Description This article describes how to troubleshoot the 'Connection
Refused' error in FortiSIEM GUI > Analytics search Scope FortiSIEM
v6.x+. Solution When running a search in analytics it immediately fails
with a 'Connection Refused' error even f...
Description This article describes how to resolve the Collector Clock
Skew alert in FortiSIEM GUI. Scope FortiSIEM v7.0 Solution Collector
Clock Skew error is received when collector time is not in sync with
Super. Make sure that Collector and Super ...
Description This document describes why few IP Addresses are
included/excluded in the Fortiguard Threatfeed List. Scope FortiSiem
v6.x+. Solution To confirm the legitimacy of an IP address or a list,
you need to validate in https://ioc.fortiguard.com...
Description This article describes how to acquire a system health
assessment of all FortiSIEM nodes. Scope FortiSIEM v6.x+. Solution SSH
via root and run the below command to get the health report of all
FortiSIEM nodes - supervisor, collector, and w...
Hi @Jesisidabuliu , You would need to shutdown the worker, from worker
CLI and then begin super upgrade. SSH to worker: # phtools --stop ALL #
shutdown -h now
Hi, Yes you can use phtools command as well. The worker or any FSM node
would be automatically rebooted after upgrade completes. For anytime you
want to reboot a Fortisiem Node, you can use below command:# phxctl
reboot
Hi @Bruce7x2 , If it was syslog then could have exported the parser and
used in earlier version. But since its via API and involves Test
Connectivity, you would need to upgrade to version that supports this.
Hi Siang, Unfortunately its not possible to discover without DB username
and password. All suggested methods are listed in external systems
configuration guide Documentation:
https://docs.fortinet.com/document/fortisiem/7.0.3/external-systems-configu...
Hi @yadde , To reduce false positives you can perform the below: -
Create a watchlist and add that in rule exceptions. Like the rule not to
be triggered for certain IPs or users. Documentation
:https://help.fortinet.com/fsiem/7-1-4/Online-Help/HTML5_...