You need at least 8 GB of RAM for the installation to succeed. If not, the installer will give you weird errors. See below for the difference in output between a successful and unsuccessful installation.
Replace a1redacted-abcd` with your own tenant name and code.
Set a hostname in /etc/hosts for the current IP.
export TMP_IP=$(ip addr | grep 'state UP' -A2 | tail -n1 | awk '{print $2}' | cut -f1 -d'/')
echo $IP myorg-rin1 >> /etc/hosts
Then, run as root:
systemctl stop rsyslog
systemctl disable rsyslog
systemctl stop firewalld
systemctl disable firewalld
useradd securonix
chsh -s /sbin/nologin securonix
echo securonix | passwd --stdin securonix
mkdir /Securonix
chown securonix.securonix -R /Securonix
setenforce 0
cat << EOF >/etc/sudoers.d/securonix
%securonix ALL=(ALL) NOPASSWD: ALL
EOF
sudo -s -u securonix
echo "export INGESTER_HOME=/Securonix/Ingester" >> /home/securonix/.bash_profile
. /home/securonix/.bash_profile
cd /Securonix
tar -zxvf /tmp/SNYPR-RIN-a1redacted-abcd.tgz
cd a1redacted-abcd/RIN/
sh validation.sh pre-check
sh validation.sh prepare-to-install
./Ingester.bin
[securonix@vm-rin-test RIN]$ sh validation.sh post-check
[Sat Sep 4 10:23:35 CEST 2021] INFO: https://a1redacted.securonix.net/Snypr is accessible. Proceeding.
[Sat Sep 4 10:23:35 CEST 2021] INFO: Retrieving kafka information from the application.
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 4699 0 4699 0 0 17524 0 --:--:-- --:--:-- --:--:-- 17533
[Sat Sep 4 10:23:36 CEST 2021] INFO: Kafka information stored in /Securonix/Ingester/conf/kafka.properties
/Securonix/Ingester/conf/kafka.properties
SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
[Sat Sep 4 10:23:41 CEST 2021] INFO: Connection to Kafka broker successfull.
[Sat Sep 4 10:23:41 CEST 2021] ERROR: Ingester service is not running.
Start - sudo systemctl start scnx-ingester
Status - sudo systemctl status scnx-ingester
Stop - sudo systemctl stop scnx-ingester
Restart - sudo systemctl restart scnx-ingester
[securonix@vm-rin-test RIN]$
sudo systemctl start scnx-ingester
- In SNYPR goto Menu -> Administration -> Settings -> Manage Ingesters
- A new RIN should appear shortly. First it will display an error in red "Gateway is down. Please check gateway logs for more information." However it should also show a green dot for the Ingester. The red error should disappear and everything is running. If not check if you performed the /etc/hosts step and start over on a new machine.
cd /Securonix
rm -fr /tmp/_INGESTER_installation/
rm -fr /tmp/Gateway
rm -fr /tmp/Ingester
rm -fr /tmp/Uninstall
rm -fr /tmp/hsperfdata_securonix/
rm -f /tmp/upgradeRin.sh
rm -f /tmp/manifest.txt
rm -fr /tmp/software_update
rm -fr /home/securonix/.cache/
rm -fr /home/securonix/.config/
rm -fr /home/securonix/.oracle_jre_usage/
rm -fr /home/securonix/.com.zerog.registry.xml
rm -fr /home/securonix/.InstallAnywhere/
rm -rf /etc/systemd/system/scnx-*
rm -fr /Securonix/*
Should look like this:
[securonix@vm-rin-test RIN]$ ./Ingester.bin
Preparing to install...
WARNING: /tmp does not have enough disk space!
Attempting to use /home/securonix for install base and tmp dir.
Extracting the JRE from the installer archive...
Unpacking the JRE...
Extracting the installation resources from the installer archive...
Configuring the installer for this system's environment...
