Description of Health JSON Attributes
The following table provides a description of health attributes for FortiSIEM Manager, Supervisor, Worker, and Collector.
|
JSON Node |
Attribute |
Applicability |
Description |
|---|---|---|---|
|
instances |
id |
All |
Instance Id |
|
instances |
name |
All |
Instance name |
|
instances |
healthStatus |
All |
Instance health based on Supervisor and Worker health: Normal/Warning/Critical. Collector health is now ignored. |
|
nodes.summary.instanceId |
instanceId |
All |
Instance Id as it appears in FortiSIEM Manager. This is defined when an Instance registers to the Manager. |
|
nodes.summary.name |
name |
All |
Name as it appears in the Supervisor GUI. |
|
nodes.summary.nodeType |
nodeType |
All |
Manager/Supervisor/Worker/Collector |
|
nodes.summary.status |
status |
All |
Health of the node: Normal/Warning/Critical |
|
nodes.metrics.healthSummary |
summary |
All |
Health of the node - Normal/Warning/Critical |
|
nodes.metrics.healthSummary.reason |
attribute |
All |
Name of attribute e.g. CPU Utilization etc. See Appendix - Current Thresholds for Health Status for a complete list. |
|
nodes.metrics.healthSummary.reason |
value |
All |
Normal/Warning/Critical |
|
nodes.metrics.healthSummary.reason |
reason |
All |
Reason explaining the value |
|
nodes.metrics |
lastUpdateTime |
Worker |
Last time a health update was received from this node. |
|
nodes.metrics |
lastFileRecvTime |
Worker |
Last time a file was received from Collector (Unix epoch time). |
|
nodes.metrics |
lastEventTime |
Worker |
Last time a heartbeat was received from Collector (Unix epoch time). |
|
nodes.metrics.hostInfo |
name |
All |
Host Name (same as nodes.summary.name) |
|
nodes.metrics.hostInfo |
ip |
All |
Host IP |
|
nodes.metrics.versionInfo |
version |
All |
FortiSIEM Image Version |
|
nodes.metrics.versionInfo |
commitHash |
All |
FortiSIEM Image Commit hash (SHA-1 hash made up of a few properties from the code commit.) |
|
nodes.metrics.versionInfo |
builtOn |
All |
Day when the image was built (Unix Epoch time). |
|
nodes.metrics.versionInfo |
contentVersion |
All |
FortiSIEM Content version running on this node. |
|
nodes.metrics.hardware |
vCPU |
All |
Number of vCPUs in this node |
|
nodes.metrics.hardware |
memory_gb |
All |
Total physical memory in this node |
|
nodes.metrics.eps |
3min |
All |
Average EPS calculated at 3 minute intervals. |
|
nodes.metrics.eps |
15min |
All |
Average EPS calculated at 15 minute intervals. |
|
nodes.metrics.eps |
30min |
All |
Average EPS calculated at 30 minute intervals. |
|
nodes.metrics.eps |
allocatedEPS |
All |
EPS allocated to a node (limited by license). |
|
nodes.metrics.eps |
incomingEPS |
All |
Incoming EPS to this node |
|
nodes.metrics.eps |
dropLicenseEPS |
All |
Dropped EPS because of license |
|
nodes.metrics.eventUploadQueue |
queue |
Worker |
Number of files in Event Upload Queue at Worker - this queue stores filed uploaded by Collector. |
|
nodes.metrics.eventUploadQueue |
disk_kb |
Worker |
Total file size in Event Upload Queue at Worker - this queue stores filed uploaded by Collector. |
|
nodes.metrics.eventUploadQueue |
total_mb |
Collector |
Total file size in Collector waiting to be uploaded to Worker or Supervisor. |
|
nodes.metrics.eventUploadQueue |
event_mb |
Collector |
Total event file size in Collector waiting to be uploaded to Worker or Supervisor. |
|
nodes.metrics.eventUploadQueue |
windows_mb |
Collector |
Total Windows Agent file size in Collector waiting to be uploaded to Worker or Supervisor. |
|
nodes.metrics.eventUploadQueue |
linux_mb |
Collector |
Total Linux Agent file size in Collector waiting to be uploaded to Worker or Supervisor. |
|
nodes.metrics.eventUploadQueue |
svn_mb |
Collector |
Total Configuration (SVNLite) file size in Collector waiting to be uploaded to Worker or Supervisor. |
|
nodes.metrics.loadAverage |
1min |
All |
1 minute load average |
|
nodes.metrics.loadAverage |
5min |
All |
5 minute load average |
|
nodes.metrics.loadAverage |
15min |
All |
15 minute load average |
|
nodes.metrics.cpuUsage |
used_pct |
All |
Total CPU Utilization |
|
nodes.metrics.cpuUsage |
system_pct |
All |
System CPU utilization |
|
nodes.metrics.cpuUsage |
user_pct |
All |
User CPU Utilization |
|
nodes.metrics.cpuUsage |
free_pct |
All |
Free CPU Utilization |
