ha
Use this command to enable and configure FortiAnalyzer high availability (HA).
FortiAnalyzer HA clusters provide real-time redundancy in case a unit fails. Logs, data, and relevant system settings are securely synchronized across multiple FortiAnalyzer devices, and processing tasks can be shared to alleviate the load on the primary unit.
A FortiAnalyzer HA cluster can have a maximum of four units, all of which are visible on the network. All of the units must be from the same product series and in the same operating mode (analyzer or collector). HA is not supported when FortiManager features are enabled.
For more information, see the FortiAnalyzer Administration Guide.
Syntax
config system ha
set group-id <integer>
set group-name <name>
set hb-interface
set hb-interval <integer>
set healthcheck {DB | fault-test}
set initial-sync {true | false}
set initial-sync-threads <integer>
set load-balance (disable | round-robin}
set log-sync {enable | disable}
set mode {a-p | standalone}
set password <passwd>
set preferred-role
set priority <integer>
set private-clusterid
set private-file-quota
set private-hb-interval
set private-hb-lost-threshold
set private-local-cert
set private-mode
set private-password
set unicast {enable | disable}
set vip <ip_address>
set vip-interface <port>
config peer
edit <peer_id_int>
set ip <peer_ip_address>
set ip-hb <string>
set serial-number <string>
set status {enable | disable}
end
end
Variable |
Description |
---|---|
group-id <integer> | Set the HA group ID (1 - 255, default = 0). |
group-name <name> | Set the HA group name. |
hb-interface | |
hb-interval <integer> |
The time, in seconds, that a cluster unit waits between sending heartbeat packets. The heartbeat interval is also the amount of time that a cluster unit waits before expecting to receive a heartbeat packet from the other cluster unit (1 - 20, default = 1). |
healthcheck {DB | fault-test} |
Set the healthcheck options:
|
initial-sync {true | false} |
Synchronize data from the primary device before joining the HA cluster (default = true). |
initial-sync-threads <integer> |
Number of threads used for initial synchronization (1 - 15, default = 4). |
load-balance (disable | round-robin} |
Configure load balancing to secondary units (default = round-robin). |
log-sync {enable | disable} |
Synchronize logs to backup FortiAnalyzer devices (default = enable). |
mode {a-p | standalone} |
Set the HA operating mode: Active-passive mode ( |
password <passwd> |
Set the HA group password. |
priority <integer> |
Set the runtime priority (80 - 120, default = 100). |
preferrred-role {master | slave} |
The preferred role of this unit (default = slave). The runtime role may be different. |
private-clusterid |
|
private-file-quota |
|
private-hb-interval |
|
private-hb-lost-threshold |
|
private-local-cert |
|
private-mode |
|
private-password |
|
unicast {enable | disable} |
Enable/disable unicast for HA heartbeat (default = disable). |
vip <ip_address> |
Set the virtual IP address for the HA cluster. |
vip-interface <port> |
Set the virtual interface for configuring the virtual IP address. |
Variables for |
|
<peer_id_int> |
Add a peer and add the peer’s IPv4 or IPv6 address and serial number. |
ip <peer_ip_address> |
Enter the IPv4 address of the peer FortiAnalyzer unit. |
ip-hb <string> |
Enter the IP address of the peer's VIP interface for heartbeat. This only needs to be set if the value is different than the peer's IP address, and is only needed when using unicast. |
serial-number <string> |
Enter the serial number of the peer FortiAnalyzer unit. |
status {enable | disable} |
Enter the status of the peer FortiAnalyzer unit (default = enable). |