FortiSIEM
FortiSIEM provides Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA)
FortiKoala
Staff
Staff
Article Id 189961
Description

Events are not coming through for any agents


Scope

Troubleshooting


Solution

If there are no new events appearing in the Threat Hunting page for any endpoints:

  1. Ensure you don't have a filter in place on any fields, or on the dates and times, that would prevent new events from being displayed
  2. Check the Admin - System page for the status of the Collector Server(s) and Logstash
  3. Check the health of the Collector Server (see related article)
  4. Check the health of Kafka and Logstash

If you still experience problems, please create a Technical Assistance Ticket through the Support Portal, or contact the Support team.



Related Articles

Technical Note: ZoneFox 4.0 - How to check the health of the Collector Server

Technical Note: ZoneFox 4.0 - How to check the health of Kafka and Logstash

Contributors