Configuring the FortiAnalyzer Fabric
To configure a FortiAnalyzer Fabric, you must configure a supervisor, one or more members, and enable soc-fabric communication on the interfaces being used.
All FortiAnalyzer Fabric members must be configured with the same timezone settings as the supervisor. |
Once the supervisor and members are connected and synchronized, they display in System Settings > FortiAnalyzer Fabric for the FortiAnalyzer Fabric supervisor. The Fabric Members table includes the following information for each FortiAnalyzer in the FortiAnalyzer Fabric:
Name | The name of the FortiAnalyzer. |
Role | The role of the FortiAnalyzer in the FortiAnalyzer Fabric (supervisor or member). |
IP |
The IP address of the FortiAnalyzer. |
Status | The status of the FortiAnalyzer. |
For more information about the devices, go to Device Manager in the FortiAnalyzer Fabric supervisor. See Device Manager.
Configuring a supervisor
To configure a supervisor from the CLI:
- In the FortiAnalyzer Fabric supervisor CLI, enter the following commands to enable soc-fabric communication:
config system interface
edit <interface used for soc-fabric communication>
set allowaccess soc-fabric (enable other types of interface access as needed, for example https)
- Enter the following commands to configure the supervisor:
config system soc-fabric
set status enable
set role supervisor
set name <create the FortiAnalyzer Fabric name>
set psk <create the FortiAnalyzer Fabric password>
set port 6443 <set the communication port if not using the default one>
set secure-connection {enable | disable}
next
end
To configure a supervisor from the GUI:
- In the FortiAnalyzer Fabric supervisor, go to System Settings > FortiAnalyzer Fabric.
- Set Status to enabled.
- Configure the following settings for the supervisor, and then click Apply to save.
Role Select Supervisor. Cluster Name Type a name for the FortiAnalyzer Fabric. Password Type a password for the FortiAnalyzer Fabric. Session Port Default = 6443. Type the communication port if not using the default. Secure Connection Enable or disable secure connection.
Configuring a member
FortiAnalyzer Fabric allows multiple FortiAnalyzers to act as fabric members. Each FortiAnalyzer in Analyzer mode must be individually configured as a member to participate in the FortiAnalyzer Fabric.
To configure a member from the CLI:
- In the FortiAnalyzer Fabric member CLI, enter the following commands to enable soc-fabric communication:
config system interface
edit <interface used for soc-fabric communication>
set allowaccess soc-fabric (enable other types of interface access as needed, for example https)
- Enter the following commands to configure the member:
config system soc-fabric
set status enable
set role member
set name <enter the FortiAnalyzer Fabric Name>
set psk <enter the FortiAnalyzer Fabric auth password>
set supervisor <enter the IP/FNDN of the supervisor>
set port 6443 <set the communication port if not using the default one>
set secure-connection {enable | disable}
next
end
To configure a member from the GUI:
- Go to System Settings > FortiAnalyzer Fabric.
- Configure the following settings for the member, and then click Apply to save.
Role Select Member. Cluster Name Type the name of the FortiAnalyzer Fabric. IP
Type the IP of the supervisor for the FortiAnalyzer Fabric.
Password Type the password configured for the FortiAnalyzer Fabric. Session Port Default = 6443. Type the communication port if not using the default. Secure Connection Enable or disable secure connection.