Fortinet black logo

User Guide

Part 2: Monitoring

24.1.0
Copy Link
Copy Doc ID af1daa65-c273-11ec-9fd1-fa163e15d75b:250442
Download PDF

Part 2: Monitoring

This article describes the different methods you can use to apply monitoring to your servers in FortiMonitor. Review each method in the following list to determine the best option for your environment.

Monitoring types

Application monitoring - Monitor system and application metrics.

External monitoring - Monitor instances from public checker nodes, such as HTTP, Ping, Multi-step checks, etc. The OnSight vCollector can also perform the same checks as FortiMonitor's public nodes, but in this case, for instances in your private network.

Network device monitoring (SNMP) - Collect SNMP metrics for network devices and other hardware that use the SNMP protocol.

Basic methods

Apply monitoring manually

This method allows you to apply monitoring to an existing server or instance. This method is best used if you only want to apply monitoring to a few existing instances. After selecting the services or application that you want to be monitored, you can configure the metrics on the following screen based on your requirements.

For more information, see Add monitoring to an existing server.

You can also apply a template to any instance that you create manually. One of the steps is to choose a template to apply to the new instance. Any configuration on the template will be applied to the server upon the creation of the instance.

Apply monitoring during the installation of FortiMonitor Agent

Installing the FortiMonitor Agent on a server will automatically add the server to your FortiMonitor account. You have the option to add network checks (HTTP/HTTPs/Ping, etc.) and Agent metrics (CPU, Memory, Disk) to your servers during the installation of the FortiMonitor Agent.

To install the FortiMonitor Agent to a server:

  1. Click Add from the navigation menu.

  2. From the Infrastructure section of the catalog, you can choose where to install the Agent.

See Install the FortiMonitor Agent for more information on how to install the FortiMonitor Agent and apply monitoring.

Apply templates manually (API or UI)

You can use this method If you have a large infrastructure and want to apply the same monitoring to a group of related servers or instances. You can apply a template manually from the Instance Details page by selecting Apply Template.

Select the template that you want to apply to the server then click Apply Template.

Any monitoring or metrics configuration on the template will be applied to the selected server. For a detailed procedure on how to apply server templates, see Apply server templates.

Create server templates

You can also build a template from scratch or clone an existing server into a reusable template. If you’re backing into using templates after your initial setup and already have monitoring in place, the templates will automatically match metrics which are of the same type to avoid any duplication. FortiMonitor also allows you to create your own template. You can create templates by following the steps detailed in Templates.

Templates can also be applied manually by utilizing FortiMonitor's API. For more information, see API keys.

Advanced methods

Monitoring policy framework

In large-scale deployments, applying monitoring to servers manually can be time-consuming and may be prone to errors. Monitoring policies allow you to manage your monitoring configuration from a central location using a workflow-like interface. This method provides a level of automation that can both save time and avoid errors due to human intervention.

The Monitoring Policies Workflow is a series of transformations (policies) that are applied to your instances as they are added to FortiMonitor. The policies can and usually include a condition - e.g. if Apache is on the instance - and an outcome - apply a template, add a tag, etc. The policy conditions can be either a collection of OR or AND predicate, forming a basic IF...THEN statement. The policies are executed sequentially and will override any settings that were previously set. FortiMonitor also provides a few default policies that you can utilize or use as a basis for your own custom policies.

For more information, see Monitoring policies.

Apply default templates to a group

You can apply a default group template to a group of servers by selecting the group from the Instances drawer then clicking Edit on the Instance page. You can now edit the group to apply a default template. For example, if you want to apply monitoring to a group of Linux servers, you can choose the Linux server template and all configured monitoring and metrics will be applied to the group of servers. Any servers added to the group will automatically have this template applied to those servers as well.

For more information, see Use default group templates.

Use the FortiMonitor Agent manifest file

If you have a large infrastructure, using the FortiMonitor Agent manifest file allows you to streamline the configuration of your servers in FortiMonitor. You can use the manifest file to set configuration values and have the FortiMonitor Agent add the server with its preconfigured values to FortiMonitor. For more information on how to use the FortiMonitor Agent manifest file, see Use the FortiMonitor Agent manifest file.

You need to install the FortiMonitor Agent to use this method.

Example manifest file

[agent]
customer_key = afsdyngoaeppmfqefa
server_key = ashe-pokf-bfhb-eabn
aggregator_url = myappliance.localsite.com
server_group = 3467
fqdn = www.panopta.com
server_name = Panopta
interface_mapping = private:10.100.100.2,private2:10.100.100.13
templates = 8
tags = tag, anothertag, anotherone
partner_server_ID = 828765
disable_server_match = true
custom_plugin_url = https://s3.amazonaws.com/custom-panopta-plugins/my-custom-plugins.zip
enable_countermeasures = true
countermeasures_remote_plugins = https://s3.amazonaws.com/some-s3-bucket/custom-plugins.zip
countermeasures_refresh_plugins = 6

See Parameters for a detailed description of each parameter.

