EasyManua.ls Logo

Fortinet FortiSIEM 2000G - Registering Collectors

Fortinet FortiSIEM 2000G
25 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Appliance Setup
h.
Login to Manager, and navigate to any one of the following pages to verify registration.
l
ADMIN>Setup and check that the box is marked in the Registered column for your instance.
l
ADMIN>Health, look for your instance under FortiSIEMInstances.
l
ADMIN>License, look for your instance under FortiSIEMInstances.
Registering Collectors
Collectors can be deployed in Enterprise or Service Provider environments.
l
Enterprise Deployments
l
Service Provider Deployments
Enterprise Deployments
For Enterprise deployments, follow these steps.
1.
Log in to Supervisor with 'Admin' privileges.
2. Go to ADMIN > Settings > System > Event Worker.
a.
Enter the IP of the Worker node. If a Supervisor node is only used, then enter the IP of the Supervisor node.
Multiple IP addresses can be entered on separate lines. In this case, the Collectors will load balance the
upload of events to the listed Event Workers.
Note: Rather than using IP addresses, a DNS name is recommended. The reasoning is, should the IP
addressing change, it becomes a matter of updating the DNS rather than modifying the Event Worker IP
addresses in FortiSIEM.
b. Click OK.
3. Go to ADMIN > Setup > Collectors and add a Collector by entering:
a. Name Collector Name
b. Guaranteed EPS this is the EPS that Collector will always be able to send. It could send more if there is
excess EPS available.
c. Start Time and End Time set to Unlimited.
4.
SSH to the Collector and run following script to register Collectors:
# /opt/phoenix/bin/phProvisionCollector --add <user> '<password>' <Super IP or
Host> <Organization> <CollectorName>
The password should be enclosed in single quotes to ensure that any non-alphanumeric characters are escaped.
a.
Set user and password use the admin User Name and password for the Supervisor
b.
Set Super IP or Host as the Supervisor's IP address.
c.
Set Organization. For Enterprise deployments, the default name is Super.
d. Set CollectorName from Step 2a.
The Collector will reboot during the Registration.
FortiSIEM 6.6.2 2000G Hardware Configuration Guide 20
Fortinet Inc.

Table of Contents

Related product manuals