Description
This article provides a solution for a FortiSIEM Windows Agent that failed to download and install image from the FortiSIEM Supervisor behind Virtual IP.
Scope
FortiSIEM Windows Agent v4.3.0 and above.
Solution
In FortiSIEM Windows Agent v4.3.0 and above, it can be upgraded from the feature in FortiSIEM Supervisor. However, it will fail if FortiSIEM Supervisor is configured with Virtual IP, especially for FortiSIEM deployed in Azure, AWS, or other Cloud platforms.
In that case, the user will need to verify the database in Windows Agent and notice the table is empty:
Download DB Browser -> Open Database -> Browse to C:\ProgramData\FortiSIEM\Database\AoWinAgt.db
For the solution, configure the Virtual Collector IP in Host Template Association in FortiSIEM Supervisor.
Go to FortiSIEM Supervisor GUI -> Admin -> Setup -> Windows Agent -> Host to Template Association.
Note:
In the Virtual Collector, insert the Public IP of the Collector.
After the changes above are configured, re-apply the template, and the database in Windows Agent will be updated as well:
Note:
IP column will remain empty and will not affect the connection.
After the table is populated with data, the FortiSIEM Supervisor can download and install the image successfully.
Related article:
Technical Tip: FortiSIEM Windows Agent change Supervisor IP/FQDN
