|
If the jsreport process is down, stuck, or facing issues after an upgrade, follow the steps below to safely restart and ensure the process operates correctly.
Before following the steps below, ensure that a minimum of 24GB of memory is allocated to the FortiSIEM VM node. Refer to the FortiSIEM sizing guide for minimum resource requirements.
- Log in to FortiSIEM Super CLI.
- Check Disk Space Usage.
Ensure that the disk usage of /opt is below 80%. High disk usage can prevent the jsreport process from starting correctly.
df -h /opt
If the usage exceeds 80%, free up space on the disk by deleting unnecessary files or expanding the disk.
- Search for jsreport process PID. Use the following command to search for the running jsreporter process:
ps -aux | grep jsreport
This will display a list of running processes. Look for a process related to /opt/jsreport/server.js or similar.
- Identify the process to stop. Find the PID (Process ID) of the jsreport process in the output, for example:
admin 2462 0.3 0.4 1399680 108568 ? Sl Oct01 131:22 /usr/local/bin/node /opt/jsreport/server.js
In this case, 2462 is the PID of the jsreport process.
- Kill the Process. To stop the process , use the kill command followed by the PID:
kill -9 2462
Note:
Allow some time for the process to stop. It might take a few moments to exit gracefully.
- Verify the process is stopped. Confirm that the process has been terminated by re-running the following command:
ps -aux | grep jsreport
If the process has stopped successfully, the previous PID will not appear, and it will only see the grep command itself.
Example:
root 3030205 0.0 0.0 12216 1192 pts/0 s+ 07:44 0:00 grep --color=auto jsreport
- Check directory permissions. Ensure the correct ownership of the /tmp/jsreport directory. The directory should be owned by the admin:admin user group.
ls -ld /tmp/jsreport
If the ownership is incorrect, change it by running the following command:
chown -R admin:admin /tmp/jsreport
- Check for errors in logs. If the process encounters errors, especially related to permissions, the following error might be present in the logs:
Error: EACCES: permission denied, mkdir '/tmp/jsreport/autocleanup'
at Object.mkdirSync (node:fs:1391:3)
...
Correcting the directory ownership (as in step 7) should resolve this issue.
- Restart the jsreport process. To restart the jsreport process, run the following command to start it in the background:
su admin
nohup /usr/local/bin/node /opt/jsreport/server.js >> /opt/exporter/export.log &
- Check dynamic logs. Use tail -f to monitor the real-time logs for jsreporter startup:
tail -f /opt/exporter/export.log
Look for log entries similar to:
2024-12-26T09:34:26.892Z - info: Creating default express app.
2024-12-26T09:34:27.155Z - info: jsreport server successfully started on http port: 5488
2024-12-26T09:34:27.156Z - info: Verifying license key 33DXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX046
2024-12-26T09:34:27.181Z - info: License key for subscription verified against the /opt/jsreport/jsreport.license.json file
- Verify Port Listening. Ensure that the service is listening on the appropriate port (e.g., port 5488):
netstat -tulpn | grep :5488
The output should indicate that the service is bound to port 5488, confirming the jsreporter process is active.
- Try to start the process manually as an admin user:
su - admin
/usr/local/bin/node /opt/jsreport/server.js
Output:
Fatal process out of memory: Failed to reserve virtual memory for CodeRange
The error indicates that memory allocated to the FortiSIEM VM node is not sufficient.
Ensure that a minimum of 24GB of memory is allocated to the FortiSIEM VM node.
Refer to the FortiSIEM sizing guide for minimum resource requirements.
|
