Help
FortiSIEM Discussions
Yoseph
New Contributor

Created on ‎05-26-2025 11:45 PM

Fortisiem services down

Hello Everyone,

 

I deployed a FortiSIEM 7.3.0 standalone supervisor and one collector, and they were working properly. However, now the services are frequently down and I can't access the GUI; it requires restarting manually. Even after restarting, they are still too delayed.

additionally, the default Super organization is not found in the list of organizations, and the  collector health status is in Critical (Collector Buffer greater than 50MB).

please, everyone assist on this!

Yoseph Marie
Yoseph Marie
Labels:
526
0 Kudos
1 Solution
Secusaurus
Contributor III

Created on ‎05-27-2025 12:16 AM

Hi @Yoseph,

 

At first glance, this sounds like a performance issue. Have a look at the hypervisor of your system and look at the RAM, CPU and drive usages for issues.

 

The collector buffer greater than 50 MB probably is just a result of the supervisor being unavailable, so you can ignore that until you fixed the supervisor's status.

 

In case it's not performance-related: Is there any change (or deployment of new sources, new Agent templates, etc.) you made hours or 1-2 days before the cluster went crazy?

 

Next step would be to look into the crash logs. Since this is a public forum here (and you probably don't like to put your logs here), I would recommend discussing this with the technical support then.

 

Also note, that FSM is actually on 7.3.2 already, which might include a fix, in case this is a bug.

 

Best,

Christian

FCX #003451 | Fortinet Advanced Partner

View solution in original post

FCX #003451 | Fortinet Advanced Partner
517
0 Kudos
2 REPLIES 2
Secusaurus
Contributor III

Created on ‎05-27-2025 12:16 AM

Hi @Yoseph,

 

At first glance, this sounds like a performance issue. Have a look at the hypervisor of your system and look at the RAM, CPU and drive usages for issues.

 

The collector buffer greater than 50 MB probably is just a result of the supervisor being unavailable, so you can ignore that until you fixed the supervisor's status.

 

In case it's not performance-related: Is there any change (or deployment of new sources, new Agent templates, etc.) you made hours or 1-2 days before the cluster went crazy?

 

Next step would be to look into the crash logs. Since this is a public forum here (and you probably don't like to put your logs here), I would recommend discussing this with the technical support then.

 

Also note, that FSM is actually on 7.3.2 already, which might include a fix, in case this is a bug.

 

Best,

Christian

FCX #003451 | Fortinet Advanced Partner
FCX #003451 | Fortinet Advanced Partner
518
0 Kudos
Yoseph
New Contributor
In response to Secusaurus

Created on ‎05-27-2025 12:55 AM

Hi Christian,

 

Thanks for your quick response regarding the performance It is enough resource, you can check to the bellow screen capture. 

 

Capture.PNG

 
 

 

regards, 

Yoseph

Yoseph Marie
Yoseph Marie
499
0 Kudos
Announcements

Welcome to your new Fortinet Community!

You'll find your previous forum posts under "Forums"

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.