Upgrading the Collector
After a Collector has been installed in the system, you can upgrade it using one of the following methods:
- To update a FortiEDR Collector version, such as from version 4.0 to 5.0, see Updating the Collector Version.
- To update the revision for a given FortiEDR Collector version, such as from 5.0.0.5 to 5.0.0.15, see Automatic Collector Updates.
- As described in the procedure below.
To upgrade the Collector manually (not via the user interface):
Windows
- Copy the
FortiEDRCollectorInstallaler32_x.x.x.xxx.msi
orFortiEDRCollectorInstallaler64_x.x.x.xxx.msi
file (as appropriate) to the Collector machine. For example,FortiEDRCollectorInstallaler32_2.0.0.330.msi
orFortiEDRCollectorInstallaler64_2.0.0.330.msi
. - Double-click the
FortiEDRCollectorInstallaler32_x.x.x.xxx.msi
orFortiEDRCollectorInstallaler64_x.x.x.xxx.msi
file and follow the displayed instructions.
Linux
You can only manually upgrade non-customized Linux Collectors. For custom Linux Collectors, you must first uninstall the current Collector and then install a new one, which requires reconfiguration. |
To upgrade a non-customized Collector on Linux:
- Check the status of the Collector using the following command:
/opt/FortiEDRCollector/control.sh --status
The Collector should be stopped before running the upgrade command.
- If the status is not stopped, stop the Collector using the following command:
/opt/FortiEDRCollector/control.sh --stop <registration password>
For example:
/ opt/FortiEDRCollector/control.sh --stop 12345678
- Copy the installer file to the Collector machine (either
FortiEDRCollectorInstaller_Linux_distribution-version_number.x86_64.rpm
orFortiEDRCollectorInstaller_Ubuntuversion_number.deb
). - Upgrade the Collector using the following command:
- CentOS/RHEL/Oracle/AMI:
sudo yum install FortiEDRCollectorInstaller_Linux_distribution-version_number.x86_64.rpm
- Ubuntu:
Ubuntu: Run sudo apt install FortiEDRCollectorInstaller_Ubuntu-version_number.deb
- SLES:
zypper install FortiEDRCollectorInstaller_distribution-version_number.rpm
- CentOS/RHEL/Oracle/AMI:
- Enter
y
when asked if you want to upgrade. - After the upgrade is complete, start the Collector using the following command:
/opt/FortiEDRCollector/control.sh --start
If your FortiEDR Threat Hunting Repository, Central Manager, Aggregator or Core are deployed on your organization’s premises (on-premises), see Upgrading FortiEDR Components for instructions of upgrading these components.