Fortinet black logo

Administration Guide

Home FortiAnalyzer BigData 6.2.1 Administration Guide

General maintenance and best practices

6.2.1
7.4.0
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.1
6.4.6
6.4.5
6.2.5
6.2.1
Copy Link
Copy Doc ID 68feed8c-a766-11ea-8b7d-00505692583a:932310
Download PDF

General maintenance and best practices

To ensure that your FortiAnalyzer-BigData appliance runs smoothly, you need to perform regular maintenance tasks and follow best practices guidelines.

Backup and restore to external HDFS

Tooltip

For full instructions on how to backup and restore your data, see Data backup and Data restore.
Note

You cannot disable this command afterward if it's not needed anymore.

When you back up your data, FortiAnalyzer-BigData backs up the data to an internal HDFS in the Security Event Manager. To back up the data to an external HDFS, all the HDFS nodes must be able to access the external network. By default, all the Security Event Manager hosts (except the Security Event Manager Controller) have no external network access. To allow the rest of the nodes to have external network access, run the following command on the Security Event Manager Controller:

fazbdctl -c enable -t ip-forward

Schedule maintenance tasks for off-peak hours

Fortinet strongly recommends scheduling maintenance jobs for off-peak hours whenever possible, including jobs such as:

  • Storage Group Backup
  • Data Rebalance

Maintain database integrity

To maintain database integrity, never power off a FortiAnalyzer-BigData unit without a graceful shutdown. Removing power without a proper shutdown can damage FortiAnalyzer-BigData databases.

Before removing power, always use the Stop All Services action from Cluster Manager > Services > Actions, or manually stop services in the following order:

  1. Core
  2. Message Broker
  3. Data Lake
  4. Metastore
Tooltip

After you power up your FortiAnalyzer-BigData unit again, you must manually select the Start All Services action from Cluster Manager > Services > Actions and make sure that all hosts, services and health checks are green before resuming system functions.
Note

Fortinet strongly recommends connecting FortiAnalyzer-BigData units to an uninterruptible power supply (UPS) to prevent unexpected power issues that might damage internal databases.
Previous
Next

General maintenance and best practices

To ensure that your FortiAnalyzer-BigData appliance runs smoothly, you need to perform regular maintenance tasks and follow best practices guidelines.

Backup and restore to external HDFS

Tooltip

For full instructions on how to backup and restore your data, see Data backup and Data restore.
Note

You cannot disable this command afterward if it's not needed anymore.

When you back up your data, FortiAnalyzer-BigData backs up the data to an internal HDFS in the Security Event Manager. To back up the data to an external HDFS, all the HDFS nodes must be able to access the external network. By default, all the Security Event Manager hosts (except the Security Event Manager Controller) have no external network access. To allow the rest of the nodes to have external network access, run the following command on the Security Event Manager Controller:

fazbdctl -c enable -t ip-forward

Schedule maintenance tasks for off-peak hours

Fortinet strongly recommends scheduling maintenance jobs for off-peak hours whenever possible, including jobs such as:

  • Storage Group Backup
  • Data Rebalance

Maintain database integrity

To maintain database integrity, never power off a FortiAnalyzer-BigData unit without a graceful shutdown. Removing power without a proper shutdown can damage FortiAnalyzer-BigData databases.

Before removing power, always use the Stop All Services action from Cluster Manager > Services > Actions, or manually stop services in the following order:

  1. Core
  2. Message Broker
  3. Data Lake
  4. Metastore
Tooltip

After you power up your FortiAnalyzer-BigData unit again, you must manually select the Start All Services action from Cluster Manager > Services > Actions and make sure that all hosts, services and health checks are green before resuming system functions.
Note

Fortinet strongly recommends connecting FortiAnalyzer-BigData units to an uninterruptible power supply (UPS) to prevent unexpected power issues that might damage internal databases.
Previous
Next