Data Update

FortiSIEM data update subscription service updates your FortiSIEM deployment with the latest device support related data as it becomes available, rather than having to wait for it to be included in a formal release.

The following items can be included in an update:

  • New event attribute
  • New event types
  • New device type
  • New parsers or modifications for existing parsers
  • Performance monitoring templates for new devices or modified ones for existing devices
  • New rules or modifications for existing rules
  • New reports or modifications for existing reports - both CMDB report and event based reports
  • New groups or modifications for existing groups for Event Types, Rules, Reports, Device Groups, Application Groups
  • Code to handle new devices

Configuring Data Update

Prerequisites
  • Contact Fortinet support and make sure that your license includes Data Update Service.
  • Make sure you have Data Update URL - this is typically https://images.FortiSIEM.net/upgrade/ds- contact FortiSIEM support to make sure that this information has not changed.
  • Make sure you have license credentials.

Configure Data Update Server Setting

  1. Go to ADMIN > Data Update.
  2. Configure Data Update Server setting:
    1. Enter Data Update URL (see prerequisites)
    2. Enter Server Username and Server Password - these are the license credentials
    3. Specify Notify Email (optional) - you will receive an email when new data updates are available.
    4. Click Save

Check Available Data Updates

  1. Go to ADMIN > Data Update.
  2. Click Refresh.
    1. Available data updates are shown on left.
    2. Click a version on the left and the contents for that version is shown on the right.
  3. Check the current data version from ADMIN > Cloud Health > Data Update Version. The number after 3rd decimal is the data version. For example, 4.4.1.38 means data version is 38.
  4. Note the data version you would like to upgrade to.

Apply Data Update on Collectors

  1. Go to ADMIN > Health > Collector Health.
    1. Select a Collector.
    2. Click Download Data Update - this downloads the data files to the collector.
    3. Click Install Data Update - this installs the data files on the collector.
    4. Repeat for all Collectors.

Check whether Data Update Installed Successfully

  1. Check ADMIN > Health > Cloud Health > Data Update Version.
  2. Check ADMIN > Health > Collector Health > Data Update Version.