This article describes the steps to troubleshoot and resolve the Windows agent update issue in FortiSIEM. The issue occurs when the Windows agent installation does not work correctly, and the update status shows 'DownloadFailed'.
Scope
FortiSIEM v7.x+.
Solution
To troubleshoot and resolve the Windows agent update issue in FortiSIEM, follow these steps:
Verify that the Supervisor hostname is reachable from the Windows Agent hosts via Windows PowerShell:
nslookup <Supervisor_Hostname>
If DNS resolution does not work, resolve the hostname in the hosts file on the Windows agents so that the hostname is resolvable. The 'hosts' file is located at C:\Windows\System32\drivers\etc\hosts
Check the Admin -> Content Update page to see if the latest update is installed. If not, select Check Now -> Install and re-upload the .exe files.
Run the command fdsmgr -f -d 6 -F 0.0.1 -G 2 -o /tmp/output.txt to collect logs.
Check the output of the command to see if there are any error messages. If there are, attach the output file to the support ticket for further investigation.
If the issue persists, try clearing the AppSvr cache and restarting the GUI.
