Troubleshooting Tip: FortiSIEM GUI displays warnin...

premchanderr · 07-23-2025

Description This article describes steps to fix a FortiSIEM GUI warning message, 'Licensed Supervisor is down' Scope ForitSIEM v7.3+. Solution While accessing the FortiSIEM GUI, the warning message appears: Sample Screenshot: Though there are no supe...

premchanderr · 05-26-2025

Description This article describes how to investigate whether FortiSIEM Linux Agent causes high CPU utilization on Linux servers. Scope Linux Agent v5.3.0 - v7.2.6 Supervisor and Collector v6.x, v7.x, v7.1.x, v7.2.x. Solution Verify if high utilizati...

premchanderr · 03-03-2025

Description This article describes how to fix a FortiSIEM Manager license upload issue where the message is 'Error happened: The license type does not match'. Scope FortiSIEM v7.x. Solution The error message occurs when trying to upload a FortiSIEM l...

premchanderr · 02-24-2025

Description This article describes how to troubleshoot Windows Agent Disconnected status in CMDB Scope FortiSIEM v7.x. Solution Windows Agent updates health status to Supervisor every minute and events are sent via collector. There are scenarios wher...

premchanderr · 02-19-2025

Description This article describes how to analyze what causes /var/lib/rabbitmq disk full in FortiSOAR. Scope FortiSOAR v7.x. Solution RabbitMQ monitors the system's performance, tracks message flow, manages queues and exchanges, and troubleshoots is...

premchanderr · 07-31-2025

Hi @adem_netsys ,This is a issue specific to your environment. I recommend to contact Fortinet Support.

premchanderr · 07-07-2025

Hi @Arjunpatil , I understand that you installed agent via collector https proxy but it is reporting health status to Supervisor. If there is IP/FQDN configured in Admin -> Settings -> System -> Cluster Config -> Supervisors <-- When you apply the te...

premchanderr · 07-07-2025

Hi @AliMhaerFathy ,FortiSIEM can receive Syslog with any facility set from sending device configuration without any filters or log types. So, there would be no specification available from FortiSIEM side, but you can select both the parameters from C...

premchanderr · 07-01-2025

Hi @opastera , Yes you can enter SIEM IP Address in FortiSASE syslog server destination . No additional configuration required. Basic level logs would be parsed, for any advance logging you would have to write a custom parser.

premchanderr · 07-01-2025

Hi @adem_netsys , No /boot 88% would not cause this. Check if CPU Utilization is normal and any task is highly processing. Also the network latency to connect FortiSIEM. # top # phstatus The below document would help you address this issue: https://c...

User Statistics

User Activity