Installing in Linux KVM

The basic process for installing an FortiSIEM Supervisor, Worker, or Collector node in Linux KVM is the same as installing these nodes under VMware ESX, and so you should follow the instructions in Installing a Supervisor, Worker, or Collector Node in ESX. Since Worker nodes are only used in deployments that use NFS storage, you should first configure your Supervisor node to use NFS storage, and then configure your Worker node using the Supervisor NFS mount point as the mount point for the Worker. Collector nodes are only used in multi-tenant deployments, and need to be registered with a running Supervisor node.

Setting up a Network Bridge for Installing AccelOps in KVM

Importing the Supervisor, Collector, or Worker Image into KVM Configuring Supervisor Hardware Settings in KVM

Setting up a Network Bridge for Installing AccelOps in KVM

If FortiSIEM is the first guest on KVM, then a bridge network may be required to enable network connectivity. For details see the KVM documentation provided by IBM.

In these instructions, br0 is the initial bridge network, em1 is connected as a management network, and em4 is connected to your local area network.

1. In the KVM host, go to the directory /etc/sysconfig/network-scripts/.
2. Create a bridge network config file ifcfg-br0.

 

DEVICE=br0

BOOTPROTO=none

NM_CONTROLLED=yes

ONBOOT=yes

TYPE=Bridge

NAME=”System br0″

3. Edit network config file ifcfg-em4.

 

DEVICE=em4

BOOTPROTO=shared

NM_CONTROLLED=no

ONBOOT=yes

TYPE=Ethernet

UUID=”24078f8d-67f1-41d5-8eea-xxxxxxxxxxxx”

IPV6INIT=no

USERCTL=no

DEFROUTE=yes

IPV4_FAILURE_FATAL=yes

NAME=”System em4″

HWADDR=F0:4D:00:00:00:00 BRIDGE=br0

4. Restart the network service.

Importing the Supervisor, Collector, or Worker Image into KVM

1. Download and uncompress the FortiSIEM OVA package from the FortiSIEM image server to the location where you want to install the image.
2. Start the KVM Virtual Machine Manager.
3. Select and right-click on a host to open the Host Options menu, and then select New.
4. In the New VM dialog, enter a Name for your FortiSIEM node.
5. Select Import existing disk image, and then click Forward.
6. Browse to the location of OVA package and select it.
7. Choose the OS Type and Version you want to use with this installation, and then click Forward.
8. Allocate Memory and CPUs to the FortiSIEM node as recommended in the topic Browser Support and Hardware Requirements, and then click Forward.
9. Confirm the installation configuration of your node, and then click Finish.

Configuring Supervisor Hardware Settings in KVM

1. In KVM Virtual Machine Manager, select the FortiSIEM Supervisor, and then click Open.
2. Click the Information icon to view the Supervisor hardware settings.
3. Select the Virtual Network Interface.
4. For Source Device, select an available bridge network.

See Setting up a Network Bridge for Installing FortiSIEM in KVM for more information.

5. For Device model, select Hypervisor default, and then click Apply.
6. In the Supervisor Hardware settings, select Virtual Disk.
7. In the Virtual Disk dialog, open the Advanced options, and for Disk bus, select IDE.
8. Click Add Hardware, and then select Storage.
9. Select the Select managed or other existing storage option, and then browse to the location for your storage.

You will want to set up a disk for both CMDB (60GB) and SVN (60GB). If you are setting up FortiSIEM Enterprise, you may also want to create a storage disk for EventDB, with Storage format set to Raw.

10. In the KVM Virtual Machine Manager, connect to the FortiSIEM Supervisor and power it on.
11. Follow the instructions in Configuring the Supervisor, Worker, or Collector from the VM Console to complete the installation.

Related Links

Configuring the Supervisor, Worker, or Collector from the VM Console