Fortinet black logo

CLI Reference

7.0.3
7.4.0
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.1
6.4.6
6.4.5
6.2.5
6.2.1

FortiAnalyzer-BigData cluster controller CLI

FortiAnalyzer-BigData cluster controller CLI

This section describes how to use fazbdctl, the FortiAnalyzer-BigData Command Line Interface (CLI), and contains references for all fazbdctl commands.

fazbdctl is available on the cluster controller (see Connect to the FortiAnalyzer-BigData CLI) and is the main command used to manage the hosts of FortiAnalyzer-BigData.

Syntax

fazbdctl <command>

Commands

Command

Description

enable

Enable/disable cluster-wide features.

help

 Help about any command.

init

Initialize the FAZ-BD cluster.

reset

Factory-reset or re-install the OS of a single node or the whole cluster.

set

Set system parameters.

show

Display system or cluster information.

upgrade

Upgrade system components.

Option

Description

-h, --help

Help information.

Show version

fazbdctl show version

Shows the FortiAnalyzer-BigData version of the host.

Show members

fazbdctl show members

Lists all the cluster hosts' information managed by the cluster controller.

Option

Description

{-o | --option} wide

Display additional columns such as MAC address and version information in wide format.
Example response

In this example:

  • Management IP/Mask is 10.106.2.168/24

Field name

Chassis

Blade

Role

Address

Ext Address

Host Name

Value example

1

2

Controller

10.0.1.2

10.106.2.170

blade‑10‑0‑1‑2

1

32

Member

10.0.1.32

10.106.2.174

blade‑10‑0‑1‑32

Field name

State

Status

Tips

Value example

Joined

Alive

Upgrading

Alive

Need upgrade
Field descriptions

Field name

Description

Management IP/Mask

This is the management IP address that is configured.

Chassis

By default, the Chassis ID is 1. If you want to designate an appliance as an extender appliance, change the Chassis ID to a range between 2-254.

Blade

Represents which the slot the blade is located in. The order of the blade slots starts from the left side of the FortiAnalyzer-BigData appliance, starting from 1 to 14.

Role

Role is either controller or member.

Address

The internal IP address is immutable and is generated from the blade’s Chassis ID and Blade ID.

10.0.{chass ID}.{blade ID}

Ext Address

The external IP address is set by users through fazbdctl set command.

Host Name

The host name.

State

The current status of the host.

  • joined: The host has joined the cluster.
  • upgrading: The host has joined this cluster and is running the upgrade process.

Status

The current status of the host.

  • alive: The host is up and running.
  • failed: The host fails to run.

Tips

Tips and notes about the host.

  • Need upgrade: The host’s version does not match the controller's version.
Example response in wide format

In this example:

  • Management IP/Mask is 10.106.2.168/24
  • Gateway is 10.106.2.254

Field name

Chassis

Blade

Role

Address

Ext Address

Ext Gateway

Host Name

Value example

1

2

Controller

10.0.1.2

10.106.2.170

10.106.2.254

blade‑10‑0‑1‑2

1

32

Member

10.0.1.32

10.106.2.174

10.106.2.254

blade‑10‑0‑1‑32

Field name

MAC

Version

State

Status

Tips

Value example

00:50:56:b2:7d:77

FortiAnalyzer-BigData-VM64 1.2.0

Joined

Alive

00:50:56:b2:e2:7b

FortiAnalyzer-BigData-VM64 1.1.0

Upgrading

Alive

Need upgrade
Additional field descriptions for wide format

Field name

Description

Gateway

This is the gateway for the management IP address that is configured.

Ext Gateway

The gateway for the external IP address.

MAC

The MAC address of the internal interface.

Version

The FortiAnalyzer-BigData version number running on the host.

Upgrade

fazbdctl upgrade {bootloader | fazbd | cluster} [-U <URL>][-o <option>][-p <password>][-u <username>]

Use this command to upgrade bootloader with argument "bootloader" and upgrade FortiAnalyzer-BigData OS with argument "fazbd" or "cluster" for the whole cluster. For more information, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.

