- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
A Collector needs to martial Linux agents and Windows agents.
Hello,
Should two proxy files be run?
How should all this be executed for the different OS's?
Is there one proxy conf file that handles both system types? or do I run two different conf files.
The linux proxy is supposed to look like this :
ProxyPass /phoenix/rest/register/linuxAgent https://{actual IP address of the Supervisor node}/phoenix/rest/register/linuxAgent
ProxyPassReverse /phoenix/rest/register/linuxAgent https://{actual IP address of the Supervisor node}/phoenix/rest/register/linuxAgent
ProxyPass /phoenix/rest/linuxAgent/update https://{actual IP address of the Supervisor node}/phoenix/rest/linuxAgent/update
ProxyPassReverse /phoenix/rest/linuxAgent/update https://{actual IP address of the Supervisor node}/phoenix/rest/linuxAgent/update
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerExpire off
-------------------------------------------------------------------------------------------------------------------------------
The Windows Proxy is supposed to look like this
ProxyPass /phoenix/rest/register/windowsAgent https://<Supervisor IP Address>/phoenix/rest/register/windowsAgent
ProxyPassReverse /phoenix/rest/register/windowsAgent https://<Supervisor IP Address>/phoenix/rest/register/windowsAgent
ProxyPass /phoenix/rest/windowsAgent/update https://<Supervisor IP Address>/phoenix/rest/windowsAgent/update
ProxyPassReverse /phoenix/rest/windowsAgent/update https://<Supervisor IP Address>/phoenix/rest/windowsAgent/update
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerExpire off
#Required for upgrade Windows Agent on FortiSIEM 6.4.0+
ProxyPass /WinAgentUpgrade/FSMLogAgent.exe https://<Supervisor IP Address>/WinAgentUpgrade/FSMLogAgent.exe
ProxyPassReverse /WinAgentUpgrade/FSMLogAgent.exe https://<Supervisor IP Address>/WinAgentUpgrade/FSMLogAgent.exe
ProxyPass /WinAgentUpgrade/AutoUpdate.exe https://<Supervisor IP Address>/WinAgentUpgrade/AutoUpdate.exe
ProxyPassReverse /WinAgentUpgrade/AutoUpdate.exe https://<Supervisor IP Address>/WinAgentUpgrade/AutoUpdate.exe
#Required for Windows Agent 5.0.0 or later
ProxyPass /phoenix/rest/device/update https://<Supervisor IP Address>/phoenix/rest/device/update
ProxyPassReverse /phoenix/rest/device/update https://<Supervisor IP Address>/phoenix/rest/device/update
#Required for Windows Agent 7.1.0 or later
ProxyPass /phoenix/rest/osquery/result https://<Supervisor IP Address>/phoenix/rest/osquery/result
ProxyPassReverse /phoenix/rest/osquery/result https://<Supervisor IP Address>/phoenix/rest/osquery/result
Can some one please enlighten me? are we meant to run two different files? or somehow make one file with an if than else that looks at the OS?
Thanks in advance all!
~Karl
- Labels:
-
FortiSIEM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
