Page 2
FORTINET DOCUMENT LIBRARY https://docs.fortinet.com FORTINET VIDEO GUIDE https://video.fortinet.com FORTINET BLOG https://blog.fortinet.com CUSTOMER SERVICE & SUPPORT https://support.fortinet.com FORTINET TRAINING & CERTIFICATION PROGRAM https://www.fortinet.com/training-certification FORTINET TRAINING INSTITUTE https://training.fortinet.com FORTIGUARD CENTER https://www.fortiguard.com END USER LICENSE AGREEMENT https://www.fortinet.com/doc/legal/EULA.pdf FEEDBACK Email: techdoc@fortinet.com 07/24/2023 FortiSIEM 7.0.1 500G Collector Configuration Guide...
2. Login as user root with password ProspectHills. 3. You will be asked to change your password. Once you change the password, you will be logged out. Login again with your new password. FortiSIEM 7.0.1 500G Collector Configuration Guide Fortinet Inc.
2. At the command prompt, go to /usr/local/bin, and enter configFSM.sh. For example: # configFSM.sh A simple GUI will open. 3. In the GUI, select 1 Set Timezone, and then press Next. 4. Select your Region, then press Next. FortiSIEM 7.0.1 500G Collector Configuration Guide Fortinet Inc.
Page 6
Appliance Setup 5. Select your Country, and press Next. 6. Select the Country and City for your timezone, and press Next. 7. Select 1 Collector. Press Next. FortiSIEM 7.0.1 500G Collector Configuration Guide Fortinet Inc.
Page 7
Netmask, Gateway, DNS Server(s). Configure the network by entering the following fields. Press Next. Note: Configuring a DNS Server to resolve external addresses as updates to remote repositories will be required in the future. FortiSIEM 7.0.1 500G Collector Configuration Guide Fortinet Inc.
Page 8
IPv6 The Collector's IPv6 address Address prefix The Collector's IPv6 prefix (Netmask) Gateway IPv6 Network gateway address ipv6 DNS1 IPv6, Addresses of the IPv6 DNS server 1 and DNS2 IPv6 DNS server2 FortiSIEM 7.0.1 500G Collector Configuration Guide Fortinet Inc.
Page 9
Note: By default, “google.com” is shown for the connectivity test, but if configuring IPv6, you must enter an accessible internally approved IPv6 DNS server, for example: “ipv6-dns.fortinet.com" Note: When configuring both IPv4 and IPv6, only testing connectivity for the IPv6 DNS is required because the IPV6 takes higher precedence.
Page 10
The IP type. The values can be either 4 (for ipv4) or 6 (for v6) or 64 (for both ipv4 and ipv6). --dns1, --dns2 Addresses of the DNS servers --i6 IPv6-formatted address FortiSIEM 7.0.1 500G Collector Configuration Guide Fortinet Inc.
Set Super IP or Host as the Supervisor's IP address. c. Set Organization. For Enterprise deployments, the default name is Super. d. Set CollectorName from Step The Collector will reboot during the Registration. FortiSIEM 7.0.1 500G Collector Configuration Guide Fortinet Inc.
Page 12
Note: Rather than using IP addresses, a DNS name is recommended. The reasoning is, should the IP addressing change, it becomes a matter of updating the DNS rather than modifying the Event Worker IP addresses in FortiSIEM. b. Click OK. FortiSIEM 7.0.1 500G Collector Configuration Guide Fortinet Inc.
Page 13
The last two values could be set as Unlimited. Guaranteed EPS is the EPS that the Collector will always be able to send. It could send more if there is excess EPS available. FortiSIEM 7.0.1 500G Collector Configuration Guide Fortinet Inc.
8. Go to ADMIN > Health > Collector Health to see the status of the Collector. Step 6: Using FortiSIEM Refer to the FortiSIEM User Guide for detailed information about using FortiSIEM. FortiSIEM 7.0.1 500G Collector Configuration Guide Fortinet Inc.
Appliance Setup Factory Reset Follow the steps below to perform factory reset on FortiSIEM FSM-500G. Step 1: Uninstall FortiSIEM application 1. Connect FortiSIEM device using VGA or Console port. 2. Login as ‘root’ user with password 'ProspectHills'. 3. To check the available FortiSIEM commands, run get.
5. Safely remove the USB drive from the desktop or laptop by unmounting it through the operating system. Step 2B: NFS Staging 1. Prepare an NFS server. Information on setup can be found here. 2. Download FSM_Full_All_RAW_HARDWARE_7.0.1.0038.zip from the support site. 3. Create and export /FortiSIEM_HW_IMG. FortiSIEM 7.0.1 500G Collector Configuration Guide Fortinet Inc.
Note: This drive will be referred to as /dev/sdb in the following steps. 6. Enter into root while in the terminal using the following command: sudo -s 7. Determine the mount point of this drive by using the following command: FortiSIEM 7.0.1 500G Collector Configuration Guide Fortinet Inc.
Page 18
8. Once this is completed, power off the FortiSIEM appliance using the following commands: # shutdown –h now 9. After shutdown, remove both USB drives from the FortiSIEM appliance. 10. Power on the FortiSIEM appliance. 11. Reinstall the FortiSIEM application (as in Factory Reset - step 2). FortiSIEM 7.0.1 500G Collector Configuration Guide Fortinet Inc.
Page 19
Fortinet’s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests.
Need help?
Do you have a question about the FortiSIEM FSM-500G and is the answer not in the manual?
Questions and answers