FortiSIEM
FortiSIEM provides Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA)
premchanderr
Staff
Staff
Article Id 347027
Description

 

This article shows how to perform initial level troubleshooting of Node.js-charting process.

 

Scope

 

FortiSIEM v7.x.

 

Solution

 

Node.js-charting process is responsible for generating PDF charts in scheduled reports. Check if it is possible to run the Reports/Queries & Generate PDF Reports. If that is working fine, errors are False Positive or minimum impact.

 

The most common error for Node.js is 'Failed to get system process information(/opt/phoenix/log/Node.js-charting.pid)"'.


Begin by checking if the /opt or /cmdb partition is close to 100% and might be one of the reasons for Node.js-charting process going down.
In that case, clear /opt or /cmdb partitions, run the below commands to assess disk utilization:


# du -xhd 2 /opt | sort -hr
# du -xhd 2 /cmdb | sort -hr

Here are steps to recycle the Node.js-charting Services:
Run the following as 'root'. It is recommended to take a full snapshot of the VM before executing these commands if it is feasible.

 

cd /opt/charting

./redishb.sh | tee /tmp/rhb.out


If the output of the last line is anything other than 'Redis and nodeJS are running OK', then attach a consult with Fortinet support.

Furthermore, run 'ps -ef | grep SVGCluster' 8 processes should be obtained (not including the grep command itself).
Run 'killall -9 node' to restart those processes and new processes will start, The Node.js-charting process should resume within 2-5 minutes

If any results are showing processes with the path '/opt/charting/SVGCluster.js', then run '#startNode.sh'
Run '#phstatus" and watch for Node.js-charting to start

Finally, Node.js-charting process does not start within 5 minutes, try running the following command line and repeat '#phstatus' watching for Node.js-charting to start:


#/usr/local/bin/node /opt/charting/SVGCluster.js 

 

If the issue persists, do not custom modify any file or configuration, contact Fortinet support.