This chapter describes how to install the FortiSIEM Alibaba Cloud Supervisor-Worker.
- Step 1: Download the Alibaba Package
- Step 2: Upload to Alibaba Cloud
- Step 3: Create the Image from the Uploaded File
- Step 4: Create an Instance from the Created Image
- Step 5: Start and Configure FortiSIEM
- Step 6: Upload the FortiSIEM License on Supervisor
- Step 7: Choose FortiSIEM Event Database Storage
- Step 8: (Optional) Install Workers and Add to Supervisor Node
Download the Alibaba Cloud Super/Worker package from the Fortinet Support website: https://support.fortinet.com. See "Downloading FortiSIEM Products" for more information on downloading products from the support website. The name of the Super-Worker download is
Create a bucket:
Log in to the OSS Console with your Alibaba cloud credentials: https://oss.console.aliyun.com/
Create a bucket with a name of your choice.
- Download the command line client installation package based on your operating system from this URL.
Run the corresponding binary file for your operating system.
- Install the command line client
Note: The commands illustrated in this section assume you are using the command line client for the 64-bit macOS platform.
- Download the
curl -o ossutilmac64 http://gosspublic.alicdn.com/ossutil/1.6.7/ossutilmac64
- Modify the file execution permissions:
chmod 755 ossutilmac64
- Generate the configuration file. For more information about the parameters, see the
configuration parameters described in the preceding Linux section.
This command generates a configuration file to store configuration information. Enter the path of the configuration file. The default path is
/home/user/.ossutilconfig. If you press Enter without specifying a path, the file is generated in the default path. If you want to generate the file in another path, set the
--config-fileoption to the path.
If the path of the configuration file is not specified, the default path
/home/user/.ossutilconfigis used. The following parameters are ignored if you press Enter without configuring them. For more information about the parameters, run the
Enter the endpoint:
Enter the AccessKey ID: your AccessKey ID
Enter the AccessKey Secret: your AccessKey Secret
Enter the STS token: (required only when you use a temporary STS token to access the OSS bucket. Otherwise, you can leave this parameter unspecified)
- Download the
- Upload the package to the Alibaba bucket:
Upload a single file:
$./ossutilmac64 cp file oss://bucketName/FileName
Upload a folder:
$./ossutilmac64 cp -r dir oss://bucketName/FolderName
The package in the bucket will look like this:
Get the OSS link:
Log in to the Alibaba Cloud Web UI (Web interface).
Select the uploaded file: File> Preview.
Copy the file's URL.
Log in to the Alibaba Cloud Web UI.
Navigate to the ECS ( Elastic Computing Service).
Click the Images tab.
Select Custom Images under SnapShot and Images in the left-hand pane.
Click Import Image on the top right of the Images screen.
Enter the OSS object Address of
system.qcow2that you copied in Step 2: "Upload to Alibaba Cloud", Sub-step 5: "Get the OSS link".
Select Add Data Disk Image, import the
cmdb.qcow2, and then import the
Wait until the image is created.
Select the image you created from the table on the Images tab in the Web UI.
Click Create Instance in the lower-right side of the Images tab. Enter all of the required details, such as VPC, Security Groups, Elastic IP keypair, and so on, similar to Amazon AWS.
|Do not press any control keys (for example - Ctrl-C or Ctrl-Z) while configuring the virtual appliances, as this may cause the installation process to stop. If this happens, you must erase the virtual appliance and start the installation process again.|
Run the script
/opt/vmware/share/vami/vami_set_timezoneto set the time zone.
Run the script
/opt/vmware/share/vami/vami_config_netto configure the network.
You must keep all the default values except host name.
Based on your network type, enter one of the options below:
1 for IPv6 Network Only
- When prompted, enter the information for these IPv6 network components to configure the Static IPv6 address: IPv6 Address, IPv6 Prefix, IPv6 Gateway, and IPv6 DNS Server(s).
2 for IPv4 Network Only
- When prompted, enter the information for these IPv4 network components to configure the Static IPv4 address: IPv4 Address, IPv4 Netmask, IPv4 Gateway, and IPv4 DNS Server(s).
3 for Both Networks
- When prompted, enter the information for these IPv6 network components to configure the Static IPv6 address: IPv6 Address, IPv6 Prefix, IPv6 Gateway, IPv6 DNS Server(s).
- Follow Step 5 below to turn off the proxy server and continue with step c.
- When prompted, enter the information for these IPv4 network components to configure the Static IPv4 address: IPv4 Address, IPv4 Prefix, IPv4 Gateway, IPv4 DNS Server(s).
- 1 for IPv6 Network Only
Enter n. Note: The authenticated proxy server is not supported in this version of FortiSIEM. You must turn off the proxy server authentication or completely disable the proxy for the AWS host.
Enter y to accept the network configuration settings.
For Supervisor and Worker: You will be prompted to choose Supervisor [s] or Worker [w].
For Supervisor, the system will initialize the PostGreSQL database which will take around 20 minutes and then reboot the system. A few minutes after reboot, the system GUI will be ready to upload license and configure the Event Database Storage option.
For a Worker node, the system will reboot quickly and a few minutes after reboot, it will be ready to be added as a Worker from the Supervisor GUI.
For Collector, the system will reboot and after a few minutes it will be ready.
You will now be asked to input a license.
Click Browse and upload the license file.
Make sure that the 'Hardware ID' shown in the License Upload page matches the license.
For User ID and Password, choose any 'Full Admin' credentials.
For the first time, install by choosing user as 'admin' and password as 'admin*1'
Choose License type as 'Enterprise' or 'Service Provider'.
This option is available only on first install. Once the database is configured, this option will not be available.
For fresh installation, you will be taken to the Event Database Storage page. Based on Step-6, you will be asked to choose between Local Disk, NFS or Elasticsearch options.
For more details, see here.
Add the Worker node to the Supervisor by visiting ADMIN > License > Nodes > Add.
See ADMIN > Health > Cloud Health to ensure that the Workers are up, healthy and properly added to the system.