Fortinet black logo

User Guide

Home FortiMonitor 24.2.0 User Guide

Windows Agent auto-update

24.2.0
24.2.0
Copy Link
Copy Doc ID af1daa65-c273-11ec-9fd1-fa163e15d75b:152328
Download PDF

Windows Agent Auto-update

Enabling the Windows Agent Auto-update feature allows the Agent to periodically check and install new versions for itself. For large deployments, the feature will nullify the need to update each of your Windows servers manually. Enabling the feature once will ensure that all of your Windows Agents are up to date.

Installation issues are handled by the Agent gracefully. If an error occurs, a log file will be created with the error details. The Agent will also rollback, if needed, to its last working version.

Note: There will be a gap of a couple of minutes in data collection while the Agent restarts after the update.

New Windows instances

Oneliner

To enable the Auto-update feature during Agent installation, perform the following steps:

Note: If you are installing the Agent for the first time, see Install the FortiMonitor Agent.

  1. From the navigation menu, click Add.

  2. Select Windows.

  3. Under the Quick Install Instructions tab, copy the generated command.

  4. Add the -autoupdate flag to the command then run it on a PowerShell console. For example:

Invoke-WebRequest https://repo.fortimonitor.com/install/win/fortimonitor_agent_windows.ps1 -OutFile fortimonitor_agent_windows.ps1; .\fortimonitor_agent_windows.ps1 -customer_key xxxx-xxxx-xxxx-xxxx -countermeasures -autoupdate

After installation, the server will be added to FortiMonitor with its own server key and begin reporting metrics. The Agent will also periodically check for new versions and will update automatically.

Manifest file

The Agent manifest file is only used during the initial installation of the Agent. Subsequent changes must be made using the FortiMonitor Agent configuration file. This file can be found in the following directories:

Windows: \Program Files (x86)\FortimonitorAgent\Agent.config

For more information, see Use the FortiMonitor Agent manifest file.

To enable the Auto-update feature using the manifest file, perform the following steps:

1. Create or verify the presence of the manifest file in C:\FortiMonitorAgent.manifest. At the minimum it should contain the following payload:

[agent]

customer_key = xxxx-xxxx-xxxx-xxxx

where customer_key is your customer key. To obtain your customer key, click your avatar then select My Account.

2. Add the following values to the manifest file:

auto_update = true

The Agent will select a random time within 24 hours of its start up to check for a download; this should be logged in the Agent log.

After installation, the server will be added to FortiMonitor with its own server key and begin reporting metrics. The Agent will check for updates as scheduled and will update accordingly.

3. (Optional) To select a specific time for the agent to update (in local time), use the - scheduled_update HH:MM flag. This should be in military-time format; for example, 2:09 PM would be set as 14:09. The agent should query/attempt an update at this time.

Enable Auto-update in existing Agent installs

The Agent configuration file is used in place of the manifest file to enable the Auto-update feature on instances that are already in FortiMonitor. To enable the feature, perform the following steps.

  1. Make sure you have the latest version of the FortiMonitor Agent. To update the Agent, see this article.

  2. Open the Agent config file C:\Program Files (x86)\FortimonitorAgent\Agent.cfg.

  3. Add the following values to the <service> section of the Agent config file:

    <add key="AutoUpdate" value="true"/>

    <add key="ScheduledUpdate" value="HH:MM"/>

    where HH:MM is the time at which the update is to be run. For example, 21:05.

    The second value is optional. If it is not entered, the Agent will pick a schedule during start up.

    4. Restart the FortiMonitor Agent service.

    Note: You can restart the service by running the PowerShell command restart-service FortiMonitorAgent or by going to Windows Services and restarting the FortiMonitor Agent service.

    Logging

    Log file location

    The log files are in the following directory:

    C:\Program Files (x86)\FortiMonitorAgent\logs

    Update schedule

    To see when the Agent will check for updates, filter the Agent log file by UpdateVersion.

    For example:

    [2020-11-19 11:22:35,897] [Aggregator.Agent.Workers.UpdateVersionWorker] [INFO] [76] - Next timer fire expected 11/20/2020 11:22 AM

    Installation logs

    If the installation fails, an installation log file will be created in the directory where you ran the MSI file for the Agent. Look for the FortiMonitorAgentSetup.log file to check for errors.