  • This command should be executed only on the cluster controller. It has no effect if run on other hosts.
  • This command is only allowed when all the FortiAnalyzer-BigData services are healthy, but you can use -f to force the upgrade to run.
    Extra options Description
    {-U | --image-url} <URL> URL for the image to be downloaded and installed.
    {-o | --option} <Option> Re-run options when failed: skip | retry | restart.
    {-p | --password} [<password>] Password for the download server if there is one.
    {-u | --username} [<user name>] Username for the download server if there is one.
    Examples
    Command Description
    fazbdctl upgrade cluster Interactively upgrade FortiAnalyzer-BigData.
    fazbdctl upgrade cluster -o retry If last upgrade fails, retry from the state where the upgrade fails.

Reset

fazbdctl reset [<worker-ip> | cluster] [-A | -I | -S | -B] [-o <option>][-n]

Reset the entire OS and optionally format all the disks for a single host or the whole cluster. When there is no argument specified, the reset applies to local host.

These are the available options in this command:

Extra options

Description

-{-A | --all-settings}

Resets all settings.

{-I | --all-except-ip}

Keeps the public IP constant.

{-S | --all-except-ssh}

Keeps the ssh public key constant.

{-B | --all-except-ip-ssh}

Keeps the ssh public key and public IP constant.

{-o | --option} <Option>

Re-run options when failed in soft reset: skip, retry, restart

 
{-x | --exclude-faz}

Excludes FortiAnalyzer when resetting the cluster.

{-n | --retain-internal-subnet}

Keeps current subnet after hard-resetting cluster.

If no option is set, a soft reset will be performed. Otherwise, a hard reset will be performed to additionally format all the disks.

Note: When -n is not specified, the following default subnet will be used:

Examples

Command

Description

fazbdctl reset

Re-install the OS of this node (local).

fazbdctl reset 10.0.1.32

Re-install the OS of node 10.0.1.32, from a controller.

fazbdctl reset 10.0.1.32 -A

Factory-reset and clears all settings and data from the specified node, from a controller.

fazbdctl reset cluster

Re-install the OS of the whole cluster, from the controller.

fazbdctl reset cluster -I

Factory-reset the whole cluster from the controller, keeping external management IP address.

fazbdctl reset cluster -A

Factory-reset the whole cluster from the controller, clearing all settings and data.

fazbdctl reset cluster -A -n

Factory-reset the whole cluster from the controller, clearing all settings and data but retaining the original subnet after reset.

For instructions on how to reset your device, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.

Init

fazbdctl init cluster [-o <option>]

Initialize the FortiAnalyzer-BigData cluster. This command initializes and configures the FortiAnalyzer-BigData cluster hosts. The process takes approximately 30 to 40 minutes. For more information, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.

  • This command should be executed only on the cluster controller. It has no effect if run on other hosts.
    Extra options Description
    {-o | --option} <Option> Re-run options when failed: skip | retry |restart
Caution

If you run this command on an existing cluster, it will reinitialize and cause you to lose all log data and configurations.

Set management and external addresses

fazbdctl {set | unset} addr {<external ip/mask> | dhcp} [<gateway>] [--management] \ [-H] [-A] [-Y]

Set management IP address on the cluster controller and external IP addresses (used for Hyperscale logging) on cluster hosts to allow them to communicate with the outside world.

external ip/mask can be IP CIDR address or simply dhcp.

  • The optional management flag indicates the data carried in the external ip/mask and gateway fields is used to set the main management IP address. This flag is not compatible with -H and -A and is only available on the cluster controller.
  • The optional -H flag specifies the internal IP address of a host where the external IP will be assigned. Without this flag, the external IP address is assigned to the local host.
  • The optional -A flag sets external IP addresses on all hosts from the controller. In this case, the external ip/mask field specifies the starting external IP address to be assigned to the first host. The remaining hosts are assigned external IP addresses incrementally from the starting external IP address within the network subnet, wrapping around when reaching the boundary of the network subnet. This flag is not compatible if external ip/mask is dhcp.
  • The optional -Y flag lets you skip interactive confirmation when the command is issued.
Examples

