Fortinet Document Library

Version:

Version:

Version:

Version:

Version:


Table of Contents

Migrating from Pre-6.1.2 to 6.1.2

This section describes how upgrade the 500F Collector appliance from any older FortiSIEM version to 6.1.2. FortiSIEM performs migration in-place, via a bootloader. There is no need to create a new image or copy disks. The bootloader shell contains the new version of FortiSIEM.

Pre-Migration Checklist

To perform the migration, the following prerequisites must be met:

  1. Make sure your system can connect to the Internet.
  2. Make sure the /opt directory # mount /dev/mapper/FSIEM500F-phx_opt disk exists.
  3. Log in to your FSM as root and run the following commands:

    # mkdir -p /opt/images

    # ln -s /opt/images /images

  4. Go to the /images directory. Download the 6.1.2 hardware image from the support site, then unzip it. For example:

    # unzip_FSM_Full_All_RAW_HARDWARE_6.1.2_0119.

  5. Create a soft link to images, for example:

    # ln -sf /images/FortiSIEM-RAW-Hardware-6.1.2.0119.img /images/latest

Migrate Collector Installation

Download the Bootloader

Install and configure the FortiSIEM bootloader to start migration. Follow these steps:

  1. Download the bootloader FSM_Bootloader_6.1.2_build0119.zip from the support site and copy it to the /images directory.
  2. Unzip the file, for example:

    # unzip FSM_Bootloader_6.1.2_build0119.zip

Prepare the Bootloader

Follow these steps to run the prepare_bootloader script:

  1. Go to the bootloader directory, for example:

    # cd /images/FSM_Bootloader_6.1.2_build0119

  2. Run the prepare_bootloader script to install and configure the bootloader. This script installs, configures, and reboots the system. The script may take a few minutes to complete.

    # sh prepare_bootloader

  3. The script will open the FortiSIEM bootloader shell.

    Note: you might have to reboot the system manually if auto-reboot does not work.

  4. In the FortiSIEM bootloader shell, choose FortiSIEM Boot Loader. Press Return.

Load the FortiSIEM 6.1.2 Image

Follow these steps to load the FortiSIEM image:

  1. Log in to the bootloader shell as user root with password ProspectHills.

  2. Mount the /opt directory:
    1. Mount the /opt directory, for example:

      # mount /dev/mapper/FSIEM500F-phx_opt /opt

    2. Create a symbolic link to images from opt:

      # ln -sf /opt/images /images

    3. Change to the /images directory, for example:

      # cd /images

    4. Run the ll command to check disk usage.

      # ll

      These steps are illustrated in the following screen shot.

  3. Run the load_image script to swipe the old image with the new image, for example:
    1. Change to the root directory and check the contents, for example:

      # cd /

      # ll

    2. Run the load_image script, for example:

      # sh load_image

    3. Press Return again when the load_image script finishes.
    4. Reboot your system manually if it does not do so automatically.

Migrate to FortiSIEM 6.1.2

Follow these steps to complete the migration process:

  1. Log in to the bootloader shell as user root with password ProspectHills. You will immediately be asked to change your password.
  2. Create and mount the /images directory from /opt:
    1. Change directory to root, for example:

      # cd /

    2. Mount the opt directory, for example:

      # mount /dev/mapper/FSIEM500F-phx_opt /opt

    3. Create images directory under /:

      # mkdir -p /images

    4. Copy backup files to /images directory from /opt/images directory:

      # cd /opt/images

      # cp -far fsm_53_phoenix.xz VERSION phoenix_config.txt passwds network_params.json .fortisiem4x0 /images

    5. Unmount the /opt directory from root:

      # cd /

      # umount /opt

  3. Run the configFSM.sh command to configure the migration via a GUI, for example:

    # configFSM.sh

  4. In the first screen of the GUI select 1 Yes to set a timezone. Press Next.

  5. Select a region for the timezone. In this example, US is selected. Press Next.

  6. Select a timezone in the selected region. In this example, Pacific is selected. Press Next.

  7. Select a target to configure. In this example, the Collector is selected. Press Next.

  8. Select option 5 migrate_6_1_1.

  9. Test connectivity by connecting to a well-known internet site. Press Next.

  10. Press the Run command to complete migration, for example:

    The options for the command are described in the following table:

    Option Description
    -r The FortiSIEM component being configured
    -z The time zone being configured
    -i IPv4-formatted address
    -m Address of the subnet mask
    -g Address of the gateway server used
    --host Host name
    -f FQDN address: fully-qualified domain name
    -t The IP type. The values can be either 4 (for ipv4) or 6 (for v6) Note: the 6 value is not currently supported.
    --dns1, --dns2 Addresses of DNS server 1 and DNS server 2.
    -o Installation option.
    -z Time zone. Possible values are US/Pacific, Asia/Shanghai, Europe/London, or Africa/Tunis
    --testpinghost The host used to test connectivity
  11. The script will take some minutes to run. When it is finished, migration is complete.
  12. Log in to your system again as user root with your new password.
  13. To ensure phMonitor is running, execute the phstatus command, for example:

    # phstatus

Restore the HTTP Password File From Backup

Run the following command to restore the HTTP password file.

# cp -far /images/passwds /etc/httpd/accounts/

Make sure that the permissions are correct, for example:

[root@co56120 ~]# ls -la /etc/httpd/accounts/

total 8

drwxr-xr-x 2 root root 34 Nov 3 09:47 .

drwxr-xr-x 6 root root 121 Oct 29 18:02 ..

-rw-r--r-- 1 root root 62 Nov 3 13:36 passwds

Re-Register to the Supervisor

Run the following command; note the update option. This keeps old associations.

# /opt/phoenix/bin/phProvisionCollector --update <user> '<password>' <Super IP or Host>

The password should be enclosed in single quotes to ensure that any non-alphanumeric characters are escaped.

Reboot the Appliance

If the appliance does not reboot automatically, then manually reboot.

Migrating from Pre-6.1.2 to 6.1.2

This section describes how upgrade the 500F Collector appliance from any older FortiSIEM version to 6.1.2. FortiSIEM performs migration in-place, via a bootloader. There is no need to create a new image or copy disks. The bootloader shell contains the new version of FortiSIEM.

Pre-Migration Checklist

To perform the migration, the following prerequisites must be met:

  1. Make sure your system can connect to the Internet.
  2. Make sure the /opt directory # mount /dev/mapper/FSIEM500F-phx_opt disk exists.
  3. Log in to your FSM as root and run the following commands:

    # mkdir -p /opt/images

    # ln -s /opt/images /images

  4. Go to the /images directory. Download the 6.1.2 hardware image from the support site, then unzip it. For example:

    # unzip_FSM_Full_All_RAW_HARDWARE_6.1.2_0119.

  5. Create a soft link to images, for example:

    # ln -sf /images/FortiSIEM-RAW-Hardware-6.1.2.0119.img /images/latest

Migrate Collector Installation

Download the Bootloader

Install and configure the FortiSIEM bootloader to start migration. Follow these steps:

  1. Download the bootloader FSM_Bootloader_6.1.2_build0119.zip from the support site and copy it to the /images directory.
  2. Unzip the file, for example:

    # unzip FSM_Bootloader_6.1.2_build0119.zip

Prepare the Bootloader

Follow these steps to run the prepare_bootloader script:

  1. Go to the bootloader directory, for example:

    # cd /images/FSM_Bootloader_6.1.2_build0119

  2. Run the prepare_bootloader script to install and configure the bootloader. This script installs, configures, and reboots the system. The script may take a few minutes to complete.

    # sh prepare_bootloader

  3. The script will open the FortiSIEM bootloader shell.

    Note: you might have to reboot the system manually if auto-reboot does not work.

