FortiAnalyzer-BigData cluster controller CLI
This section describes how to use fazbdctl
, the FortiAnalyzer-BigData Command Line Interface (CLI), and contains references for all fazbdctl
commands.
fazbdctl
is available on the BigData Cluster Controller (see Connect to the FortiAnalyzer-BigData CLIs) and is the main command used to manage the Security Event Manager hosts of FortiAnalyzer-BigData. It can be used in the following ways:
-
fazbdctl -c show -t version
-
fazbdctl -c show -t members
-
fazbdctl -c upgrade [ -t fazbd | bd [ -h members | {member_ip_addr}] | faz ] [ -f ]
-
fazbdctl -c reset [ -h [ cluster | members | local | {member_ip_addr} ] ] [ -o [ all-except-ip | all-except-ssh | all-except-ip-ssh ] ]
-
fazbdctl -c init
-
fazbdctl -c set -t appliance -m extender
-
fazbdctl -c [ enable | disable ] -t ip-forward
-
fazbdctl -c delete -h {member_ip_addr}
Show version
fazbdctl -c show -t version
Shows the FortiAnalyzer-BigData version of the host.
Show members
fazbdctl -c show -t members
Lists all the Security Event Manager member hosts' information managed by the BigData Cluster Controller
- This command should be executed only on the BigData Cluster Controller. It has no effect if run on other hosts.
Example response:
Field name |
Chassis ID |
Blade ID |
Internal IP address |
Internal interface MAC address |
Version number |
Current Status |
Tips |
---|---|---|---|---|---|---|---|
Value example |
1 |
3 |
10.0.1.3 |
ac:1f:6b:5a:9d:ba |
20200131-102049 |
JOINED |
|
|
2 |
5 |
10.0.2.5 |
ac:1f:6b:5a:92:16 |
20200118-111231 |
UPGRADING |
Needs upgrade |
Field description
Chassis ID |
By default, the Chassis ID is 1. If you want to designate an appliance as an extender appliance, change the Chassis ID to a range between 2-254. |
Blade ID |
Represents which slot the blade is located in. The order of the blade slots starts from the left side of the FortiAnalyzer-BigData appliance, starting from 1 to 14. |
Internal IP address |
The internal IP is immutable and is generated from blade’s Chassis ID and Blade ID. 10.0.{chass ID}.{blade ID} |
Internal interface MAC address |
The MAC address of the internal interface. |
Version number |
The FortiAnalyzer-BigData version number running on the host. |
Current status |
The current status of the host.
|
Tips |
Tips and notes about the host.
|
Upgrade
fazbdctl -c upgrade [ -t fazbd | bd [ -h members | {member_ip_addr}] | faz ] [-f]
Generally used to upgrade the system. For more information, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.
- This command should be executed only on the BigData Cluster Controller. It has no effect if run on other hosts.
- This command is only allowed when all the FortiAnalyzer-BigData services are healthy, but you can use
-f
to force the upgrade to run.
|
Upgrade the FortiAnalyzer-BigData system (default, if no option is passing). |
|
(Advanced) Upgrade the member host(s) to the current BigData Cluster Controller’s version. |
|
(Advanced) Upgrade the BigData Cluster alone. |
|
(Advanced) Upgrade the FortiAnalyzer-BigData Main host alone |
Reset
fazbdctl -c reset [-h [cluster | members | local | {member_ip_addr}]] [-o[all-except-ip | all-except-ssh | all-except-ip-ssh] ]
Reset the entire OS of the blades and optionally format all the disks. There are four available options in this command:
Extra options |
Description |
---|---|
|
Resets all settings. |
|
Keeps the public IP constant. |
|
Keeps the ssh public key constant. |
|
Keeps the ssh public key and public IP constant. |
If no option is set, a soft reset will be performed. Otherwise, a hard reset will be performed to additionally format all the disks.
For instructions on how to reset your device, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.
Init
fazbdctl -c init
Initialize the Security Event Manager after a hard reset. This command initializes and configures the Security Event Manager. The process takes approximately 30 to 40 minutes to complete. For more inforation, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.
- This command should be executed only on the BigData Cluster Controller. It has no effect if run on other hosts.
If you run this command on an existing BigData Cluster, it will reinitialize and cause you to lose all log data and configurations. |
Set appliance role
fazbdctl -c set -t appliance -m extender
Designate an appliance as an extender appliance so you can add it as an extender to the main appliance. For instructions on assigning a new chassis ID to the extender appliance, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.
- This command should be executed only on the BigData Cluster Controller. It has no effect if run on other hosts.
Enable/Disable IP-Forward
fazbdctl -c [ enable | disable ] -t ip-forward
By default, all the BigData Cluster hosts except the BigData Cluster Controller have no external network access. In some cases, you might want to allow external network access for all hosts, for example, to backup and restore data to external HDFS. This command allows you to forward packets from your internal network by enabling or disabling the NAT setup on the BigData Cluster Controller.
- This command should be executed only on the BigData Cluster Controller. It has no effect if run on other hosts.
Delete host
fazbdctl -c delete -h {member_ip_addr}
Decommission a host in the BigData Cluster members. For more information, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.
- This command should be executed only on the BigData Cluster Controller. It has no effect if run on other hosts.