Administrator Tools
This topic describes administration tools and scripts that are included with your FortiSIEM deployment, along with information on where to find and how to use them.
Tool | Description | How to Use It |
---|---|---|
phTools | phTools is a simple tool for starting and stopping backend processes, and for getting change log information. When you upgrade your deployment, for example, you would use phTools to stop all backend processes. |
Log in to the FortiSIEM host machine as Usage
Commands: --changelog, --start, --stop, --stats
|
TestSegmentReader | Test Segment Reader is used to quickly read data segments in the eventdb through the command line. You can use this to manually inspect data integrity and parsed event attributes. |
Log in to the FortiSIEM host machine as Usage
|
phExportEvent | Used to export event information to a
CSV file. A script to selectively delete event data per org and time interval |
See Exporting Events to Files. |
TestDBPurger | Use Only to Delete Data for a Single Date: You should only use this script to delete data for a single date and organization. If you try to delete data for multiple dates, the script will fail. | You can find the script at
/opt/phoenix/bin/TestDBPurger . Run it in terminal mode and follow the
instructions. |