Previous
Next

Windows Agent Auto-update

Enabling the Windows Agent Auto-update feature allows the Agent to periodically check and install new versions for itself. For large deployments, the feature will nullify the need to update each of your Windows servers manually. Enabling the feature once will ensure that all of your Windows Agents are up to date.

Installation issues are handled by the Agent gracefully. If an error occurs, a log file will be created with the error details. The Agent will also rollback, if needed, to its last working version.

Note: There will be a gap of a couple of minutes in data collection while the Agent restarts after the update.

New Windows instances

Oneliner

To enable the Auto-update feature during Agent installation, perform the following steps:

Note: If you are installing the Agent for the first time, see Install the FortiMonitor Agent.

  1. From the navigation menu, click Add.

  2. Select Windows.

  3. Under the Quick Install Instructions tab, copy the generated command.

  4. Add the -autoupdate flag to the command then run it on a PowerShell console. For example:

Invoke-WebRequest https://repo.fortimonitor.com/install/win/fortimonitor_agent_windows.ps1 -OutFile fortimonitor_agent_windows.ps1; .\fortimonitor_agent_windows.ps1 -customer_key xxxx-xxxx-xxxx-xxxx -countermeasures -autoupdate

After installation, the server will be added to FortiMonitor with its own server key and begin reporting metrics. The Agent will also periodically check for new versions and will update automatically.

Manifest file

The Agent manifest file is only used during the initial installation of the Agent. Subsequent changes must be made using the FortiMonitor Agent configuration file. This file can be found in the following directories:

Windows: \Program Files (x86)\FortimonitorAgent\Agent.config

For more information, see Use the FortiMonitor Agent manifest file.

To enable the Auto-update feature using the manifest file, perform the following steps:

1. Create or verify the presence of the manifest file in C:\FortiMonitorAgent.manifest. At the minimum it should contain the following payload:

[agent]

customer_key = xxxx-xxxx-xxxx-xxxx

where customer_key is your customer key. To obtain your customer key, click your avatar then select My Account.

2. Add the following values to the manifest file:

auto_update = true

The Agent will select a random time within 24 hours of its start up to check for a download; this should be logged in the Agent log.

After installation, the server will be added to FortiMonitor with its own server key and begin reporting metrics. The Agent will check for updates as scheduled and will update accordingly.

3. (Optional) To select a specific time for the agent to update (in local time), use the - scheduled_update HH:MM flag. This should be in military-time format; for example, 2:09 PM would be set as 14:09. The agent should query/attempt an update at this time.

Enable Auto-update in existing Agent installs

The Agent configuration file is used in place of the manifest file to enable the Auto-update feature on instances that are already in FortiMonitor. To enable the feature, perform the following steps.

  1. Make sure you have the latest version of the FortiMonitor Agent. To update the Agent, see this article.

  2. Open the Agent config file C:\Program Files (x86)\FortimonitorAgent\Agent.cfg.

  3. Add the following values to the <service> section of the Agent config file:

    <add key="AutoUpdate" value="true"/>

    <add key="ScheduledUpdate" value="HH:MM"/>

    where HH:MM is the time at which the update is to be run. For example, 21:05.

    The second value is optional. If it is not entered, the Agent will pick a schedule during start up.

    4. Restart the FortiMonitor Agent service.

    Note: You can restart the service by running the PowerShell command restart-service FortiMonitorAgent or by going to Windows Services and restarting the FortiMonitor Agent service.

    Logging

    Log file location

    The log files are in the following directory:

    C:\Program Files (x86)\FortiMonitorAgent\logs

    Update schedule

    To see when the Agent will check for updates, filter the Agent log file by UpdateVersion.

    For example:

    [2020-11-19 11:22:35,897] [Aggregator.Agent.Workers.UpdateVersionWorker] [INFO] [76] - Next timer fire expected 11/20/2020 11:22 AM

    Installation logs

    If the installation fails, an installation log file will be created in the directory where you ran the MSI file for the Agent. Look for the FortiMonitorAgentSetup.log file to check for errors.

Previous
Next