  4. In the FortiSIEM bootloader shell, choose FortiSIEM Boot Loader. Press Return.

Load the FortiSIEM 6.1.2 Image

Follow these steps to load the FortiSIEM image:

  1. Log in to the bootloader shell as user root with password ProspectHills.

  2. Mount the /opt directory:
    1. Mount the /opt directory, for example:

      # mount /dev/mapper/FSIEM500F-phx_opt /opt

    2. Create a symbolic link to images from opt:

      # ln -sf /opt/images /images

    3. Change to the /images directory, for example:

      # cd /images

    4. Run the ll command to check disk usage.

      # ll

      These steps are illustrated in the following screen shot.

  3. Run the load_image script to swipe the old image with the new image, for example:
    1. Change to the root directory and check the contents, for example:

      # cd /

      # ll

    2. Run the load_image script, for example:

      # sh load_image

    3. Press Return again when the load_image script finishes.
    4. Reboot your system manually if it does not do so automatically.

Migrate to FortiSIEM 6.1.2

Follow these steps to complete the migration process:

  1. Log in to the bootloader shell as user root with password ProspectHills. You will immediately be asked to change your password.
  2. Create and mount the /images directory from /opt:
    1. Change directory to root, for example:

      # cd /

    2. Mount the opt directory, for example:

      # mount /dev/mapper/FSIEM500F-phx_opt /opt

    3. Create images directory under /:

      # mkdir -p /images

    4. Copy backup files to /images directory from /opt/images directory:

      # cd /opt/images

      # cp -far fsm_53_phoenix.xz VERSION phoenix_config.txt passwds network_params.json .fortisiem4x0 /images

    5. Unmount the /opt directory from root:

      # cd /

      # umount /opt

  3. Run the configFSM.sh command to configure the migration via a GUI, for example:

    # configFSM.sh

  4. In the first screen of the GUI select 1 Yes to set a timezone. Press Next.

  5. Select a region for the timezone. In this example, US is selected. Press Next.

  6. Select a timezone in the selected region. In this example, Pacific is selected. Press Next.

  7. Select a target to configure. In this example, the Collector is selected. Press Next.

  8. Select option 5 migrate_6_1_1.

  9. Test connectivity by connecting to a well-known internet site. Press Next.

  10. Press the Run command to complete migration, for example:

    The options for the command are described in the following table:

    Option Description
    -r The FortiSIEM component being configured
    -z The time zone being configured
    -i IPv4-formatted address
    -m Address of the subnet mask
    -g Address of the gateway server used
    --host Host name
    -f FQDN address: fully-qualified domain name
    -t The IP type. The values can be either 4 (for ipv4) or 6 (for v6) Note: the 6 value is not currently supported.
    --dns1, --dns2 Addresses of DNS server 1 and DNS server 2.
    -o Installation option.
    -z Time zone. Possible values are US/Pacific, Asia/Shanghai, Europe/London, or Africa/Tunis
    --testpinghost The host used to test connectivity
  11. The script will take some minutes to run. When it is finished, migration is complete.
  12. Log in to your system again as user root with your new password.
  13. To ensure phMonitor is running, execute the phstatus command, for example:

    # phstatus

Restore the HTTP Password File From Backup

Run the following command to restore the HTTP password file.

# cp -far /images/passwds /etc/httpd/accounts/

Make sure that the permissions are correct, for example:

[root@co56120 ~]# ls -la /etc/httpd/accounts/

total 8

drwxr-xr-x 2 root root 34 Nov 3 09:47 .

drwxr-xr-x 6 root root 121 Oct 29 18:02 ..

-rw-r--r-- 1 root root 62 Nov 3 13:36 passwds

Re-Register to the Supervisor

Run the following command; note the update option. This keeps old associations.

# /opt/phoenix/bin/phProvisionCollector --update <user> '<password>' <Super IP or Host>

The password should be enclosed in single quotes to ensure that any non-alphanumeric characters are escaped.

Reboot the Appliance

If the appliance does not reboot automatically, then manually reboot.