New management extension - FortiSOAR
This feature adds the FortiSOAR application as a management extension application (MEA). FortiSOAR is an enterprise-built security orchestration and security automation workbench that empowers security operation teams.
By default, FortiSOAR MEA is disabled. You can enable FortiSOAR MEA by using the GUI or the CLI.
There are minimum system resources recommended for FortiAnalyzer when using FortiSOAR MEA. See the FortiAnalyzer Release Notes for additional information.
The following CLI commands are available for FortiSOAR MEA:
config system docker
diagnose docker status
diagnose docker upgrade fortisoar
FortiAnalyzer supports only FortiSOAR MEA. Although you can use the CLI to enable additional management extension applications, they are not supported by FortiAnalyzer. Enabled, unsupported management extension applications are hidden from the FortiAnalyzer GUI, but still consume valuable resources. Be sure to only enable FortiSOAR MEA on FortiAnalyzer when using the CLI.
To enable FortiSOAR MEA by using the GUI:
- Ensure you are logged in to FortiAnalyzer by using an administrator account that is assigned a Super_User profile.
- Go to the Management Extensions tile.
The management extension application options are displayed.
- Click FortiSOAR.
A confirmation dialog box is displayed.
- In the confirmation dialog box, click OK.
FortiSOAR MEA is downloaded from the Fortinet registry (registry.fortinet.com).
A progress bar displays under the FortiSOAR tile.
After FortiSOAR downloads, it initializes.
After initialization, the license agreement is displayed.
- Read the license agreement, and click Agree.
- Log in to FortiSOAR by using your FortiAnalyzer login.
The FortiSOAR dashboard is displayed.
The version and build information for FortiSOAR can be found on the bottom-left corner of the Dashboard. Clicking on this information displays the version and build dialog.