FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
alih
Staff
Staff
Article Id 204613
Description This article describes why you may be unable to login to FortiAnalyzer and FortiManager GUI because of a JSON error.
Scope Resolving GUI access due to JSON error.
Solution

The errors shown below are usually because of low resources. 

 

alih_0-1644485135462.png

 

To troubleshoot this, follow these steps:

 

1) Run the following CLI command below to check what resources already exist.

 

# get system performance

 

alih_1-1644485166356.png

 

Also verifying the filesystem that should be EXT4 and device versions with below CLI command.

 

# get system status

 

alih_2-1644485181275.png

 

3) Run the following CLI command and check logs around the date when the issue appeared, mainly focusing on Out Of memory messages as shown below:

# diag debug klog

<3>[15699134.242437] Out of memory: Kill process 782 (sqllogd) score 213 or sacrifice child

<3>[15699134.242460] Killed process 782 (sqllogd) total-vm:5260756kB, anon-rss:1423176kB, file-rss:48kB, shmem-rss:18796kB

Or other logs related to capability

<6>[   76.684710] capability: warning: `BackgrProcPool' uses 32-bit capabilities (legacy support in use)

 

4) In this case, see below for minimum system requirements*

For FortiManager.

 

alih_0-1644485222977.png

 

And for Fortianalyzer, it depends on the amount of logs.

 

alih_1-1644485243807.png

 

Note.

FortiManager resources need to be increased by an additional 16GB if FortiGuard web-filtering services are enabled.

 

5) Increase system resources.

6) Check the system performance CLI command again to confirm resources have been upgraded.

 

# get system performance

 

7) Run the '# diag debug klog' command again, and verify that the out of memory logs are not there anymore.

Contributors