Checking for correctness of sudo password
Checking for correctness of sudo password
total 16
drwxrwxr-x 3 securonix securonix 4096 Sep 4 10:17 Linux
drwxrwxr-x 3 securonix securonix 4096 Sep 4 10:17 InstallerData
-rw-rw-r-- 1 securonix securonix 1081 Sep 4 10:17 temp.lax
-rw-rw-r-- 1 securonix securonix 42 Sep 4 10:17 sea_loc
total 16
drwxrwxr-x 3 securonix securonix 4096 Sep 4 10:17 Linux
drwxrwxr-x 3 securonix securonix 4096 Sep 4 10:17 InstallerData
-rw-rw-r-- 1 securonix securonix 1081 Sep 4 10:17 temp.lax
-rw-rw-r-- 1 securonix securonix 42 Sep 4 10:17 sea_loc
Admin Check done and the user is found to be admin: true
RepositoryManager: Trying fallback repository location...
8. final log file name=/Securonix/_INGESTER_installation/Logs/Remote_Ingester_Install_09_04_2021_10_17_45.log
XMLScriptWriter: No Installation Objects were skipped
Sep 04, 2021 10:17:52 AM com.shell.command.saas.MoveInstallBits install
INFO: Ingester folder moved from /tmp to /Securonix
Sep 04, 2021 10:17:52 AM com.shell.command.saas.MoveInstallBits install
INFO: Gateway folder moved from /tmp to /Securonix
Sep 04, 2021 10:17:52 AM com.shell.command.saas.MoveInstallBits install
INFO: software_update folder moved from /tmp to /Securonix
Sep 04, 2021 10:17:52 AM com.shell.command.saas.MoveInstallBits install
INFO: Uninstall folder moved from /tmp to /Securonix
total 16
drwxrwxr-x 3 securonix securonix 4096 Sep 4 10:17 Linux
-rw-rw-r-- 1 securonix securonix 1081 Sep 4 10:17 temp.lax
-rw-rw-r-- 1 securonix securonix 42 Sep 4 10:17 sea_loc
drwxrwxr-x 3 securonix securonix 4096 Sep 4 10:17 InstallerData
total 16
drwxrwxr-x 3 securonix securonix 4096 Sep 4 10:17 Linux
-rw-rw-r-- 1 securonix securonix 1081 Sep 4 10:17 temp.lax
-rw-rw-r-- 1 securonix securonix 42 Sep 4 10:17 sea_loc
drwxrwxr-x 3 securonix securonix 4096 Sep 4 10:17 InstallerData
Base Directory : /Securonix/Ingester/
Proceeding with the install
redhat|7.5
The value of the version: 7.5
The value of the key: redhat
Reached here
el7
Sep 04, 2021 10:17:56 AM com.shell.command.saas.ShellCommandExecutors rpmInstall
INFO: Moved syslog folder under /Securonix
Sep 04, 2021 10:17:56 AM com.shell.command.saas.ShellCommandExecutors rpmInstall
INFO: Updated permissions of syslog folder to executable
Sep 04, 2021 10:17:56 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Current Linux user - securonix
3
/Securonix/a1redacted-abcd/RIN/Ingester.bin
[/bin/sh, -c, cp -R /Securonix/a1redacted-abcd/RIN/conf/* /Securonix/Ingester/conf/]
Sep 04, 2021 10:18:04 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Copied contents of supplied conf folder into Ingester/conf/
Sep 04, 2021 10:18:04 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file ingester-service - Done.
Sep 04, 2021 10:18:08 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Copied file scnx-ingester.service to /etc/systemd/system/
Sep 04, 2021 10:18:12 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changed ownership of scnx-ingester.service to root user
Sep 04, 2021 10:18:16 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changed permissions of scnx-ingester.service to 644
Sep 04, 2021 10:18:20 AM com.shell.command.saas.EditConfigurationFiles install
INFO: ran systemctl daemon-reload
Created symlink from /etc/systemd/system/multi-user.target.wants/scnx-ingester.service to /etc/systemd/system/scnx-ingester.service.
Sep 04, 2021 10:18:24 AM com.shell.command.saas.EditConfigurationFiles install
INFO: scnx-ingester.service is now enabled through systemctl.
Sep 04, 2021 10:18:24 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file gateway-service - Done.
Sep 04, 2021 10:18:28 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Copied file scnx-gateway.service to /etc/systemd/system/
Sep 04, 2021 10:18:32 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changed ownership of scnx-gateway.service to root user
Sep 04, 2021 10:18:36 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changed permissions of scnx-gateway.service to 644
Sep 04, 2021 10:18:40 AM com.shell.command.saas.EditConfigurationFiles install
INFO: ran systemctl daemon-reload
Created symlink from /etc/systemd/system/multi-user.target.wants/scnx-gateway.service to /etc/systemd/system/scnx-gateway.service.
Sep 04, 2021 10:18:44 AM com.shell.command.saas.EditConfigurationFiles install
INFO: scnx-gateway.service is now enabled through systemctl.
Sep 04, 2021 10:18:44 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file syslog-service - Done.
Sep 04, 2021 10:18:48 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Copied file scnx-syslog-ng.service to /etc/systemd/system/
Sep 04, 2021 10:18:52 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changed ownership of scnx-syslog-ng.service to root user
Sep 04, 2021 10:18:56 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changed permissions of scnx-syslog-ng.service to 644
Sep 04, 2021 10:19:00 AM com.shell.command.saas.EditConfigurationFiles install
INFO: ran systemctl daemon-reload
Created symlink from /etc/systemd/system/multi-user.target.wants/scnx-syslog-ng.service to /etc/systemd/system/scnx-syslog-ng.service.
Sep 04, 2021 10:19:04 AM com.shell.command.saas.EditConfigurationFiles install
INFO: scnx-syslog-ng.service is now enabled through systemctl.
Sep 04, 2021 10:19:04 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file disk-monitoring-service - Done.
Sep 04, 2021 10:19:08 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Copied file scnx-ingester.service to /etc/systemd/system/
Sep 04, 2021 10:19:12 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changed ownership of scnx-disk-monitoring.service to root user
Sep 04, 2021 10:19:16 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changed permissions of scnx-disk-monitoring.service to 644
Sep 04, 2021 10:19:20 AM com.shell.command.saas.EditConfigurationFiles install
INFO: ran systemctl daemon-reload
Created symlink from /etc/systemd/system/multi-user.target.wants/scnx-disk-monitoring.service to /etc/systemd/system/scnx-disk-monitoring.service.
Created symlink from /etc/systemd/system/scnx-gateway.service.wants/scnx-disk-monitoring.service to /etc/systemd/system/scnx-disk-monitoring.service.
Sep 04, 2021 10:19:24 AM com.shell.command.saas.EditConfigurationFiles install
INFO: scnx-disk-monitoring.service is now enabled through systemctl.
Sep 04, 2021 10:19:28 AM com.shell.command.saas.EditConfigurationFiles install
INFO: whitelisting systemctl commands for scnx service scripts
sudo: /etc/sudoers.d/wheel is owned by uid 1001, should be 0
[/bin/sh, -c, chmod a+x /Securonix/Gateway/bin/add_cron_job.sh]
[/bin/sh, -c, /Securonix/Gateway/bin/add_cron_job.sh]
Sep 04, 2021 10:19:32 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Adding cron entry for gateway watchdog script
Sep 04, 2021 10:19:32 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Changing permissions of java folder to executable. Done
Sep 04, 2021 10:19:32 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file gateway-commands - Done.
Sep 04, 2021 10:19:32 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file gateway-props - Done.
Sep 04, 2021 10:19:32 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file gateway-log4j2 - Done.
Sep 04, 2021 10:19:32 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file ingester-log4j2 - Done.
Sep 04, 2021 10:19:32 AM com.shell.command.saas.EditConfigurationFiles editConfigs
INFO: Editing file syslog-conf - Done.
Sep 04, 2021 10:19:32 AM com.shell.command.saas.EditConfigurationFiles install
INFO: $INGESTER_HOME environment vatiable is set under /home/securonix/.bash_profile
Checking for correctness of sudo password
Checking for correctness of sudo password
Entered tokengen step
Sep 04, 2021 10:19:32 AM com.shell.command.onprem.TokenGen install
INFO: Token is already present in ingestercloud.properties file. Proceeding without generating Token.
Retrying Installables deferred in pass 0
Deferral retries done because:
There were no deferrals in the last pass.
8. final log file name=/Securonix/_INGESTER_installation/Logs/Remote_Ingester_Install_09_04_2021_10_17_45.log
An example where something went wrong because you chose to create a VM with only 4 GB RAM.