Part 2: Monitoring

This article describes the different methods you can use to apply monitoring to your servers in FortiMonitor. Review each method in the following list to determine the best option for your environment.

Monitoring types

Application monitoring - Monitor system and application metrics.

External monitoring - Monitor instances from public checker nodes, such as HTTP, Ping, Multi-step checks, etc. The OnSight vCollector can also perform the same checks as FortiMonitor's public nodes, but in this case, for instances in your private network.

Network device monitoring (SNMP) - Collect SNMP metrics for network devices and other hardware that use the SNMP protocol.

Basic methods

Apply monitoring manually

This method allows you to apply monitoring to an existing server or instance. This method is best used if you only want to apply monitoring to a few existing instances. After selecting the services or application that you want to be monitored, you can configure the metrics on the following screen based on your requirements.

For more information, see Add monitoring to an existing server.

You can also apply a template to any instance that you create manually. One of the steps is to choose a template to apply to the new instance. Any configuration on the template will be applied to the server upon the creation of the instance.

Apply monitoring during the installation of FortiMonitor Agent

Installing the FortiMonitor Agent on a server will automatically add the server to your FortiMonitor account. You have the option to add network checks (HTTP/HTTPs/Ping, etc.) and Agent metrics (CPU, Memory, Disk) to your servers during the installation of the FortiMonitor Agent.

To install the FortiMonitor Agent to a server:

  1. Click Add from the navigation menu.

  2. From the Infrastructure section of the catalog, you can choose where to install the Agent.

See Install the FortiMonitor Agent for more information on how to install the FortiMonitor Agent and apply monitoring.

Apply templates manually (API or UI)

You can use this method If you have a large infrastructure and want to apply the same monitoring to a group of related servers or instances. You can apply a template manually from the Instance Details page by selecting Apply Template.

Select the template that you want to apply to the server then click Apply Template.

Any monitoring or metrics configuration on the template will be applied to the selected server. For a detailed procedure on how to apply server templates, see Apply server templates.

Create server templates

You can also build a template from scratch or clone an existing server into a reusable template. If you’re backing into using templates after your initial setup and already have monitoring in place, the templates will automatically match metrics which are of the same type to avoid any duplication. FortiMonitor also allows you to create your own template. You can create templates by following the steps detailed in Templates.

Templates can also be applied manually by utilizing FortiMonitor's API. For more information, see API keys.

Advanced methods

Monitoring policy framework

In large-scale deployments, applying monitoring to servers manually can be time-consuming and may be prone to errors. Monitoring policies allow you to manage your monitoring configuration from a central location using a workflow-like interface. This method provides a level of automation that can both save time and avoid errors due to human intervention.

The Monitoring Policies Workflow is a series of transformations (policies) that are applied to your instances as they are added to FortiMonitor. The policies can and usually include a condition - e.g. if Apache is on the instance - and an outcome - apply a template, add a tag, etc. The policy conditions can be either a collection of OR or AND predicate, forming a basic IF...THEN statement. The policies are executed sequentially and will override any settings that were previously set. FortiMonitor also provides a few default policies that you can utilize or use as a basis for your own custom policies.

For more information, see Monitoring policies.

Apply default templates to a group

You can apply a default group template to a group of servers by selecting the group from the Instances drawer then clicking Edit on the Instance page. You can now edit the group to apply a default template. For example, if you want to apply monitoring to a group of Linux servers, you can choose the Linux server template and all configured monitoring and metrics will be applied to the group of servers. Any servers added to the group will automatically have this template applied to those servers as well.

For more information, see Use default group templates.

Use the FortiMonitor Agent manifest file

If you have a large infrastructure, using the FortiMonitor Agent manifest file allows you to streamline the configuration of your servers in FortiMonitor. You can use the manifest file to set configuration values and have the FortiMonitor Agent add the server with its preconfigured values to FortiMonitor. For more information on how to use the FortiMonitor Agent manifest file, see Use the FortiMonitor Agent manifest file.

You need to install the FortiMonitor Agent to use this method.

Example manifest file

[agent]
customer_key = afsdyngoaeppmfqefa
server_key = ashe-pokf-bfhb-eabn
aggregator_url = myappliance.localsite.com
server_group = 3467
fqdn = www.panopta.com
server_name = Panopta
interface_mapping = private:10.100.100.2,private2:10.100.100.13
templates = 8
tags = tag, anothertag, anotherone
partner_server_ID = 828765
disable_server_match = true
custom_plugin_url = https://s3.amazonaws.com/custom-panopta-plugins/my-custom-plugins.zip
enable_countermeasures = true
countermeasures_remote_plugins = https://s3.amazonaws.com/some-s3-bucket/custom-plugins.zip
countermeasures_refresh_plugins = 6

See Parameters for a detailed description of each parameter.