Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
bascheew
New Contributor III

Too slow. Is there a way to speed up FortiAnalyzer?

Does anyone know if there is a way to speed up FAZ?  We're running version 6.2.1 on VMware and we receive about 4GB of logs per day.  I just upped the CPUs to qty 6 and bumped the RAM to 16GB, but the UI is still sluggish.  I can move the storage from a 10Gbit SAN over to SSDs, but I'd need to justify that with my team before I can move a bunch of logs to expensive SSDs!

 

For example if I pick any ADOM and go to SOC and chose Traffic -> Top Sources and filter for the last 1 hour, it takes about 15-20 seconds to display the data.

 

What should I be looking for in order to find the bottleneck?  Am I unreasonable to think that I should see this information near instantaneously?  A couple seconds at most?

 

Thanks!

2 REPLIES 2
tsimeonov_FTNT

it is better if you could opened a support ticket as somebody needs to look at the FAZ and run some diagnostics.

When you opened a ticket provide following outputs to the support engineer:

get sys status

diag fortilog log

diag log device

diag test app sqlr 2

diag sql status sqlpl

diag hard info exe sql-report list-schedule all autocache-only detail

sh sys log-forward

 

bascheew

Thank you for the feedback.  I have opened a ticket and will report back on the findings.