Fortinet black logo

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Integration API Guide

Performance and Health API

The following GET APIs are available for retrieving health summary and health details of FortiSIEM Manger and the FortiSIEM Instances which are registered to the FortiSIEM Manager.

Get Health Summary

This API can be run against the Supervisor of a single FortiSIEM instance or against FortiSIEM Manager.

  • Single Instance Supervisor returns the health summary of the Supervisor, Workers and Collectors in that FortiSIEM Instance.

  • FortiSIEM Manager returns the health summary of FortiSIEM Manager and all the FortiSIEM instances registered to that FortiSIEM Manager.

Release Added: 6.5.0

Input URL (FortiSIEM Supervisor) https://<FSM-Super-IP>/phoenix/rest/system/health/summary
Input URL (FortiSIEM Manager) https://<FSM-MGR-IP>/phoenix/rest/system/health/summary

Input Credentials

User name and password of Supervisor account.

HTTP Method

GET

Output

When the request succeeds (HTTP response code 200), a JSON file is returned with all information included.

The Instance health summary returned by Single Instance Supervisor includes the health summary of the Supervisor, all Workers, and Collectors. If the health of a node is anything other than normal, then the offending metric indicator is also included. See File1_InstanceHealthSummaryExample.txt.

The health summary returned by FortiSIEM Manager includes the health summary of all registered Instances and FortiSIEM Manager itself. The health summary of a registered FortiSIEM instance includes the health summary of the Supervisor, all Workers, and Collectors in that Instance. If the health of a node is anything other than normal, then the offending metric indicator is also included. See File2_ManagerHealthSummaryExample.txt.

Health is based on the following.

  • Generic metrics – CPU, Load average, Memory, Swap, Disk space, Disk I/O, Process Uptime/CPU/Memory

  • Supervisor specific metrics – NFS I/O, Shared Store pointers

  • Worker specific metrics – Worker Upload Queue, NFS I/O, Shared Store pointers, Last Status Update

  • Collector Specific metrics – Event Upload Queue, Last Status Update, Last File Received, Last Event Received

The health metrics are defined in Appendix - Description of Health JSON Attributes. The thresholds used to determine normal/warning/critical status are in Appendix - Current Thresholds for Health Status. Note that only the latest values are returned by the API.

Get Health Details by Instance Id

This API provides complete health information of specific FortiSIEM instance with given Instance Id. The instance Id can be obtained from running the Get Health Summary API.

Release Added: 6.5.0

Input URL https://<FSM-Super-IP>//phoenix/rest/system/health/instance?instanceId=<instance_id>

Input Credentials

User name and password of Supervisor account.

HTTP Method

GET

Request Path Parameter

Field

Description

Replace <instance_id> with long value Instance id of specific instance

Output

When the request succeeds (HTTP response code 200), a JSON file is returned with the following.

  • Health metrics of each node (including Super, Workers and Collectors)

  • Health assessment of each node

See File3_InstanceHealth_DetailsExample.txt for an example.

 

Health metrics includes the following.

  • Generic metrics – CPU, Load average, Memory, Swap, Disk space, Disk I/O, Process Uptime/CPU/Memory, EPS

  • Supervisor specific metrics – NFS I/O, Shared Store pointers

  • Worker specific metrics – Worker Upload Queue, NFS I/O, Shared Store pointers, Last Status Update

  • Collector Specific metrics – Event Upload Queue, Last Status Update, Last File Received, Last Event Received

The health metrics are defined in Appendix - Description of Health JSON Attributes. The thresholds used to determine normal/warning/critical status are in Appendix - Current Thresholds for Health Status. Note that only the latest values are returned by the API.

Get Health Details – Complete Response

This API returns the complete health information of FortiSIEM Manager and all FortiSIEM nodes belonging to each FortiSIEM Instance registered to the FortiSIEM Manager. This can be quite large depending on the number of registered instances and the number of nodes in each instance.

Release Added: 6.5.0

Input URL https://<FSM-MGR-IP>/phoenix/rest/system/health

Input Credentials

User name and password of Supervisor account.

HTTP Method

GET

Output

When the request succeeds (HTTP response code 200), a JSON file is returned with the following.

  • Health metrics of FortiSIEM Manager and each Super/Worker/Collector node in every registered Instance

  • Health assessment of each node

See File4_ManagerHealth_DetailsExample.txt for an example.

Health metrics includes the following.

  • Generic metrics – CPU, Load average, Memory, Swap, Disk space, Disk I/O, Process Uptime/CPU/Memory, EPS

  • Supervisor specific metrics – NFS I/O, Shared Store pointers

  • Worker specific metrics – Worker Upload Queue, NFS I/O, Shared Store pointers, Last Status Update

  • Collector Specific metrics – Event Upload Queue, Last Status Update, Last File Received, Last Event Received

The health metrics are defined in Appendix - Description of Health JSON Attributes. The thresholds used to determine normal/warning/critical status are in Appendix - Current Thresholds for Health Status. Note that only the latest values are returned by the API.

