Description
This article describes how to re-register a collector that has already been registered. Before performing the registration again, the administrator will need to modify a column in a postgres table.
Scope
FortiSIEM.
Solution
The following is a step-by-step guide:
- SSH to FortiSIEM Supervisor.
- Enter the following command on Supervisor node to login into Post Gre Database (PSQL):
psql -U phoenix phoenixdb
- Update the PSQL Database:
=>update ph_sys_collector set natural_id='' where name=<Collector_Name>;
- Quit PSQL:
=>\q
- Re-register the Collector to Supervisor by using phProvision script and using the '--update' option:
#/opt/phoenix/bin/phProvisionCollector --update <user> '<password>' <Super IP or Host> <Organization> <CollectorName>
- On Supervisor node, check that all requests from the Collector had a valid '200' response in the ssl_access_log log file, located at /var/log/httpd.
tail -f /var/log/httpd/ssl_access_log | grep -i "Collector_IP"
Note:
If the Collector does not reboot after executing the re-register command in step 5, perform a reboot by executing the command 'execute reboot'.
Related article:
