Fortinet white logo
Fortinet white logo

Administration Guide

Installing a FortiEDR Collector on Linux

Installing a FortiEDR Collector on Linux

To install a customized FortiEDR Collector on Linux:
  1. It is recommended to get a pre-populated customized Collector installer for Linux, as described in Requesting and Obtaining a Collector Installer.
  2. Copy the custom Linux Collector installer zip file, FortiEDRSilentInstall_5.1.0.195_envname_Tenant.zip to the device. This file was downloaded from the provided link as described in Requesting and Obtaining a Collector Installer.
  3. Unzip using the following command:
    sudo unzip ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.zip

    If you don’t have zip software on the device, install it using:

    yum install zip
  4. Extract the installer using the following command:
    sudo gunzip ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh.gz
  5. Change the installation script permission with the following command:
    chmod 755 FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh
  6. Run the following to execute the installation script:
    sudo ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh
To install a non-customized FortiEDR Collector on Linux:
  1. Run the FortiEDR Collector installation file for 64-bit servers using the following command:
    • CentOS/RHEL/Oracle/AMI:

      sudo yum install ./FortiEDRCollectorInstaller_%Linux_distribution%-%version_number%.x86_64.rpm

      For example, sudo yum install ./FortiEDRCollectorInstaller_CentOS6-3.1.0-74.x86_64.rpm.

    • Ubuntu:

      sudo apt-get install ./FortiEDRCollectorInstaller_Ubuntu-%version_number%.deb

      For example, sudo apt-get install ./FortiEDRCollectorInstaller_Ubuntu-3.1.0-74.deb.

    • SUSE Linux:

      rpm --import RPM-GPG-KEY.key

      The FortiEDR PGP key is included in the download link of the pre-populated installer, see the Requesting and Obtaining a Collector Installer.

      zypper install FortiEDRCollectorInstaller_%distribution% -%version_number%.rpm

      For example: zypper install FortiEDRCollectorInstaller_openSUSE15-4.5.0-88.x86_64.rpm

  2. After the installation is completed, run the following:
    sudo /opt/FortiEDRCollector/scripts/fortiedrconfig.sh
  3. Specify the FortiEDR Aggregator domain name or IP address.
  4. Enter the FortiEDR Aggregator port information (usually 8081).
  5. For a multi-tenant setup, enter the organization. Otherwise, leave the organization empty.
  6. Enter Collector Group information or leave empty to be registered to the default Collector Group.
  7. Enter the device registration password, described in Configuring the FortiEDR Central Manager Server and Console.
  8. At the Do you want to connect via proxy (Y/N)? prompt, type Y if your setup includes a web proxy. For more details, see Installing FortiEDR Collectors.
  9. If your software distribution system does not allow the addition of specific parameters to the command, you can use the custom FortiEDR Collector installer, which can be accessed via the Central Manager Console using the required DNS or IP address and password that is already embedded inside. For more details, see Requesting and Obtaining a Collector Installer.

  10. If another AV product is also installed on the machine, exclude AV exceptions by following the instructions in Setting up exclusions with other AV products.
Note

Installation of the FortiEDR Linux Collector on a VM that is running other components of FortiEDR such as Core or Aggregator requires adding a special hidden configuration. Contact Fortinet Support for more assistance.

Installing a FortiEDR Collector on Linux

Installing a FortiEDR Collector on Linux

To install a customized FortiEDR Collector on Linux:
  1. It is recommended to get a pre-populated customized Collector installer for Linux, as described in Requesting and Obtaining a Collector Installer.
  2. Copy the custom Linux Collector installer zip file, FortiEDRSilentInstall_5.1.0.195_envname_Tenant.zip to the device. This file was downloaded from the provided link as described in Requesting and Obtaining a Collector Installer.
  3. Unzip using the following command:
    sudo unzip ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.zip

    If you don’t have zip software on the device, install it using:

    yum install zip
  4. Extract the installer using the following command:
    sudo gunzip ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh.gz
  5. Change the installation script permission with the following command:
    chmod 755 FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh
  6. Run the following to execute the installation script:
    sudo ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh
To install a non-customized FortiEDR Collector on Linux:
  1. Run the FortiEDR Collector installation file for 64-bit servers using the following command:
    • CentOS/RHEL/Oracle/AMI:

      sudo yum install ./FortiEDRCollectorInstaller_%Linux_distribution%-%version_number%.x86_64.rpm

      For example, sudo yum install ./FortiEDRCollectorInstaller_CentOS6-3.1.0-74.x86_64.rpm.

    • Ubuntu:

      sudo apt-get install ./FortiEDRCollectorInstaller_Ubuntu-%version_number%.deb

      For example, sudo apt-get install ./FortiEDRCollectorInstaller_Ubuntu-3.1.0-74.deb.

    • SUSE Linux:

      rpm --import RPM-GPG-KEY.key

      The FortiEDR PGP key is included in the download link of the pre-populated installer, see the Requesting and Obtaining a Collector Installer.

      zypper install FortiEDRCollectorInstaller_%distribution% -%version_number%.rpm

      For example: zypper install FortiEDRCollectorInstaller_openSUSE15-4.5.0-88.x86_64.rpm

  2. After the installation is completed, run the following:
    sudo /opt/FortiEDRCollector/scripts/fortiedrconfig.sh
  3. Specify the FortiEDR Aggregator domain name or IP address.
  4. Enter the FortiEDR Aggregator port information (usually 8081).
  5. For a multi-tenant setup, enter the organization. Otherwise, leave the organization empty.
  6. Enter Collector Group information or leave empty to be registered to the default Collector Group.
  7. Enter the device registration password, described in Configuring the FortiEDR Central Manager Server and Console.
  8. At the Do you want to connect via proxy (Y/N)? prompt, type Y if your setup includes a web proxy. For more details, see Installing FortiEDR Collectors.
  9. If your software distribution system does not allow the addition of specific parameters to the command, you can use the custom FortiEDR Collector installer, which can be accessed via the Central Manager Console using the required DNS or IP address and password that is already embedded inside. For more details, see Requesting and Obtaining a Collector Installer.

  10. If another AV product is also installed on the machine, exclude AV exceptions by following the instructions in Setting up exclusions with other AV products.
Note

Installation of the FortiEDR Linux Collector on a VM that is running other components of FortiEDR such as Core or Aggregator requires adding a special hidden configuration. Contact Fortinet Support for more assistance.