Fortinet black logo

FortiSIEM Reference Architecture Using ClickHouse

Home FortiSIEM 6.7.0 FortiSIEM Reference Architecture Using ClickHouse
6.7.0
7.1.5
7.1.4
7.1.3
7.1.2
7.1.1
7.1.0
7.0.3
7.0.2
7.0.1
7.0.0
6.7.9
6.7.8
6.7.7
6.7.6
6.7.5
6.7.4
6.7.3
6.7.2
6.7.1
6.7.0

Design for Analytics and Reporting Performance

Design for Analytics and Reporting Performance

Analytics and reporting place demands on FortiSIEM in addition to log processing. When planning the deployment consider the following:

  • The number of analysts

  • How heavily the system is used

  • Scheduled reporting requirements

Adding additional resources into the Supervisor node will help to scale GUI performance for very large deployments where there are a large number of concurrent analysts.

FortiSIEM with ClickHouse distributes queries across multiple shards. Design a solution with more shards for increased query performance.

Previous
Next

Design for Analytics and Reporting Performance

Analytics and reporting place demands on FortiSIEM in addition to log processing. When planning the deployment consider the following:

  • The number of analysts

  • How heavily the system is used

  • Scheduled reporting requirements

Adding additional resources into the Supervisor node will help to scale GUI performance for very large deployments where there are a large number of concurrent analysts.

FortiSIEM with ClickHouse distributes queries across multiple shards. Design a solution with more shards for increased query performance.

Previous
Next