Skip to content

Instantly share code, notes, and snippets.

@jorritfolmer

jorritfolmer/securonix-rin-installation.md

Last active December 21, 2021 15:53
Show Gist options
  • Save jorritfolmer/939778c6b8c7a877cc5ed4d635f99ed8 to your computer and use it in GitHub Desktop.
Save jorritfolmer/939778c6b8c7a877cc5ed4d635f99ed8 to your computer and use it in GitHub Desktop.
Download ZIP
Securonix RIN installation
Raw
securonix-rin-installation.md

Securonix RIN installation

Prerequisites

You need at least 8 GB of RAM for the installation to succeed. If not, the installer will give you weird errors. See below for the difference in output between a successful and unsuccessful installation.

Replace a1redacted-abcd` with your own tenant name and code.

Preparation

Set a hostname in /etc/hosts for the current IP.

export TMP_IP=$(ip addr | grep 'state UP' -A2 | tail -n1 | awk '{print $2}' | cut -f1  -d'/')
echo $IP myorg-rin1 >> /etc/hosts

Then, run as root:

systemctl stop rsyslog
systemctl disable rsyslog
systemctl stop firewalld
systemctl disable firewalld
useradd securonix
chsh -s /sbin/nologin securonix
echo securonix | passwd --stdin securonix
mkdir /Securonix
chown securonix.securonix -R /Securonix
setenforce 0
cat << EOF >/etc/sudoers.d/securonix
%securonix ALL=(ALL) NOPASSWD: ALL
EOF

Running the installer

sudo -s -u securonix
echo "export INGESTER_HOME=/Securonix/Ingester" >> /home/securonix/.bash_profile
. /home/securonix/.bash_profile
cd /Securonix
tar -zxvf /tmp/SNYPR-RIN-a1redacted-abcd.tgz
cd a1redacted-abcd/RIN/
sh validation.sh pre-check
sh validation.sh prepare-to-install
./Ingester.bin

Running post-check

[securonix@vm-rin-test RIN]$ sh validation.sh post-check
[Sat Sep  4 10:23:35 CEST 2021] INFO: https://a1redacted.securonix.net/Snypr is accessible. Proceeding.
[Sat Sep  4 10:23:35 CEST 2021] INFO: Retrieving kafka information from the application.
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  4699    0  4699    0     0  17524      0 --:--:-- --:--:-- --:--:-- 17533
[Sat Sep  4 10:23:36 CEST 2021] INFO: Kafka information stored in /Securonix/Ingester/conf/kafka.properties
/Securonix/Ingester/conf/kafka.properties
SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
[Sat Sep  4 10:23:41 CEST 2021] INFO: Connection to Kafka broker successfull.
[Sat Sep  4 10:23:41 CEST 2021] ERROR: Ingester service is not running.

				Start -   sudo systemctl start scnx-ingester
                                Status -  sudo systemctl status scnx-ingester
                                Stop -    sudo systemctl stop scnx-ingester
                                Restart - sudo systemctl restart scnx-ingester

[securonix@vm-rin-test RIN]$

Starting

  1. sudo systemctl start scnx-ingester
  2. In SNYPR goto Menu -> Administration -> Settings -> Manage Ingesters
  3. A new RIN should appear shortly. First it will display an error in red "Gateway is down. Please check gateway logs for more information." However it should also show a green dot for the Ingester. The red error should disappear and everything is running. If not check if you performed the /etc/hosts step and start over on a new machine.

