Help
FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
heng
Staff
Staff

Created on ‎08-24-2023 10:41 PM Edited on ‎09-14-2023 02:45 AM

Article Id 270279

Technical Tip: How to SSH from the controller to the other Hosts or Blades in FortiAnalyzer BigData

Description

 

This article describes how to SSH from the controller to the other Hosts or Blades in FortiAnalyzer BigData by using the internal blade subnet

 

Scope

 

FortiAnalyzer BigData 4500F.

 

Solution

 

  1. Determine the active controller and then login via SSH, refer to KB article: Technical Tip: How to locate the controller IP address of the FortiAnalyzer BigData

 

For our example here, the external facing controller IP address is 172.16.100.99

 

[root@blade-10-0-1-3 ~]$ fazbdctl show members
Management IP/Mask is 172.16.100.99/24
Chassis Blade Role        Address   Ext Address   Host Name       State  Status
1       2     member      10.0.1.2                blade-10-0-1-2  joined alive
1       3     controller  10.0.1.3                blade-10-0-1-3  joined alive
1       4     member      10.0.1.4                blade-10-0-1-4  joined alive
1       5     member      10.0.1.5                blade-10-0-1-5  joined alive
1       6     member      10.0.1.6                blade-10-0-1-6  joined alive
1       7     member      10.0.1.7                blade-10-0-1-7  joined alive
1       8     member      10.0.1.8                blade-10-0-1-8  joined alive
1       9     member      10.0.1.9                blade-10-0-1-9  joined alive
1       10    member      10.0.1.10               blade-10-0-1-10 joined alive
1       11    member      10.0.1.11               blade-10-0-1-11 joined alive
1       12    member      10.0.1.12               blade-10-0-1-12 joined alive
1       13    member      10.0.1.13               blade-10-0-1-13 joined alive
1       14    member      10.0.1.14               blade-10-0-1-14 joined alive

 

  1. From the active controller CLI output: fazbdctl show members, it is again possible to SSH into all other hosts (also known as blade labeling B2 to B14) by determining each of the hosts' IP address from the format of 10.0.{chassis_id}.{blade_id} or 198.18.{chassis_id}.{blade_id} The SSH access between the hosts (B2 to B14) via the blade internal subnet will not require a username and password. 

 

For the example here, the user is trying to access Blade 14, and SSH from the controller (10.0.1.3) into Blade 14  (10.0.1.14) will be visible.

 

[root@blade-10-0-1-3 ~]$ ssh 10.0.1.14
Last login: Thu Aug 24 10:46:43 2023 from 10.0.1.3
[root@blade-10-0-1-14 ~]$

 

  1. To log into the FortiAnalyzer blade, always log in with .1 with either 10.0.1.1 or 198.18.1.1. SSH access from the hosts (B2 to B14) to the FortiAnalyzer blade via the blade internal subnet which will always require an username and password if the default admin's password is set. 

 

For the example here, the user is logged from the controller (10.0.1.3) to the FortiAnalyzer blade (10.0.1.1)

 

[root@blade-10-0-1-3 ~]$ ssh admin@10.0.1.1

(admin@10.0.1.1) Password: ********
FAZ-BD #

501
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.