|
Section 1.
Check firmware compatibility between FortiGate and FortiAnalyzer.
Reference.
https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/81876198-a54c-11ec-9fd1-fa163e...
Section 2.
1) Check FortiAnalyzer log setting on FortiGate.
From FortiGate CLI:
# config log fortianalyzer setting
# get
end
2) Test for log sending from FortiGate to FortiAnalyzer.
From FortiGate CLI:
# execute log fortianalyzer test-connectivity
3) Get tac report from FortiAnalyzer.
# execute tac report
Section 3.
Analyze all information/logs obtained.
If FortiGate is sending log to FortiAnalyzer successfully, check for any abnormal logs on FortiAnalyzer tac report.
If this output on FortiAnalyzer tac report is found/observed, this shows that the FortiAnalyzer is constantly out of memory.
<3>[97484.603631] Out of memory: Kill process 21679 (sqllogd) score 93 or sacrifice child
<3>[10818.372025] Out of memory: Kill process 3214 (sqllogd) score 98 or sacrifice child
<3>[10903.445266] Out of memory: Kill process 18473 (sqllogd) score 101 or sacrifice child
<3>[192634.804437] Out of memory: Kill process 31040 (java) score 89 or sacrifice child
<3>[192636.709845] Out of memory: Kill process 31040 (java) score 89 or sacrifice child
Suggest to customer to increase memory allocation for FortiAnalyzer.
Related document.
Troubleshooting Tip: FortiGate to FortiAnalyzer connectivity
|