Starting over after a failed install

cd /Securonix
rm -fr /tmp/_INGESTER_installation/
rm -fr /tmp/Gateway
rm -fr /tmp/Ingester
rm -fr /tmp/Uninstall
rm -fr /tmp/hsperfdata_securonix/
rm -f /tmp/upgradeRin.sh
rm -f /tmp/manifest.txt
rm -fr /tmp/software_update
rm -fr /home/securonix/.cache/
rm -fr /home/securonix/.config/
rm -fr /home/securonix/.oracle_jre_usage/
rm -fr /home/securonix/.com.zerog.registry.xml
rm -fr /home/securonix/.InstallAnywhere/
rm -rf /etc/systemd/system/scnx-*
rm -fr /Securonix/*

Output of a successful RIN installation:

Should look like this:

[securonix@vm-rin-test RIN]$ ./Ingester.bin 
Preparing to install...
WARNING: /tmp does not have enough disk space!
         Attempting to use /home/securonix for install base and tmp dir.
Extracting the JRE from the installer archive...
Unpacking the JRE...
Extracting the installation resources from the installer archive...
Configuring the installer for this system's environment...




Checking for correctness of sudo password
Checking for correctness of sudo password
total 16
drwxrwxr-x 3 securonix securonix 4096 Sep  4 10:17 Linux
drwxrwxr-x 3 securonix securonix 4096 Sep  4 10:17 InstallerData
-rw-rw-r-- 1 securonix securonix 1081 Sep  4 10:17 temp.lax
-rw-rw-r-- 1 securonix securonix   42 Sep  4 10:17 sea_loc
total 16
drwxrwxr-x 3 securonix securonix 4096 Sep  4 10:17 Linux
drwxrwxr-x 3 securonix securonix 4096 Sep  4 10:17 InstallerData
-rw-rw-r-- 1 securonix securonix 1081 Sep  4 10:17 temp.lax
-rw-rw-r-- 1 securonix securonix   42 Sep  4 10:17 sea_loc

Admin Check done and the user is found to be admin: true
RepositoryManager: Trying fallback repository location...
8. final log file name=/Securonix/_INGESTER_installation/Logs/Remote_Ingester_Install_09_04_2021_10_17_45.log
XMLScriptWriter: No Installation Objects were skipped
Sep 04, 2021 10:17:52 AM com.shell.command.saas.MoveInstallBits install
INFO: Ingester folder moved from /tmp to /Securonix
Sep 04, 2021 10:17:52 AM com.shell.command.saas.MoveInstallBits install
INFO: Gateway folder moved from /tmp to /Securonix
Sep 04, 2021 10:17:52 AM com.shell.command.saas.MoveInstallBits install
INFO: software_update folder moved from /tmp to /Securonix
Sep 04, 2021 10:17:52 AM com.shell.command.saas.MoveInstallBits install
INFO: Uninstall folder moved from /tmp to /Securonix
total 16
drwxrwxr-x 3 securonix securonix 4096 Sep  4 10:17 Linux
-rw-rw-r-- 1 securonix securonix 1081 Sep  4 10:17 temp.lax
-rw-rw-r-- 1 securonix securonix   42 Sep  4 10:17 sea_loc
drwxrwxr-x 3 securonix securonix 4096 Sep  4 10:17 InstallerData
total 16
drwxrwxr-x 3 securonix securonix 4096 Sep  4 10:17 Linux
-rw-rw-r-- 1 securonix securonix 1081 Sep  4 10:17 temp.lax
-rw-rw-r-- 1 securonix securonix   42 Sep  4 10:17 sea_loc
drwxrwxr-x 3 securonix securonix 4096 Sep  4 10:17 InstallerData

