Help
FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
madhan
Staff
Staff

Created on ‎06-19-2025 11:46 PM Edited on ‎11-25-2025 04:07 AM By Moderator

Article Id 397314

Troubleshooting Tip: Unable to See Logs Due to 'Postgres Upgrade Fails'

Description

This article describes how to troubleshoot when it is not possible to see logs because a 'Postgres upgrade fails' error. The issue happens when upgrading the FortiAnalyzer is a success, but the database upgrade fails.
Scope FortiAnalyzer.
Solution

Below are the steps to follow when encountering the issue:

  1. Ensure the FortiGate is sending logs to the FortiAnalyzer:
  • This step can be verified by navigating to Security Fabrics -> Fabric Connectors -> Logging & Analytics. Check the connection status under the settings to ensure FortiGate is connected to FortiAnalyzer.

 

APicture1.png

 

  • Run the following command to confirm FortiGate can send the logs through the connections:

 

exe log fortianalyzer test-connectivity

 

APicture2.png

 

  1. After confirming FortiGate is sending the logs, check the status on FortiAnalyzer, which should show the logs are not being received.

 

APicture3.jpg

 

  1. Check the 'Alert Message Console' from the dashboard, and there are alerts with the message 'Postgres upgrade fails'.

 

APicture4.png

 

  1. After having verified the issue, perform an SQL database rebuild using the command ( It requires a restart):

 

execute sql-local rebuild-db

 

Troubleshoot the rebuild process:

 
diagnose test app sqllogd 4
 
Shows the specific log file the rebuilding process is currently handling. Must be run multiple times to track the SQL rebuild status over time.
 
diagnose sql show db-size
 
The following command checks whether the database size is increasing, indicating active rebuilding. Run this command multiple times, a few minutes apart, to confirm growth.
 
diagnose sql process list

 

Note:

Refer to the following KB article for more information on the SQL rebuild process: Technical Tip: FortiAnalyzer SQL database delete and rebuild.

 

  1. After performing the SQL rebuild, monitor the issue until the rebuilding process is finished. If the issue remains, a  reset and format are required:

 

execute reset {all-settings | all-except-ip}

 

Note:

This operation is irreversible: all logs, configurations, and settings will be lost.


execute format {disk | disk-ext4 | disk-ext3}

 

Note

This command will erase all data on the disk, including logs, configurations, and database files
525
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.