Performance and Health API

The following GET APIs are available for retrieving health summary and health details of FortiSIEM Manger and the FortiSIEM Instances which are registered to the FortiSIEM Manager.

Get Health Summary

This API can be run against the Supervisor of a single FortiSIEM instance or against FortiSIEM Manager.

  • Single Instance Supervisor returns the health summary of the Supervisor, Workers and Collectors in that FortiSIEM Instance.

  • FortiSIEM Manager returns the health summary of FortiSIEM Manager and all the FortiSIEM instances registered to that FortiSIEM Manager.

Release Added: 6.5.0

Input URL (FortiSIEM Supervisor) https://<FSM-Super-IP>/phoenix/rest/system/health/summary
Input URL (FortiSIEM Manager) https://<FSM-MGR-IP>/phoenix/rest/system/health/summary

Input Credentials

User name and password of Supervisor account.

HTTP Method

GET

Output

When the request succeeds (HTTP response code 200), a JSON file is returned with all information included.

The Instance health summary returned by Single Instance Supervisor includes the health summary of the Supervisor, all Workers, and Collectors. If the health of a node is anything other than normal, then the offending metric indicator is also included. See File1_InstanceHealthSummaryExample.txt.

The health summary returned by FortiSIEM Manager includes the health summary of all registered Instances and FortiSIEM Manager itself. The health summary of a registered FortiSIEM instance includes the health summary of the Supervisor, all Workers, and Collectors in that Instance. If the health of a node is anything other than normal, then the offending metric indicator is also included. See File2_ManagerHealthSummaryExample.txt.

Health is based on the following.

  • Generic metrics – CPU, Load average, Memory, Swap, Disk space, Disk I/O, Process Uptime/CPU/Memory

  • Supervisor specific metrics – NFS I/O, Shared Store pointers

  • Worker specific metrics – Worker Upload Queue, NFS I/O, Shared Store pointers, Last Status Update

  • Collector Specific metrics – Event Upload Queue, Last Status Update, Last File Received, Last Event Received

The health metrics are defined in Appendix - Description of Health JSON Attributes. The thresholds used to determine normal/warning/critical status are in Appendix - Current Thresholds for Health Status. Note that only the latest values are returned by the API.

Get Health Details by Instance Id

This API provides complete health information of specific FortiSIEM instance with given Instance Id. The instance Id can be obtained from running the Get Health Summary API.

Release Added: 6.5.0

Input URL https://<FSM-Super-IP>//phoenix/rest/system/health/instance?instanceId=<instance_id>

Input Credentials

User name and password of Supervisor account.

HTTP Method

GET

Request Path Parameter

Field

Description

Replace <instance_id> with long value Instance id of specific instance

Output

When the request succeeds (HTTP response code 200), a JSON file is returned with the following.

  • Health metrics of each node (including Super, Workers and Collectors)

  • Health assessment of each node

See File3_InstanceHealth_DetailsExample.txt for an example.

 

Health metrics includes the following.

  • Generic metrics – CPU, Load average, Memory, Swap, Disk space, Disk I/O, Process Uptime/CPU/Memory, EPS

  • Supervisor specific metrics – NFS I/O, Shared Store pointers

  • Worker specific metrics – Worker Upload Queue, NFS I/O, Shared Store pointers, Last Status Update

  • Collector Specific metrics – Event Upload Queue, Last Status Update, Last File Received, Last Event Received

The health metrics are defined in Appendix - Description of Health JSON Attributes. The thresholds used to determine normal/warning/critical status are in Appendix - Current Thresholds for Health Status. Note that only the latest values are returned by the API.

Get Health Details – Complete Response

This API returns the complete health information of FortiSIEM Manager and all FortiSIEM nodes belonging to each FortiSIEM Instance registered to the FortiSIEM Manager. This can be quite large depending on the number of registered instances and the number of nodes in each instance.

Release Added: 6.5.0

Input URL https://<FSM-MGR-IP>/phoenix/rest/system/health

Input Credentials

User name and password of Supervisor account.

HTTP Method

GET

Output

When the request succeeds (HTTP response code 200), a JSON file is returned with the following.

  • Health metrics of FortiSIEM Manager and each Super/Worker/Collector node in every registered Instance

  • Health assessment of each node

See File4_ManagerHealth_DetailsExample.txt for an example.

Health metrics includes the following.

  • Generic metrics – CPU, Load average, Memory, Swap, Disk space, Disk I/O, Process Uptime/CPU/Memory, EPS

  • Supervisor specific metrics – NFS I/O, Shared Store pointers

  • Worker specific metrics – Worker Upload Queue, NFS I/O, Shared Store pointers, Last Status Update

  • Collector Specific metrics – Event Upload Queue, Last Status Update, Last File Received, Last Event Received

The health metrics are defined in Appendix - Description of Health JSON Attributes. The thresholds used to determine normal/warning/critical status are in Appendix - Current Thresholds for Health Status. Note that only the latest values are returned by the API.