|
ADMIN -> Content Update, ADMIN -> Settings -> Image Server or IOC like FortiGuard Malware Domains, IPs, etc. feature of FortiSIEM does not use proxy configured at OS level, instead it uses the proxy configured using GUI at Resources -> Malware Domains -> FortiGuard Malware Domains -> Update -> Use Proxy.
Note: Using the GUI, it is not possible to configure the IOC proxy if the FortiSIEM License does not include the IOC license. Can be verified from ADMIN -> License -> General.
Either purchase an IOC license or use the below CLI method to configure the IOC proxy.
- Download and unzip the attached zip file updateIOCProxy.zip.
- Transfer the updateIOCProxy.sh script to /root/ location of Supervisor.
- Provide execute permissions to the script.
chmod 775 /root/updateIOCProxy.sh
- Run the script as per displayed in the example below.
cd /root/
./updateIOCProxy.sh update
Do you want to use a proxy for the IOC service? (yes/no): yes
Proxy Server IP (default: null): 10.32.52.7
Proxy Server Port (default: 8080): 80
Proxy User (default: null):
Please provide your administrative GUI credentials to upload proxy settings.
Enter your username: admin
Enter your password:
Enter your org: Super
Enter your LDAP domain, blank for none:
Please validate these settings appear correct and then test uploading an upgrade image through the GUI.
{
"mode": "tunnel",
"password": "",
"port": "80",
"ipHost": "10.32.52.7",
"useProxy": true,
"userName": ""
}
|