Base Directory : /Securonix/Ingester/
Proceeding with the install

redhat|7.5
The value of the version: 7.5
The value of the key: redhat
Reached here
el7
Sep 04, 2021 10:17:56 AM com.shell.command.saas.ShellCommandExecutors rpmInstall
INFO: Moved syslog folder under /Securonix
Sep 04, 2021 10:17:56 AM com.shell.command.saas.ShellCommandExecutors rpmInstall
INFO: Updated permissions of syslog folder to executable
Sep 04, 2021 10:17:56 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Current Linux user - securonix
3
/Securonix/a1redacted-abcd/RIN/Ingester.bin
[/bin/sh, -c, cp -R /Securonix/a1redacted-abcd/RIN/conf/* /Securonix/Ingester/conf/]
Sep 04, 2021 10:18:04 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Copied contents of supplied conf folder into Ingester/conf/
Sep 04, 2021 10:18:04 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file  ingester-service - Done.
Sep 04, 2021 10:18:08 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Copied file scnx-ingester.service to /etc/systemd/system/
Sep 04, 2021 10:18:12 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changed ownership of scnx-ingester.service to root user
Sep 04, 2021 10:18:16 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changed permissions of scnx-ingester.service to 644
Sep 04, 2021 10:18:20 AM com.shell.command.saas.EditConfigurationFiles install
INFO: ran systemctl daemon-reload
Created symlink from /etc/systemd/system/multi-user.target.wants/scnx-ingester.service to /etc/systemd/system/scnx-ingester.service.
Sep 04, 2021 10:18:24 AM com.shell.command.saas.EditConfigurationFiles install
INFO: scnx-ingester.service is now enabled through systemctl.
Sep 04, 2021 10:18:24 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file  gateway-service - Done.
Sep 04, 2021 10:18:28 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Copied file scnx-gateway.service to /etc/systemd/system/
Sep 04, 2021 10:18:32 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changed ownership of scnx-gateway.service to root user
Sep 04, 2021 10:18:36 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changed permissions of scnx-gateway.service to 644
Sep 04, 2021 10:18:40 AM com.shell.command.saas.EditConfigurationFiles install
INFO: ran systemctl daemon-reload
Created symlink from /etc/systemd/system/multi-user.target.wants/scnx-gateway.service to /etc/systemd/system/scnx-gateway.service.
Sep 04, 2021 10:18:44 AM com.shell.command.saas.EditConfigurationFiles install
INFO: scnx-gateway.service is now enabled through systemctl.
Sep 04, 2021 10:18:44 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file  syslog-service - Done.
Sep 04, 2021 10:18:48 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Copied file scnx-syslog-ng.service to /etc/systemd/system/
Sep 04, 2021 10:18:52 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changed ownership of scnx-syslog-ng.service to root user
Sep 04, 2021 10:18:56 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changed permissions of scnx-syslog-ng.service to 644
Sep 04, 2021 10:19:00 AM com.shell.command.saas.EditConfigurationFiles install
INFO: ran systemctl daemon-reload
Created symlink from /etc/systemd/system/multi-user.target.wants/scnx-syslog-ng.service to /etc/systemd/system/scnx-syslog-ng.service.
Sep 04, 2021 10:19:04 AM com.shell.command.saas.EditConfigurationFiles install
INFO: scnx-syslog-ng.service is now enabled through systemctl.
Sep 04, 2021 10:19:04 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file  disk-monitoring-service - Done.
Sep 04, 2021 10:19:08 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Copied file scnx-ingester.service to /etc/systemd/system/
Sep 04, 2021 10:19:12 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changed ownership of scnx-disk-monitoring.service to root user
Sep 04, 2021 10:19:16 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changed permissions of scnx-disk-monitoring.service to 644
Sep 04, 2021 10:19:20 AM com.shell.command.saas.EditConfigurationFiles install
INFO: ran systemctl daemon-reload
Created symlink from /etc/systemd/system/multi-user.target.wants/scnx-disk-monitoring.service to /etc/systemd/system/scnx-disk-monitoring.service.
Created symlink from /etc/systemd/system/scnx-gateway.service.wants/scnx-disk-monitoring.service to /etc/systemd/system/scnx-disk-monitoring.service.
Sep 04, 2021 10:19:24 AM com.shell.command.saas.EditConfigurationFiles install
INFO: scnx-disk-monitoring.service is now enabled through systemctl.
Sep 04, 2021 10:19:28 AM com.shell.command.saas.EditConfigurationFiles install
INFO: whitelisting systemctl commands for scnx service scripts
sudo: /etc/sudoers.d/wheel is owned by uid 1001, should be 0
[/bin/sh, -c, chmod a+x /Securonix/Gateway/bin/add_cron_job.sh]
[/bin/sh, -c, /Securonix/Gateway/bin/add_cron_job.sh]
Sep 04, 2021 10:19:32 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Adding cron entry for gateway watchdog script
Sep 04, 2021 10:19:32 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changing permissions of java folder to executable. Done
Sep 04, 2021 10:19:32 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file  gateway-commands - Done.
Sep 04, 2021 10:19:32 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file  gateway-props - Done.
Sep 04, 2021 10:19:32 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file  gateway-log4j2 - Done.
Sep 04, 2021 10:19:32 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file  ingester-log4j2 - Done.
Sep 04, 2021 10:19:32 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file  syslog-conf - Done.
Sep 04, 2021 10:19:32 AM com.shell.command.saas.EditConfigurationFiles install
INFO: $INGESTER_HOME environment vatiable is set under /home/securonix/.bash_profile
Checking for correctness of sudo password
Checking for correctness of sudo password
Entered tokengen step
Sep 04, 2021 10:19:32 AM com.shell.command.onprem.TokenGen install
INFO: Token is already present in ingestercloud.properties file. Proceeding without generating Token.
Retrying Installables deferred in pass 0
Deferral retries done because: 
There were no deferrals in the last pass.
8. final log file name=/Securonix/_INGESTER_installation/Logs/Remote_Ingester_Install_09_04_2021_10_17_45.log

