for minimum system requirements*

For FortiManager.






FortiManager resources need to be increased by an additional 16GB if FortiGuard web-filtering services are enabled.

If FortiAnalyzer is enabled, the FortiManager will need to add the FortiManager and FortiAnalyzer system requirements.

For Fortianalyzer, it depends on the amount of logs:

Minimum system requirements





  1. Increase system resources.
  2. Check the system performance CLI command again to confirm resources have been upgraded.


get system performance


  1. Run the 'diag debug klog' command again, and verify that the out-of-memory logs are not there anymore.