For some reason, processes on the NFS server or in its management may cause modification to permissions of files in/data and prevent the FortiSIEM from reading and/or writing to the disk.

From the super CLI as root, use the following commands to restore the proper permissions in/data:

chmod 755 /data
chown admin:admin /data

chmod 755 /data/*
chown admin:admin /data/*
chmod -R 775 /data/archive
find /data/archive -type f -exec chmod 666 {} \;
chown -R postgres:postgres /data/archive
chown postgres:postgres /data/cmdb

find /data/cache -type d -exec chmod 775 {} \;
find /data/cache -type f -exec chmod 664 {} \;
chown -R admin:admin /data/cache

find /data/custParser -type f -exec chmod 664 {} \;
chown -R admin:admin /data/custParser

chmod 775 /data/eventDataSum
chown -R admin:admin /data/event*

chmod 700 /data/eventdb/*
find /data/event* -type d -exec chmod 700 {} \;
find /data/event* -type f -exec chmod 664 {} \;
find /data/event* -type f -name "*.rpt" -exec chmod 700 {} \;

find /data/*Xml/* -type f -exec chmod 644 {} \;

find /data/precomputedb/ -type d -exec chmod 700 {} \;
find /data/precomputedb/ -type f -exec chmod 664 {} \;

These commands may take time to process if there is a large amount of data stored in the /data disk.