Command

Description
fazbdctl set addr 10.160.74.174/24 10.160.74.1 Set external IP CIDR address and gateway on local host.
fazbdctl set addr -H 10.0.1.3 10.160.74.175/24 10.160.74.1 Set external IP CIDR address and gateway for host 10.0.1.3.
fazbdctl set addr dhcp Set external IP CIDR address via DHCP on local host.
fazbdctl set addr 10.160.74.174/24 Set external IP CIDR address on local host.
fazbdctl set addr 10.160.74.174/24 10.160.74.1 --management

Set management IP CIDR address with gateway on controller host.
fazbdctl unset addr -H 10.0.1.3 Unset external IP CIDR address on host 10.0.1.3.
fazbdctl unset addr --management Unset the management IP CIDR address.
fazbdctl set addr 10.160.74.174/24 10.160.74.1 -A Set external IP CIDR address on all members, starting from 10.160.74.174.

fazbdctl unset addr -A

Unset external IP CIDR address on all members.

Set appliance role

fazbdctl set appliance {extender-chassis-id}

Designate an appliance as an extender appliance so you can add it as an extender to the main appliance. For instructions on assigning a new chassis ID to the extender appliance, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.

  • This command should be executed only on the cluster controller. It has no effect if run on other hosts.

Enable/Disable IP-Forward

fazbdctl [ enable | disable ] ip-forward

By default, all the cluster hosts except the cluster controller have no external network access. In some cases, you might want to allow external network access for all hosts, for example, to backup and restore data to external HDFS, to support Hyperscale log ingestion, etc.. This command allows you to forward packets from your internal network by enabling or disabling the NAT setup on the cluster controller.

  • This command should be executed only on the cluster controller. It has no effect if run on other hosts.

Unstack chassis

fazbdctl unstack-chassis

Use this command in the cluster controller to unstack the chassis so that they can be separated safely. For more information see How to remove a chassis from a stacked setup in the FortiAnalyzer-BigData Administration Guide.

Previous
Next

FortiAnalyzer-BigData cluster controller CLI

This section describes how to use fazbdctl, the FortiAnalyzer-BigData Command Line Interface (CLI), and contains references for all fazbdctl commands.

fazbdctl is available on the cluster controller (see Connect to the FortiAnalyzer-BigData CLI) and is the main command used to manage the hosts of FortiAnalyzer-BigData.

Syntax

fazbdctl <command>

Commands

Command

Description

enable

Enable/disable cluster-wide features.

help

 Help about any command.

init

Initialize the FAZ-BD cluster.

reset

Factory-reset or re-install the OS of a single node or the whole cluster.

set

Set system parameters.

show

Display system or cluster information.

upgrade

Upgrade system components.

Option

Description

-h, --help

Help information.

Show version

fazbdctl show version

Shows the FortiAnalyzer-BigData version of the host.

Show members

fazbdctl show members

Lists all the cluster hosts' information managed by the cluster controller.

Option

Description

{-o | --option} wide

Display additional columns such as MAC address and version information in wide format.
Example response

In this example:

  • Management IP/Mask is 10.106.2.168/24

Field name

Chassis

Blade

Role

Address

Ext Address

Host Name

Value example

1

2

Controller

10.0.1.2

10.106.2.170

blade‑10‑0‑1‑2

1

32

Member

10.0.1.32

10.106.2.174

blade‑10‑0‑1‑32

Field name

State

Status

Tips

Value example

Joined

Alive

Upgrading

Alive

Need upgrade
Field descriptions

Field name

Description

Management IP/Mask

This is the management IP address that is configured.

Chassis

By default, the Chassis ID is 1. If you want to designate an appliance as an extender appliance, change the Chassis ID to a range between 2-254.

Blade

Represents which the slot the blade is located in. The order of the blade slots starts from the left side of the FortiAnalyzer-BigData appliance, starting from 1 to 14.

Role

Role is either controller or member.

