DescriptionThis articles describes how to prevent EC2 instances not to lose their IP following 4.x update or in the case unlicensed worker or collector refuse to start up. If the system was stopped and restarted, the instances may be unreachable if the UUID change occurred.
ScopeThis article is valid for 4.x versions of FortiSIEM on Amazon AWS EC2. SolutionHere is a step by step guide
1. Obtaining the UUID and verifying that the output are identical by entering the following commands:
#phgetUUID
#dmidecode | grep UUID
The output of those 2 commands should be identical. If the above two UUIDs do not match, it means there is a issue.
When system was licensed, both output 1 and output 2 were the same. However, AWS possibly changed something that caused #1 to be different or it may due to another cause.
If the output differs, call support in order to make sure that both matches. If the output matches, move to the next step.
2. Create a snapshot of the supervisor before performing the next step in order to recover.
3- Download the attached script: install_10gbps_driver.sh
3.1 Download and copy into the supervisor under: /opt/phoenix/phscripts/bin
3.2 Enter the following command:
#chmod +x /opt/phoenix/phscripts/bin/install_10gbps_driver.sh
3.3 Reboot the supervisor in order to verify that the interface driver install takes effect without losing the
interfaces.
Related Articles
Technical Note: FortiSIEM Ec2 Lost IP and cannot SSH into the supervisor to recover
Technical Note: [Accelops KB] ec2 consistent snapshot script information - INTERNAL
