Installing Alibaba Cloud Supervisor-Worker
This chapter describes how to install the FortiSIEM Alibaba Cloud Supervisor-Worker.
- Step 1: Download the Alibaba Package
- Step 2: Upload to Alibaba Cloud
- Step 3: Create the Image from the Uploaded File
- Step 4: Create an Instance from the Created Image
- Step 5: Start and Configure FortiSIEM
- Step 6: Upload the FortiSIEM License on Supervisor
- Step 7: Choose FortiSIEM Event Database Storage
- Step 8: (Optional) Install Workers and Add to Supervisor Node
Step 1: Download the Alibaba Package
Download the Alibaba Cloud Super/Worker package from the Fortinet Support website: https://support.fortinet.com. See "Downloading FortiSIEM Products" for more information on downloading products from the support website. The name of the Super-Worker download is FSM_Full_Super-Worker_AlibabaCloud_5.2.5_build1615.zip
.
Step 2: Upload to Alibaba Cloud
-
Create a bucket:
Log in to the OSS Console with your Alibaba cloud credentials: https://oss.console.aliyun.com/
Create a bucket with a name of your choice.
- Download the command line client installation package based on your operating system from this URL.
https://www.alibabacloud.com/help/doc-detail/120075.htm?spm=a2c63.p38356.879954.7.49a865d0gY29c1#concept-303829
-
Run the corresponding binary file for your operating system.
- Install the command line client
ossutil
.
Note: The commands illustrated in this section assume you are using the command line client for the 64-bit macOS platform.- Download the
ossutil
installation package.curl -o ossutilmac64 http://gosspublic.alicdn.com/ossutil/1.6.7/ossutilmac64
- Modify the file execution permissions:
chmod 755 ossutilmac64
- Generate the configuration file. For more information about the parameters, see the
configuration parameters described in the preceding Linux section.
./ossutilmac64 config
This command generates a configuration file to store configuration information. Enter the path of the configuration file. The default path is
/home/user/.ossutilconfig
. If you press Enter without specifying a path, the file is generated in the default path. If you want to generate the file in another path, set the--config-file
option to the path.If the path of the configuration file is not specified, the default path
/home/user/.ossutilconfig
is used. The following parameters are ignored if you press Enter without configuring them. For more information about the parameters, run thehelp config
command.Enter the endpoint:
http://xxxx.aliyuncs.com
Enter the AccessKey ID: your AccessKey ID
Enter the AccessKey Secret: your AccessKey Secret
Enter the STS token: (required only when you use a temporary STS token to access the OSS bucket. Otherwise, you can leave this parameter unspecified)
- Download the
- Upload the package to the Alibaba bucket:
Upload a single file:
$./ossutilmac64 cp file oss://bucketName/FileName
Upload a folder:
$./ossutilmac64 cp -r dir oss://bucketName/FolderName
The package in the bucket will look like this:
-
Get the OSS link:
Log in to the Alibaba Cloud Web UI (Web interface).
Select the uploaded file: File> Preview.
Copy the file's URL.
Step 3: Create the Image from the Uploaded File
-
Log in to the Alibaba Cloud Web UI.
-
Navigate to the ECS ( Elastic Computing Service).
-
Click the Images tab.
-
Select Custom Images under SnapShot and Images in the left-hand pane.
-
Click Import Image on the top right of the Images screen.
-
Enter the OSS object Address of
system.qcow2
that you copied in Step 2: "Upload to Alibaba Cloud", Sub-step 5: "Get the OSS link". -
Select Add Data Disk Image, import the
cmdb.qcow2
, and then import thesvn.qcow2
. -
Click OK.
-
Wait until the image is created.
Step 4: Create an Instance from the Created Image
-
Select the image you created from the table on the Images tab in the Web UI.
-
Click Create Instance in the lower-right side of the Images tab. Enter all of the required details, such as VPC, Security Groups, Elastic IP keypair, and so on, similar to Amazon AWS.
Step 5: Start and Configure FortiSIEM
Do not press any control keys (for example - Ctrl-C or Ctrl-Z) while configuring the virtual appliances, as this may cause the installation process to stop. If this happens, you must erase the virtual appliance and start the installation process again. |
-
SSH into Supervisor console using the keys you created in Step 2: Upload to Alibaba Cloud.
For details about connecting to the instance, see here. -
Run the script
/opt/vmware/share/vami/vami_set_timezone
to set the time zone. -
Run the script
/opt/vmware/share/vami/vami_config_net
to configure the network.
You must keep all the default values except host name. -
Based on your network type, enter one of the options below:
-
1 for IPv6 Network Only
- When prompted, enter the information for these IPv6 network components to configure the Static IPv6 address: IPv6 Address, IPv6 Prefix, IPv6 Gateway, and IPv6 DNS Server(s).
-
2 for IPv4 Network Only
- When prompted, enter the information for these IPv4 network components to configure the Static IPv4 address: IPv4 Address, IPv4 Netmask, IPv4 Gateway, and IPv4 DNS Server(s).
-
3 for Both Networks
- When prompted, enter the information for these IPv6 network components to configure the Static IPv6 address: IPv6 Address, IPv6 Prefix, IPv6 Gateway, IPv6 DNS Server(s).
- Follow Step 5 below to turn off the proxy server and continue with step c.
- When prompted, enter the information for these IPv4 network components to configure the Static IPv4 address: IPv4 Address, IPv4 Prefix, IPv4 Gateway, IPv4 DNS Server(s).
-
1 for IPv6 Network Only
-
Enter n. Note: The authenticated proxy server is not supported in this version of FortiSIEM. You must turn off the proxy server authentication or completely disable the proxy for the AWS host.
-
Enter y to accept the network configuration settings.
-
For Supervisor and Worker: You will be prompted to choose Supervisor [s] or Worker [w].
Choose accordingly:For Supervisor, the system will initialize the PostGreSQL database which will take around 20 minutes and then reboot the system. A few minutes after reboot, the system GUI will be ready to upload license and configure the Event Database Storage option.
For a Worker node, the system will reboot quickly and a few minutes after reboot, it will be ready to be added as a Worker from the Supervisor GUI.
-
For Collector, the system will reboot and after a few minutes it will be ready.
Step 6: Upload the FortiSIEM License on Supervisor
You will now be asked to input a license.
-
Click Browse and upload the license file.
Make sure that the 'Hardware ID' shown in the License Upload page matches the license. -
For User ID and Password, choose any 'Full Admin' credentials.
For the first time, install by choosing user as 'admin' and password as 'admin*1' -
Choose License type as 'Enterprise' or 'Service Provider'.
This option is available only on first install. Once the database is configured, this option will not be available.
Step 7: Choose FortiSIEM Event Database Storage
For fresh installation, you will be taken to the Event Database Storage page. Based on Step-6, you will be asked to choose between Local Disk, NFS or Elasticsearch options.
For more details, see here.
Step 8: (Optional) Install Workers and Add to Supervisor Node
-
Add the Worker node to the Supervisor by visiting ADMIN > License > Nodes > Add.
-
See ADMIN > Health > Cloud Health to ensure that the Workers are up, healthy and properly added to the system.