|
nodes.metrics.cpuUsage |
idleWait_pct |
All |
Percentage of time CPU is waiting for I/O to complete. |
|
nodes.metrics.memoryUsage |
total_mb |
All |
Total Memory (MB) |
|
nodes.metrics.memoryUsage |
used_mb |
All |
Used Memory (MB) |
|
nodes.metrics.memoryUsage |
free_mb |
All |
Free Memory (MB) |
|
nodes.metrics.memoryUsage |
used_pct |
All |
Memory Utilization (pct) |
|
nodes.metrics.swapUsage |
total_mb |
All |
Total Swap memory (MB) |
|
nodes.metrics.swapUsage |
used_mb |
All |
Used Swap Memory (MB) |
|
nodes.metrics.swapUsage |
in_bps |
All |
Swap In rate (Bits/sec) |
|
nodes.metrics.swapUsage |
out_bps |
All |
Swap Out rate (Bits/sec) |
|
nodes.metrics.swapUsage |
used_pct |
All |
Swap Utilization |
|
nodes.metrics.diskUsage |
filesystem |
All |
File system |
|
nodes.metrics.diskUsage |
mountedOn |
All |
File system mount point like /svn, /cmdb etc |
|
nodes.metrics.diskUsage |
type |
All |
File system type e.g. xfs |
|
nodes.metrics.diskUsage |
size_mb |
All |
Total File system Size (MB) |
|
nodes.metrics.diskUsage |
used_mb |
All |
Used File system Size (MB) |
|
nodes.metrics.diskUsage |
avail_mb |
All |
Free File system Size (MB) |
|
nodes.metrics.diskUsage |
used_pct |
All |
Percentage of file system used. |
|
nodes.metrics.upgradeStat |
upgradeVersion |
Collector |
Last Image version the Collector upgraded to. |
|
nodes.metrics.upgradeStat |
installStatus |
Collector |
Last Image version install status (Completed or Failed followed by reason.) |
|
nodes.metrics.upgradeStat |
downloadStatus |
Collector |
Last Image version download status (Completed or Failed followed by reason.) |
|
nodes.metrics.diskIO |
device |
All |
Linux device for measuring disk I/O |
|
nodes.metrics.diskIO |
mountedOn |
All |
Device mount point like /svn, /cmdb etc |
|
nodes.metrics.diskIO |
read_ops |
All |
Read Operations/sec |
|
nodes.metrics.diskIO |
write_ops |
All |
Write Operations/sec |
|
nodes.metrics.diskIO |
read_kbps |
All |
Read Volume (KB/sec) |
|
nodes.metrics.diskIO |
write_kbps |
All |
Write Volume (KB/sec) |
|
nodes.metrics.diskIO |
readWait_ms |
All |
Read Wait Latency (msec) |
|
nodes.metrics.diskIO |
writeWait_ms |
All |
Write Wait Latency (msec) |
|
nodes.metrics.diskIO |
util_pct |
All |
Disk I/O utilization |
|
nodes.metrics.nfsIO |
location |
Super, Worker |
Remote path |
|
nodes.metrics.nfsIO |
path |
Super, Worker |
Local directory (e.g. /data) |
|
nodes.metrics.nfsIO |
read_ops |
Super, Worker |
NFS Read Operations/second for EventDB based deployments |
|
nodes.metrics.nfsIO |
read_kbps |
Super, Worker |
NFS Read Volume (KBytes/second) for EventDB based deployments |
|
nodes.metrics.nfsIO |
read_kbpop |
Super, Worker |
NFS Read Volume (Kbytes/operation) for EventDB based deployments |
|
nodes.metrics.nfsIO |
readLatency_ms |
Super, Worker |
NFS Read Latency (ms) for EventDB based deployments |
|
nodes.metrics.nfsIO |
write_ops |
Super, Worker |
NFS WriteOperations/second for EventDB based deployments |
|
nodes.metrics.nfsIO |
write_kbps |
Super, Worker |
NFS WriteVolume (KBytes/second) for EventDB based deployments |
|
nodes.metrics.nfsIO |
write_kbpop |
Super, Worker |
NFS Write Volume (Kbytes/operation) for EventDB based deployments |
|
nodes.metrics.nfsIO |
writLatency_ms |
Super, Worker |
NFS Write Latency (ms) for EventDB based deployments |
|
nodes.metrics.processStat |
processName |
All |
FortiSIEM process name |
|
nodes.metrics.processStat |
owner |
All |
FortiSIEM process owner |
|
nodes.metrics.processStat |
uptime_sec |
All |
Process Uptime (seconds) |
|
nodes.metrics.processStat |
cpuUtil_pct |
All |
Process CPU Utilization |
|
nodes.metrics.processStat |
residentMemory_mb |
All |
Process Resident Memory Usage (MB) |
|
nodes.metrics.processStat |
memoryUtil_pct |
All |
Process Memory Utilization |
|
nodes.metrics.processStat |
diskRead_kbps |
All |
Process Aggregate Disk Read Volume (KB/sec) |
|
nodes.metrics.processStat |
diskWrite_kbps |
All |
Process Aggregate Write Volume (KB/sec) |
|
nodes.metrics.processStat |
sharedStore_type |
All |
Reader or Writer or none |
|
nodes.metrics.processStat |
sharedStore_position |
All |
Shared store read/write position (Bytes written or read.) |
|
nodes.metrics.processStat |
sharedStore_pct |
All |
Shared store read/write position (Percentage) - 100% means end of circular buffer. |