Description
Solution
There are two main reasons why report generation would hang or take too long:
1. The report has a chart with maximum number of entries (Top N) set to 'list all'. This means that the FortiAnalyzer will need to list all logs for this chart. Go to Report > Config > Layout > edit the report layout > Edit the charts > make sure 'list all results' is disabled for all charts.
2. The report has a chart with 'Resolve Host Names' enabled. This means that the FortiAnalyzer will need to contact the DNS server to reverse DNS the IPs in the report. If the DNS server is slow and/or does not support reverse DNS, the FortiAnalyzer report generation would hang. Go to Report > Config > Layout > edit the report layout > Edit the charts > make sure 'Resolve Host Names' is disabled for all charts (under advanced).
For FortiAnalyzer v5.x refer to the FortiAnalyzer Report Performance Troubleshooting Guide [v5.6], [v5.4], [v5.2] which is available in the Fortinet Document Library. This guide helps to troubleshoot reporting and FortiView related performance issues
The remainder of this article will help you troubleshoot if reports take too long or would hang when being generated on a FortiAnalyzer.
The remainder of this article will help you troubleshoot if reports take too long or would hang when being generated on a FortiAnalyzer.
Solution
There are two main reasons why report generation would hang or take too long:
1. The report has a chart with maximum number of entries (Top N) set to 'list all'. This means that the FortiAnalyzer will need to list all logs for this chart. Go to Report > Config > Layout > edit the report layout > Edit the charts > make sure 'list all results' is disabled for all charts.
2. The report has a chart with 'Resolve Host Names' enabled. This means that the FortiAnalyzer will need to contact the DNS server to reverse DNS the IPs in the report. If the DNS server is slow and/or does not support reverse DNS, the FortiAnalyzer report generation would hang. Go to Report > Config > Layout > edit the report layout > Edit the charts > make sure 'Resolve Host Names' is disabled for all charts (under advanced).