Output of unsuccessful RIN installation

An example where something went wrong because you chose to create a VM with only 4 GB RAM.

[securonix@vm-rin-test RIN]$ ./Ingester.bin 
Preparing to install...
WARNING: /tmp does not have enough disk space!
         Attempting to use /home/securonix for install base and tmp dir.
Extracting the JRE from the installer archive...
Unpacking the JRE...
Extracting the installation resources from the installer archive...
Configuring the installer for this system's environment...




Checking for correctness of sudo password
Checking for correctness of sudo password
total 16
drwxrwxr-x 3 securonix securonix 4096 Sep  4 10:07 Linux
drwxrwxr-x 3 securonix securonix 4096 Sep  4 10:08 InstallerData
-rw-rw-r-- 1 securonix securonix 1081 Sep  4 10:08 temp.lax
-rw-rw-r-- 1 securonix securonix   42 Sep  4 10:08 sea_loc
total 16
drwxrwxr-x 3 securonix securonix 4096 Sep  4 10:07 Linux
drwxrwxr-x 3 securonix securonix 4096 Sep  4 10:08 InstallerData
-rw-rw-r-- 1 securonix securonix 1081 Sep  4 10:08 temp.lax
-rw-rw-r-- 1 securonix securonix   42 Sep  4 10:08 sea_loc

Admin Check done and the user is found to be admin: true
RepositoryManager: Trying fallback repository location...
8. final log file name=/Securonix/_INGESTER_installation/Logs/Remote_Ingester_Install_09_04_2021_10_08_14.log
XMLScriptWriter: No Installation Objects were skipped
Sep 04, 2021 10:08:22 AM com.shell.command.saas.MoveInstallBits install
INFO: Ingester folder moved from /tmp to /Securonix
Sep 04, 2021 10:08:22 AM com.shell.command.saas.MoveInstallBits install
INFO: Gateway folder moved from /tmp to /Securonix
Sep 04, 2021 10:08:22 AM com.shell.command.saas.MoveInstallBits install
INFO: software_update folder moved from /tmp to /Securonix
Sep 04, 2021 10:08:22 AM com.shell.command.saas.MoveInstallBits install
INFO: Uninstall folder moved from /tmp to /Securonix
total 16
drwxrwxr-x 3 securonix securonix 4096 Sep  4 10:07 Linux
-rw-rw-r-- 1 securonix securonix 1081 Sep  4 10:08 temp.lax
-rw-rw-r-- 1 securonix securonix   42 Sep  4 10:08 sea_loc
drwxrwxr-x 3 securonix securonix 4096 Sep  4 10:08 InstallerData
total 16
drwxrwxr-x 3 securonix securonix 4096 Sep  4 10:07 Linux
-rw-rw-r-- 1 securonix securonix 1081 Sep  4 10:08 temp.lax
-rw-rw-r-- 1 securonix securonix   42 Sep  4 10:08 sea_loc
drwxrwxr-x 3 securonix securonix 4096 Sep  4 10:08 InstallerData

