Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiEDR/XDR 6.2.0 Administration Guide
    6.2.0
    6.2.0
    6.0.0
    5.2.1
    5.2.0
    5.1.0
    5.0.0
    4.2.0
    4.1.1
    4.1.0

    Installing a FortiEDR Collector on Linux

    Installing a FortiEDR Collector on Linux

    To install a customized FortiEDR Collector on Linux:
    1. It is recommended to get a pre-populated customized Collector installer for Linux, as described in Requesting and obtaining a Collector installer.
    2. Copy the custom Linux Collector installer zip file, FortiEDRSilentInstall_5.1.0.195_envname_Tenant.zip to the device. This file was downloaded from the provided link as described in Requesting and obtaining a Collector installer.
    3. Unzip using the following command: 
      sudo unzip ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.zip

      If you don’t have zip software on the device, install it using:

      yum install zip
    4. Extract the installer using the following command:
      sudo gunzip ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh.gz
    5. Change the installation script permission with the following command: 
      chmod 755 FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh
    6. Run the following to execute the installation script:
      sudo ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh
    7. If another AV product is also installed on the machine, exclude AV exceptions by following the instructions in Exclusion paths.
    To install a non-customized FortiEDR Collector on Linux:
    1. Run the FortiEDR Collector installation file for 64-bit servers using the following command:
      • CentOS/RHEL/Oracle/AMI:

        sudo yum install ./FortiEDRCollectorInstaller_%Linux_distribution%-%version_number%.x86_64.rpm

        For example, sudo yum install ./FortiEDRCollectorInstaller_CentOS6-3.1.0-74.x86_64.rpm.

      • Ubuntu:

        sudo apt-get install ./FortiEDRCollectorInstaller_Ubuntu-%version_number%.deb

        For example, sudo apt-get install ./FortiEDRCollectorInstaller_Ubuntu-3.1.0-74.deb.

      • SUSE Linux:

        rpm --import RPM-GPG-KEY.key

        The FortiEDR PGP key is included in the download link of the pre-populated installer, see the Requesting and obtaining a Collector installer.

        zypper install FortiEDRCollectorInstaller_%distribution% -%version_number%.rpm

        For example: zypper install FortiEDRCollectorInstaller_openSUSE15-4.5.0-88.x86_64.rpm

    2. After the installation is completed, run the following:
      sudo /opt/FortiEDRCollector/scripts/fortiedrconfig.sh
    3. Specify the domain name/IP address and port (usually 8081) of the Aggregator that the Collector registers with.
      Note

      If you are installing the Linux Collector on an Aggregator, you cannot register the Collector with the same Aggregator that the Collector runs on. Register the Collector with another Aggregator instead.

    4. For a multi-tenant setup, enter the organization. Otherwise, leave the organization empty.
    5. Enter Collector Group information or leave empty to be registered to the default Collector Group.
    6. Enter the device registration password, described in Configuring the FortiEDR Central Manager server and console.
    7. At the Do you want to connect via proxy (Y/N)? prompt, type Y if your setup includes a web proxy.
    8. If you are installing the Linux Collector build 5.1.5.1062 or later on a machine with secure boot enabled, at the One or more modules are not signed. Would you like to sign them now? prompt, type Y to sign the unsigned kernel modules or N to leave them unsigned.

    9. If your software distribution system does not allow the addition of specific parameters to the command, you can use the custom FortiEDR Collector installer, which can be accessed via the Central Manager Console using the required DNS or IP address and password that is already embedded inside. For more details, see Requesting and obtaining a Collector installer.

    10. If another AV product is also installed on the machine, exclude AV exceptions by following the instructions in Exclusion paths.
    Previous
    Next

    Installing a FortiEDR Collector on Linux

    Installing a FortiEDR Collector on Linux

    To install a customized FortiEDR Collector on Linux:
    1. It is recommended to get a pre-populated customized Collector installer for Linux, as described in Requesting and obtaining a Collector installer.
    2. Copy the custom Linux Collector installer zip file, FortiEDRSilentInstall_5.1.0.195_envname_Tenant.zip to the device. This file was downloaded from the provided link as described in Requesting and obtaining a Collector installer.
    3. Unzip using the following command: 
      sudo unzip ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.zip

      If you don’t have zip software on the device, install it using:

      yum install zip
    4. Extract the installer using the following command:
      sudo gunzip ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh.gz
    5. Change the installation script permission with the following command: 
      chmod 755 FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh
    6. Run the following to execute the installation script:
      sudo ./FortiEDRSilentInstall_5.1.0.195_envname_Tenant.sh
    7. If another AV product is also installed on the machine, exclude AV exceptions by following the instructions in Exclusion paths.
    To install a non-customized FortiEDR Collector on Linux:
    1. Run the FortiEDR Collector installation file for 64-bit servers using the following command:
      • CentOS/RHEL/Oracle/AMI:

        sudo yum install ./FortiEDRCollectorInstaller_%Linux_distribution%-%version_number%.x86_64.rpm

        For example, sudo yum install ./FortiEDRCollectorInstaller_CentOS6-3.1.0-74.x86_64.rpm.

      • Ubuntu:

        sudo apt-get install ./FortiEDRCollectorInstaller_Ubuntu-%version_number%.deb

        For example, sudo apt-get install ./FortiEDRCollectorInstaller_Ubuntu-3.1.0-74.deb.

      • SUSE Linux:

        rpm --import RPM-GPG-KEY.key

        The FortiEDR PGP key is included in the download link of the pre-populated installer, see the Requesting and obtaining a Collector installer.

        zypper install FortiEDRCollectorInstaller_%distribution% -%version_number%.rpm

        For example: zypper install FortiEDRCollectorInstaller_openSUSE15-4.5.0-88.x86_64.rpm

    2. After the installation is completed, run the following:
      sudo /opt/FortiEDRCollector/scripts/fortiedrconfig.sh
    3. Specify the domain name/IP address and port (usually 8081) of the Aggregator that the Collector registers with.
      Note

      If you are installing the Linux Collector on an Aggregator, you cannot register the Collector with the same Aggregator that the Collector runs on. Register the Collector with another Aggregator instead.

    4. For a multi-tenant setup, enter the organization. Otherwise, leave the organization empty.
    5. Enter Collector Group information or leave empty to be registered to the default Collector Group.
    6. Enter the device registration password, described in Configuring the FortiEDR Central Manager server and console.
    7. At the Do you want to connect via proxy (Y/N)? prompt, type Y if your setup includes a web proxy.
    8. If you are installing the Linux Collector build 5.1.5.1062 or later on a machine with secure boot enabled, at the One or more modules are not signed. Would you like to sign them now? prompt, type Y to sign the unsigned kernel modules or N to leave them unsigned.

    9. If your software distribution system does not allow the addition of specific parameters to the command, you can use the custom FortiEDR Collector installer, which can be accessed via the Central Manager Console using the required DNS or IP address and password that is already embedded inside. For more details, see Requesting and obtaining a Collector installer.

    10. If another AV product is also installed on the machine, exclude AV exceptions by following the instructions in Exclusion paths.
    Previous
    Next