DescriptionThis article explains how to move a device from one ADOM to another one in the FortianalyzerScope
SolutionIt is assumed that the ADOM
feature is enabled on the FortiAnalyzer. If the ADOM feature is not enabled on the FortiAnalyzer
then it can be enabled by the GUI:
System settings > Dashboard > System
information > Administrative
Domain
In this example the device called FGT80CM1 is
associated to the ADOM "FORTINET_OMAR" and we need to move it to the new
ADOM "FORTIGATES52", so we need to create a new
ADOM:
ADOM > Manage ADOMs and click to create
new:
Type the ADOM name and we need to select the same
FortiOs version running on the device we want to move (in this case the
device FGT80CM1 is running the Fortios
5.2.6):
Select OK (not select the device FGT80CM1 yet) and the
new ADOM is created.
The CLI can be used to review the log
device:
FAZ1000D # diagnose log
device
Device Name
Device ID
Used Space
(logs/database/quar/content/IPS) Allocated Space %
Used
FGT80CM1
FG80CM3914601323
35466MB (6508/ 28958/ 0 / 0
/ 0 )
130000MB
27.28%
ADOM Name
ADOM
OID Type
UsedSpace(database)
Quota(database) %
Used
FORTINET_OMAR
280
FGT
29339MB
84600MB
34.68%
FORTIGATES52
395
FGT
0MB
0MB
0.00%
The device can now be moved: go to ADOM > Manage
ADOMs > FORTIGATES52 and select the device we want to move to
this ADOM, select the device FGT80CM1 and select "add" the device then
click OK and the device will start moving to the new
ADOM:
The CLI will
show:
FAZ1000D # diagnose log
device
Device Name
Device ID
Used Space
(logs/database/quar/content/IPS)
Allocated Space %
Used
FGT80CM1
FG80CM3914601323 35467MB
(6508/ 28959/ 0 / 0
/ 0 )
130000MB
27.28%
ADOM Name
ADOM
OID Type
UsedSpace(database) Quota(database)
%
Used
FORTINET_OMAR
280
FGT
29339MB
84600MB
34.68%
FORTIGATES52
395
FGT
0MB
0MB
0.00%
It is now necessary to rebuild the database for the new
ADOM:
# execute sql-local rebuild-adom
FORTIGATES52
Rebuild log SQL database of ADOM 'FORTIGATES52' has
been requested.
This operation will remove the log SQL database for
ADOM 'FORTIGATES52' and rebuild from log
data.
Do
you want to continue? (y/n)Y
Request to rebuild ADOM 'FORTIGATES52' sumbitted
successfully.
The progress of the rebuild can be seen
by:
# diagnose sql status rebuild-adom
FORTIGATES52
FORTIGATES52 percent:
3% bg-rebuild:Yes start:"Thu (4) 2016-03-03 17:28:50"
took:47(s)
remain:1519(s)...
The rebuild will finish after a few minutes and the
log device will show:
# diagnose sql status rebuild-adom
FORTIGATES52
FORTIGATES52
percent:100% bg-rebuild:Yes start:"Thu (4) 2016-03-03 17:28:50"
took:1128(s)
ADOM Name
ADOM
OID Type
UsedSpace(database) Quota(database)
% Used
FORTIGATES52
395
FGT
28962MB
78000MB
37.13%
All the logs can now be seen on the new
ADOM.