Help
FortiSIEM
FortiSIEM provides Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA)
aldodelgadomtz
Staff
Staff

Created on ‎08-31-2024 05:52 AM

Article Id 337984

Technical Tip: How to replace a Collector node in FortiSIEM

Description This article describes the simplest way to replace a Collector node.
Scope FortiSIEM.
Solution
  1. Follow the KDB in question to create a new Collector from scratch: Fresh Installation.
  2. If having Windows/Linux agents, back up the following file locally:

    ll /etc/httpd/accounts/passwds

  3. Once reinstalled, copy the previous file with the following commands:

    chown -R root.root /etc/httpd/accounts/passwds
    chmod -R 775 /etc/httpd/accounts/passwds

  4. Provision the new Collector as follows:


phProvisionCollector --update <user> ‘<password>’ <Super IP or Host>

 

Note: It is not necessary to delete any configuration from the Supervisor's GUI.
169
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.