Fortinet black logo

Version:

23.2.0

Table of Contents

User Guide

23.2.0
23.2.0

OnSight vCollector

The OnSight vCollector is a lightweight appliance that functions similarly to our public monitoring nodes, which runs uptime checks and synthetic monitoring against your publicly available servers and web endpoints. However, the OnSight vCollector sits within your private network and monitors resources that are not publicly exposed. The OnSight can run uptime and synthetic checks on your private infrastructure, monitoring things like RDP, database connectivity, and port availability.

The OnSight can also function as a proxy for servers that have the Server Agent installed but have no outbound connectivity. Also, the OnSight can monitor network devices, storage arrays, VMWare clusters, and private network-managed cloud resources such as RDS and DynamoDB.

The OnSight is a collection of Docker containers that provide the necessary services. During the installation of the OnSight, if Docker is not found on the target machine it will automatically be installed.

System requirements

OS requirements

The OnSight vCollector supports the following Linux distributions:

  • Debian 9 and 10

  • Ubuntu Server 18.04 LTS, 20.04 LTS, and 22.04 LTS

  • Redhat Enterprise 7.x, 8-8.3, and 9

  • CentOS 7.x and 8-8.2

  • Oracle Enterprise Linux 7.0

  • Amazon Linux 2 and 2018.03

Please note that podman should not be installed on the OS. We only use Docker currently. The installation process will install it if it is not found.

The docker SNAP package requires additional configuration that may be environment dependent. We currently only support the docker.io package installation. If the SNAP version was installed during installation, you should remove it and install the docker.io package using your package manager.

Resource requirements

These are the minimum resources required to install the OnSight.

  • Processor: 4 cores

  • Memory: 8 GB

  • Hard disk space: 50 GB

Note: You can use the SMALL=1 parameter to install the OnSight to machines that only have 2 cores and 4 GB of memory. This can be used for deployments with less than 1000 metrics. Command example:

curl -fsSL https://packages.panopta.com/install/onsight/onsight-install.sh > onsight-install.sh && SMALL=1 bash onsight-install.sh <CUSTOMER KEY>

For larger deployments involving a significant number of network devices or advanced synthetic checks, please contact our support team to help determine the resource requirements for your environment.

Network connectivity requirements

The host machine must have outbound access to the following:

Port

Destination

Used for

443

rx.us01.fortimonitor.com

aggregator2.panopta.com

aggregator2-secondary.panopta.com

Primary and fail-over communication with the FortiMonitor cloud

443, 80

repo.fortimonitor.com

OnSight software updates

443

hub.docker.com

OnSight software updates

443

download.docker.com

get.docker.com

*.docker.io

Docker download and installation

The host machine must have inbound access to the following ports allowed:

Port

Protocol

Usage

22

TCP

Used to SSH into host

8443

TCP

Used to configure the OnSight as a proxy for agents

162

UDP

Used for SNMP Trap receipt

444

TCP

Used for NCM console

Deployment methods

Note: Configuring the OnSight to use an HTTP proxy is only supported in OnSight version 2020.67 and lower.

Installation Method

Best for

One-liner installer

You're comfortable operating in a Linux environment
You have a specific server image you want to conform to
You have an available Linux VM

AWS AMI

You're deploying the OnSight in an AWS environment
You're looking for the simplest cloud deployment method

Virtual image

You prefer a "black box" deployment
You have the available resources to allocate to a VM
You'd like to deploy on the HyperVisor of your choosing
Previous
Next

OnSight vCollector

The OnSight vCollector is a lightweight appliance that functions similarly to our public monitoring nodes, which runs uptime checks and synthetic monitoring against your publicly available servers and web endpoints. However, the OnSight vCollector sits within your private network and monitors resources that are not publicly exposed. The OnSight can run uptime and synthetic checks on your private infrastructure, monitoring things like RDP, database connectivity, and port availability.

The OnSight can also function as a proxy for servers that have the Server Agent installed but have no outbound connectivity. Also, the OnSight can monitor network devices, storage arrays, VMWare clusters, and private network-managed cloud resources such as RDS and DynamoDB.

The OnSight is a collection of Docker containers that provide the necessary services. During the installation of the OnSight, if Docker is not found on the target machine it will automatically be installed.

System requirements

OS requirements

The OnSight vCollector supports the following Linux distributions:

  • Debian 9 and 10

  • Ubuntu Server 18.04 LTS, 20.04 LTS, and 22.04 LTS

  • Redhat Enterprise 7.x, 8-8.3, and 9

  • CentOS 7.x and 8-8.2

  • Oracle Enterprise Linux 7.0

  • Amazon Linux 2 and 2018.03

Please note that podman should not be installed on the OS. We only use Docker currently. The installation process will install it if it is not found.

The docker SNAP package requires additional configuration that may be environment dependent. We currently only support the docker.io package installation. If the SNAP version was installed during installation, you should remove it and install the docker.io package using your package manager.

Resource requirements

These are the minimum resources required to install the OnSight.

  • Processor: 4 cores

  • Memory: 8 GB

  • Hard disk space: 50 GB

Note: You can use the SMALL=1 parameter to install the OnSight to machines that only have 2 cores and 4 GB of memory. This can be used for deployments with less than 1000 metrics. Command example:

curl -fsSL https://packages.panopta.com/install/onsight/onsight-install.sh > onsight-install.sh && SMALL=1 bash onsight-install.sh <CUSTOMER KEY>

For larger deployments involving a significant number of network devices or advanced synthetic checks, please contact our support team to help determine the resource requirements for your environment.

Network connectivity requirements

The host machine must have outbound access to the following:

Port

Destination

Used for

443

rx.us01.fortimonitor.com

aggregator2.panopta.com

aggregator2-secondary.panopta.com

Primary and fail-over communication with the FortiMonitor cloud

443, 80

repo.fortimonitor.com

OnSight software updates

443

hub.docker.com

OnSight software updates

443

download.docker.com

get.docker.com

*.docker.io

Docker download and installation

The host machine must have inbound access to the following ports allowed:

Port

Protocol

Usage

22

TCP

Used to SSH into host

8443

TCP

Used to configure the OnSight as a proxy for agents

162

UDP

Used for SNMP Trap receipt

444

TCP

Used for NCM console

Deployment methods

Note: Configuring the OnSight to use an HTTP proxy is only supported in OnSight version 2020.67 and lower.

Installation Method

Best for

One-liner installer

You're comfortable operating in a Linux environment
You have a specific server image you want to conform to
You have an available Linux VM

AWS AMI

You're deploying the OnSight in an AWS environment
You're looking for the simplest cloud deployment method

Virtual image

You prefer a "black box" deployment
You have the available resources to allocate to a VM
You'd like to deploy on the HyperVisor of your choosing
Previous
Next