Address

The internal IP address is immutable and is generated from the blade’s Chassis ID and Blade ID.

10.0.{chass ID}.{blade ID}

Ext Address

The external IP address is set by users through fazbdctl set command.

Host Name

The host name.

State

The current status of the host.

  • joined: The host has joined the cluster.
  • upgrading: The host has joined this cluster and is running the upgrade process.

Status

The current status of the host.

  • alive: The host is up and running.
  • failed: The host fails to run.

Tips

Tips and notes about the host.

  • Need upgrade: The host’s version does not match the controller's version.
Example response in wide format

In this example:

  • Management IP/Mask is 10.106.2.168/24
  • Gateway is 10.106.2.254

Field name

Chassis

Blade

Role

Address

Ext Address

Ext Gateway

Host Name

Value example

1

2

Controller

10.0.1.2

10.106.2.170

10.106.2.254

blade‑10‑0‑1‑2

1

32

Member

10.0.1.32

10.106.2.174

10.106.2.254

blade‑10‑0‑1‑32

Field name

MAC

Version

State

Status

Tips

Value example

00:50:56:b2:7d:77

FortiAnalyzer-BigData-VM64 1.2.0

Joined

Alive

00:50:56:b2:e2:7b

FortiAnalyzer-BigData-VM64 1.1.0

Upgrading

Alive

Need upgrade
Additional field descriptions for wide format

Field name

Description

Gateway

This is the gateway for the management IP address that is configured.

Ext Gateway

The gateway for the external IP address.

MAC

The MAC address of the internal interface.

Version

The FortiAnalyzer-BigData version number running on the host.

Upgrade

fazbdctl upgrade {bootloader | fazbd | cluster} [-U <URL>][-o <option>][-p <password>][-u <username>]

Use this command to upgrade bootloader with argument "bootloader" and upgrade FortiAnalyzer-BigData OS with argument "fazbd" or "cluster" for the whole cluster. For more information, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.

  • This command should be executed only on the cluster controller. It has no effect if run on other hosts.
  • This command is only allowed when all the FortiAnalyzer-BigData services are healthy, but you can use -f to force the upgrade to run.
    Extra options Description
    {-U | --image-url} <URL> URL for the image to be downloaded and installed.
    {-o | --option} <Option> Re-run options when failed: skip | retry | restart.
    {-p | --password} [<password>] Password for the download server if there is one.
    {-u | --username} [<user name>] Username for the download server if there is one.
    Examples
    Command Description
    fazbdctl upgrade cluster Interactively upgrade FortiAnalyzer-BigData.
    fazbdctl upgrade cluster -o retry If last upgrade fails, retry from the state where the upgrade fails.

Reset

fazbdctl reset [<worker-ip> | cluster] [-A | -I | -S | -B] [-o <option>][-n]

Reset the entire OS and optionally format all the disks for a single host or the whole cluster. When there is no argument specified, the reset applies to local host.

These are the available options in this command:

Extra options

Description

-{-A | --all-settings}

Resets all settings.

{-I | --all-except-ip}

Keeps the public IP constant.

{-S | --all-except-ssh}

Keeps the ssh public key constant.

{-B | --all-except-ip-ssh}

Keeps the ssh public key and public IP constant.

{-o | --option} <Option>

Re-run options when failed in soft reset: skip, retry, restart

 
{-x | --exclude-faz}

Excludes FortiAnalyzer when resetting the cluster.

{-n | --retain-internal-subnet}

Keeps current subnet after hard-resetting cluster.

If no option is set, a soft reset will be performed. Otherwise, a hard reset will be performed to additionally format all the disks.

Note: When -n is not specified, the following default subnet will be used:

Examples

Command

Description

fazbdctl reset

Re-install the OS of this node (local).

fazbdctl reset 10.0.1.32

Re-install the OS of node 10.0.1.32, from a controller.

fazbdctl reset 10.0.1.32 -A

Factory-reset and clears all settings and data from the specified node, from a controller.

fazbdctl reset cluster

Re-install the OS of the whole cluster, from the controller.

fazbdctl reset cluster -I

Factory-reset the whole cluster from the controller, keeping external management IP address.

fazbdctl reset cluster -A

Factory-reset the whole cluster from the controller, clearing all settings and data.

fazbdctl reset cluster -A -n

Factory-reset the whole cluster from the controller, clearing all settings and data but retaining the original subnet after reset.

