Troubleshooting Tip: How to troubleshoot Collector...

FortiSIEM

FortiSIEM provides Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA)

Article Id 410034

Description

This article describes how to troubleshoot Collector registration failures with a 401 authentication error due to the trusted hosts configuration.

Scope

FortiSIEM.

Solution

While trying to register the collector with the correct credentials, the collector shows the following error.

collector failed registration.jpg

Upon checking further in AppSvr logs from Supervisor, the following error has been noticed:

tail -f /opt/glassfish/domains/domain1/logs/server.log

untrusted domain collector.jpg

The error suggests that AppSvr is preventing collector registration due to the Trusted Hosts configuration applied from Admin -> Settings -> System -> Trusted Hosts.

As a Solution, collector IP can be added to Trusted Hosts, or existing IPs can be removed from Trusted Hosts. Try registering the collector again, and it should be registered successfully.

Contributors

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Troubleshooting Tip: How to troubleshoot Collector registration fails with 401 authentication error due to trusted hosts configuration

You are leaving our website