FortiSIEM Adding Devices to the CMDB Outside of Discovery

Adding Devices to the CMDB Outside of Discovery

There are situations in which you may want to add devices to the Configuration Management Database (CMDB) outside of the discovery procedure. For example, FortiSIEM needs access to devices over SNMP or WMI to discover them, but you may have devices in your

infrastructure that don’t utilize these access protocols. The IP addresses for those devices will still be contained in traffic logs, and rules may need to incorporate that device. In order to make sure that logs are parsed correctly and rules function as expected, you need to make sure that these undiscovered devices are associated with an IP address. Adding a device directly to the CMDB lets you provide the information necessary for FortiSIEM to recognize the device, including associating it with an IP address or range.

Adding Devices to Device Groups

When you add a device to the CMDB manually, make sure to choose the group, such Firewall, Printers, or Storage, in the Device View where you want to add it. If you only add it to the top-most Devices group, it will not be added to the topology map correctly.

  1. Log into your Supervisor node.
  2. Click CMDB.
  3. In the Device View, select Devices, then select the sub-category where you want to add the device.
  4. In the summary pane, click New.
  5. For Summary, Contact, Interfaces, and Properties, enter information for the new device.

Entering Interface Information

When you enter the interface information for the device, make sure to provide the correct IP address and network mask for the interfaces. FortiSIEM will use this network information to generate the Network Segments for the device.

  1. Click Save when you’re done adding the device information.
Related Links

Adding a Synthetic Monitoring Test to a Business Service

Having trouble configuring your Fortinet hardware or have some questions you need answered? Ask your questions in the comments below!!! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Don't Forget To Buy Your Fortinet Hardware From The Fortinet GURU