| Description |
This article describes some situations where FortiSiem wrongly maps the Collector type value. Specifically, FortiSiem is recognizing a 500F hardware collector as a VM Collector type.
Unregistering/re-registering the collector does not solve the problem. Even if possessing a lot of 500F collectors, the issue can happen only for a few units. It is not a general anomaly.
|
| Scope | FortiSIEM v7.x MSSP deployment. |
| Solution |
Since the Collector Type value is used for description purposes only, it is possible to change the value manually from the PostgreSQL console. Access Supervisor CLI and run the following command:
psql -U phoenix phoenixdb
Run the following command: update ph_sys_collector set collector_type = '<value>' where name='<collector-name>';
Available values for collector_type are:
The collector-name can be retrieved from GUI from Admin -> Health Check -> Collector Health tab. A command example would be then: update ph_sys_collector set collector_type = '1' where name='collector1'; A UPDATE=1 message should be displayed after sending the command.
|
