FortiAnalyzer-BigData cluster controller CLI
This section describes how to use fazbdctl, the FortiAnalyzer-BigData Command Line Interface (CLI), and contains references for all fazbdctl commands.
fazbdctl is available on the BigData Cluster controller (see Connect to the FortiAnalyzer-BigData CLI) and is the main command used to manage the Security Event Manager hosts of FortiAnalyzer-BigData.
Syntax
fazbdctl [command]
Commands
|
Command |
Description |
|---|---|
|
delete |
Remove a worker node from the cluster. |
|
enable |
Enable/disable cluster-wide features. |
|
help |
Help about any command. |
|
init |
Initialize k8s cluster. |
|
reset |
Factory-reset or re-install the OS of a single node or the whole cluster. |
|
set |
Set system parameters. |
|
show |
Display system or cluster information. |
|
upgrade |
Upgrade system components. |
|
Option |
Description |
|---|---|
|
-h, --help |
Help information. |
Show version
fazbdctl show version
Shows the FortiAnalyzer-BigData version of the host.
Show members
fazbdctl show members
Lists all the Security Event Manager member hosts' information managed by the BigData Cluster controller.
|
Option |
Description |
|---|---|
|
-o wide |
Display additional columns such as MAC address and version information in wide format. |
Example response
In this example:
-
Management IP/Maskis10.106.2.168/24
|
Field name |
Chassis |
Blade |
Role |
Address |
Ext Address |
Host Name |
|---|---|---|---|---|---|---|
|
Value example |
1 |
2 |
Controller |
10.0.1.2 |
10.106.2.168 |
blade‑10‑0‑1‑2 |
|
|
1 |
32 |
Member |
10.0.1.32 |
10.106.2.174 |
blade‑10‑0‑1‑32 |
|
Field name |
State |
Status |
Tips |
|---|---|---|---|
|
Value example |
Joined |
Alive |
|
|
|
Upgrading |
Alive |
Need upgrade |
Field descriptions
|
Field name |
Description |
|---|---|
|
Management IP/Mask |
This is the main management IP address that is configured. |
|
Chassis |
By default, the Chassis ID is 1. If you want to designate an appliance as an extender appliance, change the Chassis ID to a range between 2-254. |
|
Blade |
Represents which slot the blade is located in. The order of the blade slots starts from the left side of the FortiAnalyzer-BigData appliance, starting from 1 to 14. |
|
Role |
Role is either controller or member. |
|
Address |
The internal IP address is immutable and is generated from blade’s Chassis ID and Blade ID. 10.0.{chass ID}.{blade ID} |
|
Ext Address |
The external IP address is set by users through |
|
Host Name |
The host name. |
|
MAC |
The MAC address of the internal interface. |
|
Version |
The FortiAnalyzer-BigData version number running on the host. |
|
State |
The current status of the host.
|
|
Status |
The current status of the host.
|
|
Tips |
Tips and notes about the host.
|
Example response in wide format
In this example:
-
Management IP/Maskis10.106.2.168/24 -
Gatewayis10.106.2.254
|
Field name |
Chassis |
Blade |
Role |
Address |
Ext Address |
Ext Gateway |
Host Name |
|---|---|---|---|---|---|---|---|
|
Value example |
1 |
2 |
Controller |
10.0.1.2 |
10.106.2.168 |
10.106.2.254 |
blade‑10‑0‑1‑2 |
|
|
1 |
32 |
Member |
10.0.1.32 |
10.106.2.174 |
10.106.2.254 |
blade‑10‑0‑1‑32 |
|
Field name |
MAC |
Version |
State |
Status |
Tips |
|---|---|---|---|---|---|
|
Value example |
00:50:56:b2:7d:77 |
FortiAnalyzer-BigData-VM64 1.2.0 |
Joined |
Alive |
|
|
|
00:50:56:b2:e2:7b |
FortiAnalyzer-BigData-VM64 1.1.0 |
Upgrading |
Alive |
Need upgrade |
Additional field descriptions for wide format
|
Field name |
Description |
|---|---|
|
Gateway |
This is the main management gateway that is configured. |
|
Ext Gateway |
The gateway for each external IP address. |
|
MAC |
The MAC address of the internal interface. |
|
Version |
The FortiAnalyzer-BigData version number running on the host. |
Upgrade
fazbdctl upgrade fazbd
Use this command to upgrade the system or components. For more information, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.
- This command should be executed only on the BigData Cluster controller. It has no effect if run on other hosts.
