Fortinet black logo

User Guide

Home FortiMonitor 24.2.0 User Guide

Troubleshooting the FortiMonitor Agent

24.2.0
24.2.0
Copy Link
Copy Doc ID af1daa65-c273-11ec-9fd1-fa163e15d75b:720064
Download PDF

Troubleshooting the FortiMonitor Agent

This article will cover a number of problems that customers run into with their Agent monitoring.

Installation

The first thing to check is that the server key for your Agent matches the Server key for that server in your Panopta control panel. On a Linux server you can always find your server key by typing the following command into your command window:

python3 /usr/bin/fm-agent/fm_agent.py

On a Windows server, you can look in the Agent.config file. To find the server key for your server according to your FortiMonitor account, go to that server's Instance Details page on your FortiMonitor account. It will be listed in the Details tab. If these do not match then you need to edit your server in the Panopta control panel and add the correct server key from your command window.

Agent communication and connectivity

A common problem is the Agent not being able to communicate with the FortiMonitor monitoring cloud. By default, the Agent attempts to communicate with https://rx.us01.fortimonitor.com on port 443, which is fully encrypted with TLS. If you're looking to test the connectivity, you can attempt to reach the hello endpoint located at https://rx.us01.fortimonitor.com/v2/hello or using curl/wget or a browser on a Windows server. You will see:

{"hello": "world". "timestamp": }

If the server does not have an outbound connection to the internet, you can alternatively proxy through an OnSight collector.

System time

Often times, you may see unexplainable gaps in graphs for metrics when the Agent appears to be reporting consistently. This happens if the system time on the server is drifting from the correct time and differs from our central infrastructure. Make sure to check the time settings on your machine and use our NTP (Linux) monitoring to alarm on this.

Adding new resources

Another frequently encountered issue is that after installing a new component to the Agent the new resource is not available to add on the control panel for that server. You can solve this problem by clicking on the three dot drop-down on your server's page in the control panel and selecting Rebuild Agent Metadata. This will force the metadata to regenerate, and this should let our servers know that this Agent is capable of collecting data on this new resource. This will take about a minute to take affect, but once it does the resource you were looking for should now be available.

If all this fails then it is time to talk to us, send us your latest Agent logs and we will find out what is wrong for you. To find this log in Linux you can type in the following command into the command window:

less /var/log/fm-agent/fm-agent.log

To find this log in Windows, enter the following command into the PowerShell command window:

Invoke-Item c:\FortimonitorAgent\logs\agent.log

Duplicate server keys

In some cases, you may encounter two different agents receiving back the same server key upon initial handshake. This causes the metrics for two different instances to be combined into one instance in your control panel. Panopta will attempt to give a server the same key if it appears to be a previous server using the agent. Read about IP Matching to learn more.

OS-specific troubleshooting

For Agent issues related to Linux, click here.

For Agent issues related to Windows, click here.

Previous
Next

Troubleshooting the FortiMonitor Agent

This article will cover a number of problems that customers run into with their Agent monitoring.

Installation

The first thing to check is that the server key for your Agent matches the Server key for that server in your Panopta control panel. On a Linux server you can always find your server key by typing the following command into your command window:

python3 /usr/bin/fm-agent/fm_agent.py

On a Windows server, you can look in the Agent.config file. To find the server key for your server according to your FortiMonitor account, go to that server's Instance Details page on your FortiMonitor account. It will be listed in the Details tab. If these do not match then you need to edit your server in the Panopta control panel and add the correct server key from your command window.

Agent communication and connectivity

A common problem is the Agent not being able to communicate with the FortiMonitor monitoring cloud. By default, the Agent attempts to communicate with https://rx.us01.fortimonitor.com on port 443, which is fully encrypted with TLS. If you're looking to test the connectivity, you can attempt to reach the hello endpoint located at https://rx.us01.fortimonitor.com/v2/hello or using curl/wget or a browser on a Windows server. You will see:

{"hello": "world". "timestamp": }

If the server does not have an outbound connection to the internet, you can alternatively proxy through an OnSight collector.

System time

Often times, you may see unexplainable gaps in graphs for metrics when the Agent appears to be reporting consistently. This happens if the system time on the server is drifting from the correct time and differs from our central infrastructure. Make sure to check the time settings on your machine and use our NTP (Linux) monitoring to alarm on this.

Adding new resources

Another frequently encountered issue is that after installing a new component to the Agent the new resource is not available to add on the control panel for that server. You can solve this problem by clicking on the three dot drop-down on your server's page in the control panel and selecting Rebuild Agent Metadata. This will force the metadata to regenerate, and this should let our servers know that this Agent is capable of collecting data on this new resource. This will take about a minute to take affect, but once it does the resource you were looking for should now be available.

If all this fails then it is time to talk to us, send us your latest Agent logs and we will find out what is wrong for you. To find this log in Linux you can type in the following command into the command window:

less /var/log/fm-agent/fm-agent.log

To find this log in Windows, enter the following command into the PowerShell command window:

Invoke-Item c:\FortimonitorAgent\logs\agent.log

Duplicate server keys

In some cases, you may encounter two different agents receiving back the same server key upon initial handshake. This causes the metrics for two different instances to be combined into one instance in your control panel. Panopta will attempt to give a server the same key if it appears to be a previous server using the agent. Read about IP Matching to learn more.

OS-specific troubleshooting

For Agent issues related to Linux, click here.

For Agent issues related to Windows, click here.

Previous
Next