Description
By design on the FortiAnalyzer:
- It is always expected to see the secondary members with a serial number and not a host name under the device manager as HA is recognized via the HA group name used on the FortiGate Cluster, and is mapped to the primary serial number.
- The secondary member will show up as 'New Device' instead of a device name or Serial number when using the option 'Add Other Device' -> new serial number, followed by the '+' button.
This article explains how to bypass this limitation to rename secondary members with a hostname.
Scope
v5.6.3 or later and v6.x.
Solution
Use the following steps to rename the secondary member:
- Disable using the HA group name as follows (keeping it enabled would add the cluster with the secondary using its serial number):
config sys global
set set ha-member-auto-grouping disable
end
set set ha-member-auto-grouping disable
end
- Use the Device Manager to add the FortiGate cluster - primary device to FortiAnalyzer.
- Edit the primary. The secondary device details will not be present.
- Select 'Add other device' and provide the serial number of the secondary, then select '+'. The secondary will be added as 'New Device'.
Do not use this option.
- The secondary device will show up in the 'Unregistered Device' list. Promote it to the FortiAnalyzer. It will be added as a separate device. A name can be given when promoting it.
- Edit the secondary device and uncheck the 'HA Cluster' check box.
- Edit the primary FortiGate and select 'Add Existing Device'. The drop-down list will show the secondary device.
- The cluster is now added with the proper hostnames.
- The name of this cluster can now be changed as required.
Related article:
