|
Installation troubleshooting:
1) Run - journalctl -e.
2) Run /opt/FortiEDRCollector/control.sh --status.
If 'command not found' go to 3).
3) If the collector is 'running' or 'degraded', then the installation succeeded. Look for a different section if the collector is 'degraded'.
4) Check if the directory exists: "ls -l /opt/FortiEDRCollector". Also run "ls -l /opt/FortiEDRCollector/module' (this in order to make sure to do not have 'incompatible file').
If it does, go to 5).
5) Check if the package is installed: 'rpm -qa | grep -i FortiEDR'.
iI the package is not there, then re-run the installation.
6) then verify that all files are present and look for installation issues in dmesg.
7) Check CollectorBoostrap.jsn for aggregator address and agentID (if 0 then the collector did not register). Location:
/opt/FortiEDRCollector/Config/Collector/CollectorBootstrap.jsn
8) The solution will be to uninstall and re-install.
|
