FortiSIEM
FortiSIEM provides Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA)
premchanderr
Staff
Staff
Article Id 284198
Description

 

This article describes how to acquire a system health assessment of all FortiSIEM nodes.

 

Scope

 

FortiSIEM v6.x+.

 

Solution

 

SSH via root and run the below command to get the health report of all FortiSIEM nodes - supervisor, collector, and worker. 


Super Health:

 

get-fsm-health.py --local -o /tmp/super_health.txt


Worker Health:

 

get-fsm-health.py --local -o /tmp/worker01_health.txt
get-fsm-health.py --local -o /tmp/worker02_health.txt

Collector Health:

 

get-fsm-health.py --local -o /tmp/collector01_health.txt

get-fsm-health.py --local -o /tmp/collector02_health.txt


Utilize a Linux editor or SCP to transfer the health report to the PC for examination.


The information provides an overview of the system's health, encompassing disk and memory utilization, identification of rules and reports consuming excessive memory or requiring substantial processing time, detection of frequent errors in backend logs, assessment of the size of database tables, and a lot more. This comprehensive data can be valuable for fine-tuning and enhancing system performance.