For instructions on how to reset your device, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.

Init

fazbdctl init cluster [-o <option>]

Initialize the FortiAnalyzer-BigData cluster. This command initializes and configures the FortiAnalyzer-BigData cluster hosts. The process takes approximately 30 to 40 minutes. For more information, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.

  • This command should be executed only on the cluster controller. It has no effect if run on other hosts.
    Extra options Description
    {-o | --option} <Option> Re-run options when failed: skip | retry |restart
Caution

If you run this command on an existing cluster, it will reinitialize and cause you to lose all log data and configurations.

Set management and external addresses

fazbdctl {set | unset} addr {<external ip/mask> | dhcp} [<gateway>] [--management] \ [-H] [-A] [-Y]

Set management IP address on the cluster controller and external IP addresses (used for Hyperscale logging) on cluster hosts to allow them to communicate with the outside world.

external ip/mask can be IP CIDR address or simply dhcp.

  • The optional management flag indicates the data carried in the external ip/mask and gateway fields is used to set the main management IP address. This flag is not compatible with -H and -A and is only available on the cluster controller.
  • The optional -H flag specifies the internal IP address of a host where the external IP will be assigned. Without this flag, the external IP address is assigned to the local host.
  • The optional -A flag sets external IP addresses on all hosts from the controller. In this case, the external ip/mask field specifies the starting external IP address to be assigned to the first host. The remaining hosts are assigned external IP addresses incrementally from the starting external IP address within the network subnet, wrapping around when reaching the boundary of the network subnet. This flag is not compatible if external ip/mask is dhcp.
  • The optional -Y flag lets you skip interactive confirmation when the command is issued.
Examples

Command

Description
fazbdctl set addr 10.160.74.174/24 10.160.74.1 Set external IP CIDR address and gateway on local host.
fazbdctl set addr -H 10.0.1.3 10.160.74.175/24 10.160.74.1 Set external IP CIDR address and gateway for host 10.0.1.3.
fazbdctl set addr dhcp Set external IP CIDR address via DHCP on local host.
fazbdctl set addr 10.160.74.174/24 Set external IP CIDR address on local host.
fazbdctl set addr 10.160.74.174/24 10.160.74.1 --management

Set management IP CIDR address with gateway on controller host.
fazbdctl unset addr -H 10.0.1.3 Unset external IP CIDR address on host 10.0.1.3.
fazbdctl unset addr --management Unset the management IP CIDR address.
fazbdctl set addr 10.160.74.174/24 10.160.74.1 -A Set external IP CIDR address on all members, starting from 10.160.74.174.

fazbdctl unset addr -A

Unset external IP CIDR address on all members.

Set appliance role

fazbdctl set appliance {extender-chassis-id}

Designate an appliance as an extender appliance so you can add it as an extender to the main appliance. For instructions on assigning a new chassis ID to the extender appliance, see the FortiAnalyzer-BigData Administration Guide in the Fortinet Doc Library.

  • This command should be executed only on the cluster controller. It has no effect if run on other hosts.

Enable/Disable IP-Forward

fazbdctl [ enable | disable ] ip-forward

By default, all the cluster hosts except the cluster controller have no external network access. In some cases, you might want to allow external network access for all hosts, for example, to backup and restore data to external HDFS, to support Hyperscale log ingestion, etc.. This command allows you to forward packets from your internal network by enabling or disabling the NAT setup on the cluster controller.

  • This command should be executed only on the cluster controller. It has no effect if run on other hosts.

Unstack chassis

fazbdctl unstack-chassis

Use this command in the cluster controller to unstack the chassis so that they can be separated safely. For more information see How to remove a chassis from a stacked setup in the FortiAnalyzer-BigData Administration Guide.

Previous
Next