Fortinet FortiSIEM 500F, Configuration Manual

Page 1: ...FortiSIEM 500F Collector Configuration Guide Version 6 1 2...

Page 2: ...upport fortinet com FORTINET TRAINING CERTIFICATION PROGRAM https www fortinet com support and training training html NSE INSTITUTE https training fortinet com FORTIGUARD CENTER https fortiguard com E...

Page 3: ...tep 1 Create Bootable Linux Image 14 Step 2 Copy FortiSIEM Collector image to USB 14 Step 3 Prepare 500F by removing FSM 14 Step 4 Configure 500F BIOS to Boot into USB Drive 15 Step 5 Re image 500F bo...

Page 4: ...ct FSM 500F to the network by connecting an Ethernet cable to Port1 Before proceeding to the next step connecting Ethernet cable to Port1 is required for Network configuration Step 2 Power On the FSM...

Page 5: ...ion and serial number diagnose hardware info Displays system hardware information like CPUs Memory and RAID information diagnose interface detail port0 Displays interface status Step 4 Configure Forti...

Page 6: ...Appliance Setup 4 Select your Region and press Next 5 Select your Country and press Next FortiSIEM 6 1 2 500F Collector Configuration Guide 6 Fortinet Technologies Inc...

Page 7: ...1 install_without_fips You have the option of enabling FIPS option 3 or disabling FIPS option 4 later 9 When prompted enter the information for these network components to configure the Static IP addr...

Page 8: ...red in the previous step and responds to ping The host can either be an internal host or a public domain host like google com For the migration to complete the system still needs https connectivity to...

Page 9: ...upported dns1 dns2 Addresses of the DNS server 1 and DNS server 2 o Installation option z Time zone Examples of possible values are US Pacific Asia Shanghai Europe London or Africa Tunis testpinghost...

Page 10: ...ollectorName a Set user and password use the admin User Name and password for the Supervisor b Set Super IP or Host as the Supervisor s IP address c Set Organization For Enterprise deployments the def...

Page 11: ...Email 5 Under Collectors click New 6 Enter the Collector Name Guaranteed EPS Start Time and End Time The last two values could be set as Unlimited Guaranteed EPS is the EPS that the Collector will al...

Page 12: ...6 by command line for example phProvisionCollector add admin Admin 11 172 30 53 130 ORG1289 CO1289 A message will display after the completion Continuing to provision the Collector This collector is...

Page 13: ...ote RAID Information is NOT applicable to FSM 500F model 4 To install FortiSIEM Collector run execute factoryreset Note This script takes 5 minutes to complete FortiSIEM Collector installation Follow...

Page 14: ...n use the Ubuntu guide for creating a USB drive with Ubuntu Step 2 Copy FortiSIEM Collector image to USB 1 Connect 8 GB USB Drive to the system desktop or laptop 2 Open Windows Explorer right click Dr...

Page 15: ...rive will be referred as dev sdb in the following steps 6 Enter into root while in the terminal using the following command sudo s 7 Determine the mount point of this drive by using the following comm...

Page 16: ...ollowing commands mkdir p opt images ln s opt images images 4 Go to the images directory Download the 6 1 2 hardware image from the support site then unzip it For example unzip_FSM_Full_All_RAW_HARDWA...

Page 17: ...er script 1 Go to the bootloader directory for example cd images FSM_Bootloader_6 1 2_build0119 2 Run the prepare_bootloader script to install and configure the bootloader This script installs configu...

Page 18: ...t have to reboot the system manually if auto reboot does not work 4 In the FortiSIEM bootloader shell choose FortiSIEM Boot Loader Press Return Load the FortiSIEM 6 1 2 Image Follow these steps to loa...

Page 19: ...k to images from opt ln sf opt images images c Change to the images directory for example cd images d Run the ll command to check disk usage ll These steps are illustrated in the following screen shot...

Page 20: ...in to the bootloader shell as user root with password ProspectHills You will immediately be asked to change your password 2 Create and mount the images directory from opt a Change directory to root fo...

Page 21: ...son fortisiem4x0 images e Unmount the opt directory umount opt 3 Run the configFSM sh command to configure the migration via a GUI for example configFSM sh 4 In the first screen of the GUI select 1 Ye...

Page 22: ...ct a region for the timezone In this example US is selected Press Next 6 Select a timezone in the selected region In this example Pacific is selected Press Next FortiSIEM 6 1 2 500F Collector Configur...

Page 23: ...the Collector is selected Press Next 8 Select option 5 migrate_6_1_1 9 Test connectivity by connecting to a well known internet site Press Next 10 Press the Run command to complete migration for examp...

Page 24: ...The script will take some minutes to run When it is finished migration is complete 12 Log in to your system again as user root with your new password 13 To ensure phMonitor is running execute the phs...

Page 25: ...grating from Pre 6 1 2 FortiSIEM Reboot the Appliance If the appliance does not reboot automatically then manually reboot FortiSIEM 6 1 2 500F Collector Configuration Guide 25 Fortinet Technologies In...

Page 26: ...cept to the extent Fortinet enters a binding written contract signed by Fortinet s General Counsel with a purchaser that expressly warrants that the identified product will perform according to certai...