- This command is only allowed when all the FortiAnalyzer-BigData services are healthy, but you can use
-fto force the upgrade to run.
For more details and example command usage, use fazbdctl upgrade -h
|
fazbdctl upgrade fazbd |
Upgrade both FortiAnalyzer (FAZ) OS and FortiAnalyzer-BigData OS interactively. |
|
fazbdctl upgrade fazbd -U ftp://1.2.3.4/path/fazbd.zip -u <user> -p <password> |
Upgrade both FortiAnalyzer (FAZ) OS and FortiAnalyzer-BigData OS. |
Reset
fazbdctl reset [{worker-ip} | cluster | members] [-A | -I | -S | -B]
Reset the entire OS of the blades and optionally format all the disks. There are four available options in this command:
|
Extra options |
Description |
|---|---|
|
-A, all-settings |
Resets all settings. |
|
-I, all-except-ip |
Keeps the public IP constant. |
|
-S, all-except-ssh |
Keeps the ssh public key constant. |
|
-B, all-except-ip-ssh |
Keeps the ssh public key and public IP constant. |
If no option is set, a soft reset will be performed. Otherwise, a hard reset will be performed to additionally format all the disks.
Examples
|
Command |
Description |
|---|---|
|
fazbdctl reset |
Re-install the BigData (BD) OS of this node (local). |
|
fazbdctl reset 10.0.1.32 |
Re-install the BigData (BD) OS of node 10.0.1.32, from a controller. |
|
fazbdctl reset 10.0.1.32 -A |
Factory-reset and clears all settings and data from the specified node, from a controller. |
|
fazbdctl reset cluster |
Re-install the BigData (BD) OS of the whole cluster, from the controller. |
|
fazbdctl reset cluster -I |
Factory-reset the whole cluster from the controller, keeping external management IP address. |
|
fazbdctl reset cluster -A |
Factory-reset the whole cluster from the controller, clearing all settings and data. |
|
fazbdctl reset members -A |
Factory-reset all members except the controller, clearing all settings and data. |
For instructions on how to reset your device, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.
Init
fazbdctl init cluster
Initialize the Security Event Manager after a hard reset. This command initializes and configures the Security Event Manager. The process takes approximately 30 to 40 minutes. For more information, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.
- This command should be executed only on the BigData Cluster controller. It has no effect if run on other hosts.
|
If you run this command on an existing BigData Cluster, it will reinitialize and cause you to lose all log data and configurations. |
Set management and external addresses
fazbdctl [ set | unset ] addr {external ip/mask} {gateway} --management -H {internal ip} -A -Y
Set management IP address on Security Event Manager controller and external IP addresses on Security Event Manager hosts to allow them to communicate with the outside world.
external ip/mask can be IP CIDR address or simply dhcp.
- The optional
managementflag indicates the data carried in theexternal ip/maskandgatewayfields is used to set the main management IP address. This flag is not compatible with-Hand-Aand is only available on the Security Event Manager controller. - The optional
-Hflag specifies the internal IP address of a Security Event Manager host where the external IP will be assigned. Without this flag, the external IP address is assigned to the local host. - The optional
-Aflag sets external IP addresses on all Security Event Manager hosts from the Security Event Manager controller. In this case, theexternal ip/maskfield specifies the starting external IP address to be assigned to the first Security Event Manager host. The remaining Security Event Manager hosts are assigned external IP addresses incrementally from the starting external IP address within the network subnet, wrapping around when reaching the boundary of the network subnet. This flag is not compatible ifexternal ip/maskisdhcp. - The optional
-Yflag lets you skip interactive confirmation when the command is issued.
Set appliance role
fazbdctl set appliance {extender-chassis-id}
Designate an appliance as an extender appliance so you can add it as an extender to the main appliance. For instructions on assigning a new chassis ID to the extender appliance, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.
- This command should be executed only on the BigData Cluster controller. It has no effect if run on other hosts.
Enable/Disable IP-Forward
fazbdctl [ enable | disable ] ip-forward
By default, all the BigData Cluster hosts except the BigData Cluster controller have no external network access. In some cases, you might want to allow external network access for all hosts, for example, to backup and restore data to external HDFS. This command allows you to forward packets from your internal network by enabling or disabling the NAT setup on the BigData Cluster controller.
- This command should be executed only on the BigData Cluster controller. It has no effect if run on other hosts.
Delete host
fazbdctl delete {member_ip_addr}
Decommission a host in the BigData Cluster members. For more information, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.
- This command should be executed only on the BigData Cluster controller. It has no effect if run on other hosts.