Version:


Table of Contents

7.2.0
Download PDF
Copy Link

Configuring the FortiAnalyzer Fabric

To configure a FortiAnalyzer Fabric, you must configure a supervisor, one or more members, and enable soc-fabric communication on the interfaces being used.

Tooltip

All FortiAnalyzer Fabric members must be configured with the same timezone settings as the supervisor.

Once the supervisor and members are connected and synchronized, they display in System Settings > FortiAnalyzer Fabric for the FortiAnalyzer Fabric supervisor. The Fabric Members table includes the following information for each FortiAnalyzer in the FortiAnalyzer Fabric:

Name The name of the FortiAnalyzer.
Role The role of the FortiAnalyzer in the FortiAnalyzer Fabric (supervisor or member).

IP

The IP address of the FortiAnalyzer.

Status The status of the FortiAnalyzer.

For more information about the devices, go to Device Manager in the FortiAnalyzer Fabric supervisor. See Device Manager.

Configuring a supervisor

To configure a supervisor from the CLI:
  1. In the FortiAnalyzer Fabric supervisor CLI, enter the following commands to enable soc-fabric communication:

    config system interface

    edit <interface used for soc-fabric communication>

    set allowaccess soc-fabric (enable other types of interface access as needed, for example https)

  2. Enter the following commands to configure the supervisor:

    config system soc-fabric

    set status enable

    set role supervisor

    set name <create the FortiAnalyzer Fabric name>

    set psk <create the FortiAnalyzer Fabric password>

    set port 6443 <set the communication port if not using the default one>

    set secure-connection {enable | disable}

    next

    end

To configure a supervisor from the GUI:
  1. In the FortiAnalyzer Fabric supervisor, go to System Settings > FortiAnalyzer Fabric.
  2. Set Status to enabled.
  3. Configure the following settings for the supervisor, and then click Apply to save.
    Role Select Supervisor.
    Cluster Name Type a name for the FortiAnalyzer Fabric.
    Password Type a password for the FortiAnalyzer Fabric.
    Session Port Default = 6443. Type the communication port if not using the default.
    Secure Connection Enable or disable secure connection.

Configuring a member

FortiAnalyzer Fabric allows multiple FortiAnalyzers to act as fabric members. Each FortiAnalyzer in Analyzer mode must be individually configured as a member to participate in the FortiAnalyzer Fabric.

To configure a member from the CLI:
  1. In the FortiAnalyzer Fabric member CLI, enter the following commands to enable soc-fabric communication:

    config system interface

    edit <interface used for soc-fabric communication>

    set allowaccess soc-fabric (enable other types of interface access as needed, for example https)

  2. Enter the following commands to configure the member:

    config system soc-fabric

    set status enable

    set role member

    set name <enter the FortiAnalyzer Fabric Name>

    set psk <enter the FortiAnalyzer Fabric auth password>

    set supervisor <enter the IP/FNDN of the supervisor>

    set port 6443 <set the communication port if not using the default one>

    set secure-connection {enable | disable}

    next

    end

To configure a member from the GUI:
  1. Go to System Settings > FortiAnalyzer Fabric.
  2. Configure the following settings for the member, and then click Apply to save.
    Role Select Member.
    Cluster Name Type the name of the FortiAnalyzer Fabric.

    IP

    Type the IP of the supervisor for the FortiAnalyzer Fabric.

    Password Type the password configured for the FortiAnalyzer Fabric.
    Session Port Default = 6443. Type the communication port if not using the default.
    Secure Connection Enable or disable secure connection.

Configuring the FortiAnalyzer Fabric

To configure a FortiAnalyzer Fabric, you must configure a supervisor, one or more members, and enable soc-fabric communication on the interfaces being used.

Tooltip

All FortiAnalyzer Fabric members must be configured with the same timezone settings as the supervisor.

Once the supervisor and members are connected and synchronized, they display in System Settings > FortiAnalyzer Fabric for the FortiAnalyzer Fabric supervisor. The Fabric Members table includes the following information for each FortiAnalyzer in the FortiAnalyzer Fabric:

Name The name of the FortiAnalyzer.
Role The role of the FortiAnalyzer in the FortiAnalyzer Fabric (supervisor or member).

IP

The IP address of the FortiAnalyzer.

Status The status of the FortiAnalyzer.

For more information about the devices, go to Device Manager in the FortiAnalyzer Fabric supervisor. See Device Manager.

Configuring a supervisor

To configure a supervisor from the CLI:
  1. In the FortiAnalyzer Fabric supervisor CLI, enter the following commands to enable soc-fabric communication:

    config system interface

    edit <interface used for soc-fabric communication>

    set allowaccess soc-fabric (enable other types of interface access as needed, for example https)

  2. Enter the following commands to configure the supervisor:

    config system soc-fabric

    set status enable

    set role supervisor

    set name <create the FortiAnalyzer Fabric name>

    set psk <create the FortiAnalyzer Fabric password>

    set port 6443 <set the communication port if not using the default one>

    set secure-connection {enable | disable}

    next

    end

To configure a supervisor from the GUI:
  1. In the FortiAnalyzer Fabric supervisor, go to System Settings > FortiAnalyzer Fabric.
  2. Set Status to enabled.
  3. Configure the following settings for the supervisor, and then click Apply to save.
    Role Select Supervisor.
    Cluster Name Type a name for the FortiAnalyzer Fabric.
    Password Type a password for the FortiAnalyzer Fabric.
    Session Port Default = 6443. Type the communication port if not using the default.
    Secure Connection Enable or disable secure connection.

Configuring a member

FortiAnalyzer Fabric allows multiple FortiAnalyzers to act as fabric members. Each FortiAnalyzer in Analyzer mode must be individually configured as a member to participate in the FortiAnalyzer Fabric.

To configure a member from the CLI:
  1. In the FortiAnalyzer Fabric member CLI, enter the following commands to enable soc-fabric communication:

    config system interface

    edit <interface used for soc-fabric communication>

    set allowaccess soc-fabric (enable other types of interface access as needed, for example https)

  2. Enter the following commands to configure the member:

    config system soc-fabric

    set status enable

    set role member

    set name <enter the FortiAnalyzer Fabric Name>

    set psk <enter the FortiAnalyzer Fabric auth password>

    set supervisor <enter the IP/FNDN of the supervisor>

    set port 6443 <set the communication port if not using the default one>

    set secure-connection {enable | disable}

    next

    end

To configure a member from the GUI:
  1. Go to System Settings > FortiAnalyzer Fabric.
  2. Configure the following settings for the member, and then click Apply to save.
    Role Select Member.
    Cluster Name Type the name of the FortiAnalyzer Fabric.

    IP

    Type the IP of the supervisor for the FortiAnalyzer Fabric.

    Password Type the password configured for the FortiAnalyzer Fabric.
    Session Port Default = 6443. Type the communication port if not using the default.
    Secure Connection Enable or disable secure connection.