Help
FortiSIEM Discussions
KarlH
New Contributor III

Created on ‎10-16-2024 12:53 PM

Maintaining many collector veresions from the All in One for many clients as a MSP

We have Collectors  at 6.2, 6.3, 6.5.0,  6.5.1 , 6.6, 6.7,  7.1 , 7.0,  7.1 and 7.2

Supervisor is 7.1.3

 

I have taken on a new role out of the versions 6.5 collector seems to a problem, as a Engineer I am the one who has to answer collectors going in the red for disk space capacity, cpu usage, and what ever else.

And now I'm told the supervisor image server is broken  7.1.3.  How do we get that fixed?

 

Do I try to upgrade 6.5 ? can I see the upgradable paths somewhere for the above versions how do we get the supervisor image server fixed so it can be used and function correctly for them we need to improve our KPI.

 

Meanwhile the worst is that these clients repeatedly lose the credentials to LOG IN  to the collector, not register,  and this forces us to have to re-deploy the collector,  what version do I give them that is the least problematice I haven't done that yet either... need some best practice advice and assist. All in one single collectors not cluster, need upgrade paths.

 

Thank you in advance

Karl Henning, Security Engineer, CISSP
Karl Henning, Security Engineer, CISSP
Labels:
62
0 Kudos
2 REPLIES 2
premchanderr
Staff
Staff

Created on ‎10-16-2024 08:51 PM

HI @KarlH ,

 

Every FortiSIEM version has lot of fine tuning and enhancement to ensure SIEM works in optimal efficiency. It is strongly advisable to have collectors in same version or one lesser version than supervisor. Collector on 6.5 and Supervisor on 7.1.3 the gap is long, many enhancements would be missing. 

 

I don't understand supervisor image server broken, this doesn't happen. Do you have any bug ID on this or do provide further information.

 

Collectors are deployed on Rocky Linux OS, you can follow linux forums on steps to reset root account instead of re-deploying it if customers lose their credentials.  

Regards,
Prem Chander R
43
0 Kudos
KarlH
New Contributor III
In response to premchanderr

Created on ‎10-17-2024 06:51 AM Edited on ‎10-17-2024 07:26 AM

Hi Prem, @premchanderr 

The procedures are different for different scenarios what am I looking for 'How to reset a password on Rocky Linux on a VM on AZure cloud?" which is what they have.  I  have never done it before. We get customers always saying they lost the creds to login into Rocky Linux VM.

 

What version of Rockey Linux does collector 7.1 run on?

 

Have  you seen this? https://forums.rockylinux.org/t/how-to-recover-root-password/3433/8

and this ? https://forums.rockylinux.org/t/i-forgot-my-root-password-but-traditional-single-user-mode-doesnt-wo...

There are issues with doing that   Does Fortinet have hard and fast safe set of procedures for doing this with a customer?

 

Thank you

 

 

Karl Henning, Security Engineer, CISSP
Karl Henning, Security Engineer, CISSP
21
0 Kudos
Announcements

Welcome to your new Fortinet Community!

You'll find your previous forum posts under "Forums"

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.