Base Directory : /Securonix/Ingester/
Proceeding with the install

redhat|7.5
The value of the version: 7.5
The value of the key: redhat
Reached here
el7
Sep 04, 2021 10:08:26 AM com.shell.command.saas.ShellCommandExecutors rpmInstall
INFO: Moved syslog folder under /Securonix
Sep 04, 2021 10:08:26 AM com.shell.command.saas.ShellCommandExecutors rpmInstall
INFO: Updated permissions of syslog folder to executable
Sep 04, 2021 10:08:26 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Current Linux user - securonix
3
Sep 04, 2021 10:08:30 AM com.shell.command.saas.ShellCommandExecutors executeCommandWithAdminPrivileges
SEVERE: null
java.io.IOException: Stream closed
	at java.lang.ProcessBuilder$NullOutputStream.write(ProcessBuilder.java:433)
	at java.io.OutputStream.write(OutputStream.java:116)
	at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
	at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
	at com.shell.command.saas.ShellCommandExecutors.executeCommandWithAdminPrivileges(ShellCommandExecutors.java:141)
	at com.shell.command.saas.EditConfigurationFiles.install(EditConfigurationFiles.java:88)
	at com.zerog.ia.installer.actions.CustomAction.installSelf(Unknown Source)
	at com.zerog.ia.installer.InstallablePiece.install(Unknown Source)
	at com.zerog.ia.installer.InstallablePiece.install(Unknown Source)
	at com.zerog.ia.installer.GhostDirectory.install(Unknown Source)
	at com.zerog.ia.installer.InstallablePiece.install(Unknown Source)
	at com.zerog.ia.installer.Installer.install(Unknown Source)
	at com.zerog.ia.installer.LifeCycleManager.consoleInstallMain(Unknown Source)
	at com.zerog.ia.installer.LifeCycleManager.executeApplication(Unknown Source)
	at com.zerog.ia.installer.Main.main(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at com.zerog.lax.LAX.launch(Unknown Source)
	at com.zerog.lax.LAX.main(Unknown Source)

Execute Custom Code
    class com.shell.command.saas.EditConfigurationFiles.install() runtime exception:
java.lang.NullPointerException
	at com.shell.command.saas.EditConfigurationFiles.install(EditConfigurationFiles.java:90)
	at com.zerog.ia.installer.actions.CustomAction.installSelf(Unknown Source)
	at com.zerog.ia.installer.InstallablePiece.install(Unknown Source)
	at com.zerog.ia.installer.InstallablePiece.install(Unknown Source)
	at com.zerog.ia.installer.GhostDirectory.install(Unknown Source)
	at com.zerog.ia.installer.InstallablePiece.install(Unknown Source)
	at com.zerog.ia.installer.Installer.install(Unknown Source)
	at com.zerog.ia.installer.LifeCycleManager.consoleInstallMain(Unknown Source)
	at com.zerog.ia.installer.LifeCycleManager.executeApplication(Unknown Source)
	at com.zerog.ia.installer.Main.main(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at com.zerog.lax.LAX.launch(Unknown Source)
	at com.zerog.lax.LAX.main(Unknown Source)
Checking for correctness of sudo password
Checking for correctness of sudo password
Entered tokengen step
Sep 04, 2021 10:08:30 AM com.shell.command.onprem.TokenGen install
INFO: Token is already present in ingestercloud.properties file. Proceeding without generating Token.
Retrying Installables deferred in pass 0
Deferral retries done because: 
There were no deferrals in the last pass.
8. final log file name=/Securonix/_INGESTER_installation/Logs/Remote_Ingester_Install_09_04_2021_10_08_14.log
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment