Configuring the FortiAnalyzer Fabric

To configure a FortiAnalyzer Fabric, you must configure a supervisor, one or more members, and enable soc-fabric communication on the interfaces being used.

• Configuring a supervisor
• Configuring a member

All FortiAnalyzer Fabric members must be configured with the same timezone settings as the supervisor.

Once the supervisor and members are connected and synchronized, they display in System Settings > FortiAnalyzer Fabric for the FortiAnalyzer Fabric supervisor. The Fabric Members table includes the following information for each FortiAnalyzer in the FortiAnalyzer Fabric:

Name	The name of the FortiAnalyzer.
Role	The role of the FortiAnalyzer in the FortiAnalyzer Fabric (supervisor or member).
IP	The IP address of the FortiAnalyzer.
Status	The status of the FortiAnalyzer.

For more information about the devices, go to Device Manager in the FortiAnalyzer Fabric supervisor. See Device Manager.

Configuring a supervisor

To configure a supervisor from the CLI:

1. In the FortiAnalyzer Fabric supervisor CLI, enter the following commands to enable soc-fabric communication:

   config system interface

   edit <interface used for soc-fabric communication>

   set allowaccess soc-fabric (enable other types of interface access as needed, for example https)

2. Enter the following commands to configure the supervisor:

   config system soc-fabric

   set status enable

   set role supervisor

   set name <create the FortiAnalyzer Fabric name>

   set psk <create the FortiAnalyzer Fabric password>

   set port 6443 <set the communication port if not using the default one>

   set secure-connection {enable | disable}

   next

   end

To configure a supervisor from the GUI:

1. In the FortiAnalyzer Fabric supervisor, go to System Settings > FortiAnalyzer Fabric.
2. Set Status to enabled.
3. Configure the following settings for the supervisor, and then click Apply to save.

   Role	Select Supervisor.
   Cluster Name	Type a name for the FortiAnalyzer Fabric.
   Password	Type a password for the FortiAnalyzer Fabric.
   Session Port	Default = 6443. Type the communication port if not using the default.
   Secure Connection	Enable or disable secure connection.

Configuring a member

FortiAnalyzer Fabric allows multiple FortiAnalyzers to act as fabric members. Each FortiAnalyzer in Analyzer mode must be individually configured as a member to participate in the FortiAnalyzer Fabric.

To configure a member from the CLI:

1. In the FortiAnalyzer Fabric member CLI, enter the following commands to enable soc-fabric communication:

   config system interface

   edit <interface used for soc-fabric communication>

   set allowaccess soc-fabric (enable other types of interface access as needed, for example https)

2. Enter the following commands to configure the member:

   config system soc-fabric

   set status enable

   set role member

   set name <enter the FortiAnalyzer Fabric Name>

   set psk <enter the FortiAnalyzer Fabric auth password>

   set supervisor <enter the IP/FNDN of the supervisor>

   set port 6443 <set the communication port if not using the default one>

   set secure-connection {enable | disable}

   next

   end

To configure a member from the GUI:

1. Go to System Settings > FortiAnalyzer Fabric.
2. Configure the following settings for the member, and then click Apply to save.

   Role	Select Member.
   Cluster Name	Type the name of the FortiAnalyzer Fabric.
   IP	Type the IP of the supervisor for the FortiAnalyzer Fabric.
   Password	Type the password configured for the FortiAnalyzer Fabric.
   Session Port	Default = 6443. Type the communication port if not using the default.
   Secure Connection	Enable or disable secure connection.