Hi @Richie_C 

can you provide me how to upgrade from 7.1.1 to 7.2 from the gui and i had a question when upgrade the supervisor should i shut down the collector or not

Hi @Saleh_Mostafa 

The instructions for upgrading the collector from the supervisor GUI are as follows:

https://help.fortinet.com/fsiem/7-2-3/Online-Help/HTML5_Help/System_Settings.htm?Highlight=image%20s...

In addition, I would always recommend checking the release notes and upgrade guide before doing an upgrade:

https://docs.fortinet.com/document/fortisiem/7.2.3/release-notes/515687/whats-new-in-7-2-3

https://docs.fortinet.com/document/fortisiem/7.2.3/upgrade-guide/505373/upgrading-to-fortisiem-7-2-x

The collector must be up for this to work. 

Make sure you take a snapshot before the upgrade, so that you can restore in case of any issues.

I hope that helps!

hi @Richie_C 

I performed the upgrade and successfully upgraded the supervisor and the collector the restarting loop of phAgentManager resolved well after the upgrade but i found in the phstatus the parser start into the restart loop checked everything but i can't to reach which cause this restart or the issue where i had already open a TAC to investigate after the upgrade they closed the ticket they approved the upgrade was success without any investigation  

Hi @Saleh_Mostafa 

It sounds like you might have to create a new ticket. However, is this a problem on the supervisor, the collector or both?

Do you have any custom parsers? If so, maybe you could try disabling the custom parsers and see if it fixes the issue.

Regards

Hi @Richie_C 

this problem on the collector only.

If i had a custom parsers yes but the QNAP will not parsing because from the previous Ticket which opened the TAC change the qlogd to qilogd in the xml parser. 

Hi @Saleh_Mostafa - you could try to disable the custom parser and see if it resolves the issue. Then you will know if it is the root cause of your problem.