Troubleshooting Tip: Linux Installation collector troubleshooting

Installation troubleshooting:

1) Run - journalctl -e.

2) Run /opt/FortiEDRCollector/control.sh --status.

If 'command not found' go to  3).

3) If the collector is 'running' or 'degraded', then the installation succeeded. Look for a different section if the collector is 'degraded'.

4) Check if the directory exists: "ls -l /opt/FortiEDRCollector". Also run "ls -l /opt/FortiEDRCollector/module' (this in order to make sure to do not have 'incompatible file').

If it does, go to 5).

5) Check if the package is installed: 'rpm -qa | grep -i FortiEDR'.
iI the package is not there, then re-run the installation. 

6) then verify that all files are present and look for installation issues in dmesg. 

7) Check CollectorBoostrap.jsn for aggregator address and agentID (if 0 then the collector did not register). Location:

/opt/FortiEDRCollector/Config/Collector/CollectorBootstrap.jsn

8) The solution will be to uninstall and re-install.