Description

This article describes how to acquire a system health assessment of all FortiSIEM nodes.

Scope

FortiSIEM v6.x+.

Solution

SSH via root and run the below command to get the health report of all FortiSIEM nodes - supervisor, collector, and worker. 

Super Health:

get-fsm-health.py --local -o /tmp/super_health.txt

Worker Health:

get-fsm-health.py --local -o /tmp/worker01_health.txt
get-fsm-health.py --local -o /tmp/worker02_health.txt

Collector Health:

get-fsm-health.py --local -o /tmp/collector01_health.txt

get-fsm-health.py --local -o /tmp/collector02_health.txt

Utilize a Linux editor or SCP to transfer the health report to the PC for examination.

The information provides an overview of the system's health, encompassing disk and memory utilization, identification of rules and reports consuming excessive memory or requiring substantial processing time, detection of frequent errors in backend logs, assessment of the size of database tables, and a lot more. This comprehensive data can be valuable for fine-tuning and enhancing system performance.