Installing a FortiEDR Collector on Linux

5.2.0

Copy Link

Copy Doc ID 30b84173-e130-11ec-bb32-fa163e15d75b:551398

Download PDF

Installing a FortiEDR Collector on Linux

To install a customized FortiEDR Collector on Linux:

It is recommended to get a pre-populated customized Collector installer for Linux, as described in Requesting and obtaining a Collector installer.
Copy the custom Linux Collector installer zip file, FortiEDRSilentInstall_5.1.0.195_envname_Tenant.zip to the device. This file was downloaded from the provided link as described in Requesting and obtaining a Collector installer.
Unzip using the following command:
```
sudo unzip ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.zip
```
If you don’t have zip software on the device, install it using:
```
yum install zip
```

Extract the installer using the following command:

sudo gunzip ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh.gz

Change the installation script permission with the following command:
```
chmod 755 FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh
```

Run the following to execute the installation script:

sudo ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh

If another AV product is also installed on the machine, exclude AV exceptions by following the instructions in Exclusion paths.

To install a non-customized FortiEDR Collector on Linux:

Run the FortiEDR Collector installation file for 64-bit servers using the following command:
- CentOS/RHEL/Oracle/AMI:
  sudo yum install ./FortiEDRCollectorInstaller_%Linux_distribution%-%version_number%.x86_64.rpm
  For example, sudo yum install ./FortiEDRCollectorInstaller_CentOS6-3.1.0-74.x86_64.rpm.
- Ubuntu:
  sudo apt-get install ./FortiEDRCollectorInstaller_Ubuntu-%version_number%.deb
  For example, sudo apt-get install ./FortiEDRCollectorInstaller_Ubuntu-3.1.0-74.deb.
- SUSE Linux:
  rpm --import RPM-GPG-KEY.key
  The FortiEDR PGP key is included in the download link of the pre-populated installer, see the Requesting and obtaining a Collector installer.
  zypper install FortiEDRCollectorInstaller_%distribution% -%version_number%.rpm
  For example: zypper install FortiEDRCollectorInstaller_openSUSE15-4.5.0-88.x86_64.rpm
After the installation is completed, run the following:
```
sudo /opt/FortiEDRCollector/scripts/fortiedrconfig.sh
```
Specify the FortiEDR Aggregator domain name or IP address.
Enter the FortiEDR Aggregator port information (usually 8081).
For a multi-tenant setup, enter the organization. Otherwise, leave the organization empty.
Enter Collector Group information or leave empty to be registered to the default Collector Group.
Enter the device registration password that is defined in Configuring the FortiEDR Central Manager server and console.
If you forget the registration password, retrieve it under Administration > Tools > Component authentication in the Central Manager console.
At the Do you want to connect via proxy (Y/N)? prompt, type Y if your setup includes a web proxy.
If you are installing the Linux Collector build 5.1.5.1062 or later on a machine with secure boot enabled, at the One or more modules are not signed. Would you like to sign them now? prompt, type Y to sign the unsigned kernel modules or N to leave them unsigned.
If your software distribution system does not allow the addition of specific parameters to the command, you can use the custom FortiEDR Collector installer, which can be accessed via the Central Manager Console using the required DNS or IP address and password that is already embedded inside. For more details, see Requesting and obtaining a Collector installer.
If another AV product is also installed on the machine, exclude AV exceptions by following the instructions in Exclusion paths.

Installation of the FortiEDR Linux Collector on a VM that is running other components of FortiEDR such as Core or Aggregator requires adding a special hidden configuration. Contact Fortinet Support for more assistance.

To install a customized FortiEDR Collector on Linux:

It is recommended to get a pre-populated customized Collector installer for Linux, as described in Requesting and obtaining a Collector installer.
Copy the custom Linux Collector installer zip file, FortiEDRSilentInstall_5.1.0.195_envname_Tenant.zip to the device. This file was downloaded from the provided link as described in Requesting and obtaining a Collector installer.
Unzip using the following command:
```
sudo unzip ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.zip
```
If you don’t have zip software on the device, install it using:
```
yum install zip
```

Extract the installer using the following command:

sudo gunzip ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh.gz

Change the installation script permission with the following command:
```
chmod 755 FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh
```

Run the following to execute the installation script:

sudo ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh

If another AV product is also installed on the machine, exclude AV exceptions by following the instructions in Exclusion paths.

To install a non-customized FortiEDR Collector on Linux:

Run the FortiEDR Collector installation file for 64-bit servers using the following command:
- CentOS/RHEL/Oracle/AMI:
  sudo yum install ./FortiEDRCollectorInstaller_%Linux_distribution%-%version_number%.x86_64.rpm
  For example, sudo yum install ./FortiEDRCollectorInstaller_CentOS6-3.1.0-74.x86_64.rpm.
- Ubuntu:
  sudo apt-get install ./FortiEDRCollectorInstaller_Ubuntu-%version_number%.deb
  For example, sudo apt-get install ./FortiEDRCollectorInstaller_Ubuntu-3.1.0-74.deb.
- SUSE Linux:
  rpm --import RPM-GPG-KEY.key
  The FortiEDR PGP key is included in the download link of the pre-populated installer, see the Requesting and obtaining a Collector installer.
  zypper install FortiEDRCollectorInstaller_%distribution% -%version_number%.rpm
  For example: zypper install FortiEDRCollectorInstaller_openSUSE15-4.5.0-88.x86_64.rpm
After the installation is completed, run the following:
```
sudo /opt/FortiEDRCollector/scripts/fortiedrconfig.sh
```
Specify the FortiEDR Aggregator domain name or IP address.
Enter the FortiEDR Aggregator port information (usually 8081).
For a multi-tenant setup, enter the organization. Otherwise, leave the organization empty.
Enter Collector Group information or leave empty to be registered to the default Collector Group.
Enter the device registration password that is defined in Configuring the FortiEDR Central Manager server and console.
If you forget the registration password, retrieve it under Administration > Tools > Component authentication in the Central Manager console.
At the Do you want to connect via proxy (Y/N)? prompt, type Y if your setup includes a web proxy.
If you are installing the Linux Collector build 5.1.5.1062 or later on a machine with secure boot enabled, at the One or more modules are not signed. Would you like to sign them now? prompt, type Y to sign the unsigned kernel modules or N to leave them unsigned.
If your software distribution system does not allow the addition of specific parameters to the command, you can use the custom FortiEDR Collector installer, which can be accessed via the Central Manager Console using the required DNS or IP address and password that is already embedded inside. For more details, see Requesting and obtaining a Collector installer.
If another AV product is also installed on the machine, exclude AV exceptions by following the instructions in Exclusion paths.