[securonix@vm-rin-test RIN]$ ./Ingester.bin
Preparing to install...
WARNING: /tmp does not have enough disk space!
Attempting to use /home/securonix for install base and tmp dir.
Extracting the JRE from the installer archive...
Unpacking the JRE...
Extracting the installation resources from the installer archive...
Configuring the installer for this system's environment...
Checking for correctness of sudo password
Checking for correctness of sudo password
total 16
drwxrwxr-x 3 securonix securonix 4096 Sep 4 10:07 Linux
drwxrwxr-x 3 securonix securonix 4096 Sep 4 10:08 InstallerData
-rw-rw-r-- 1 securonix securonix 1081 Sep 4 10:08 temp.lax
-rw-rw-r-- 1 securonix securonix 42 Sep 4 10:08 sea_loc
total 16
drwxrwxr-x 3 securonix securonix 4096 Sep 4 10:07 Linux
drwxrwxr-x 3 securonix securonix 4096 Sep 4 10:08 InstallerData
-rw-rw-r-- 1 securonix securonix 1081 Sep 4 10:08 temp.lax
-rw-rw-r-- 1 securonix securonix 42 Sep 4 10:08 sea_loc
Admin Check done and the user is found to be admin: true
RepositoryManager: Trying fallback repository location...
8. final log file name=/Securonix/_INGESTER_installation/Logs/Remote_Ingester_Install_09_04_2021_10_08_14.log
XMLScriptWriter: No Installation Objects were skipped
Sep 04, 2021 10:08:22 AM com.shell.command.saas.MoveInstallBits install
INFO: Ingester folder moved from /tmp to /Securonix
Sep 04, 2021 10:08:22 AM com.shell.command.saas.MoveInstallBits install
INFO: Gateway folder moved from /tmp to /Securonix
Sep 04, 2021 10:08:22 AM com.shell.command.saas.MoveInstallBits install
INFO: software_update folder moved from /tmp to /Securonix
Sep 04, 2021 10:08:22 AM com.shell.command.saas.MoveInstallBits install
INFO: Uninstall folder moved from /tmp to /Securonix
total 16
drwxrwxr-x 3 securonix securonix 4096 Sep 4 10:07 Linux
-rw-rw-r-- 1 securonix securonix 1081 Sep 4 10:08 temp.lax
-rw-rw-r-- 1 securonix securonix 42 Sep 4 10:08 sea_loc
drwxrwxr-x 3 securonix securonix 4096 Sep 4 10:08 InstallerData
total 16
drwxrwxr-x 3 securonix securonix 4096 Sep 4 10:07 Linux
-rw-rw-r-- 1 securonix securonix 1081 Sep 4 10:08 temp.lax
-rw-rw-r-- 1 securonix securonix 42 Sep 4 10:08 sea_loc
drwxrwxr-x 3 securonix securonix 4096 Sep 4 10:08 InstallerData
Base Directory : /Securonix/Ingester/
Proceeding with the install
redhat|7.5
The value of the version: 7.5
The value of the key: redhat
Reached here
el7
Sep 04, 2021 10:08:26 AM com.shell.command.saas.ShellCommandExecutors rpmInstall
INFO: Moved syslog folder under /Securonix
Sep 04, 2021 10:08:26 AM com.shell.command.saas.ShellCommandExecutors rpmInstall
INFO: Updated permissions of syslog folder to executable
Sep 04, 2021 10:08:26 AM com.shell.command.saas.EditConfigurationFiles install
INFO: Current Linux user - securonix
3
Sep 04, 2021 10:08:30 AM com.shell.command.saas.ShellCommandExecutors executeCommandWithAdminPrivileges
SEVERE: null
java.io.IOException: Stream closed
at java.lang.ProcessBuilder$NullOutputStream.write(ProcessBuilder.java:433)
at java.io.OutputStream.write(OutputStream.java:116)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
at com.shell.command.saas.ShellCommandExecutors.executeCommandWithAdminPrivileges(ShellCommandExecutors.java:141)
at com.shell.command.saas.EditConfigurationFiles.install(EditConfigurationFiles.java:88)
at com.zerog.ia.installer.actions.CustomAction.installSelf(Unknown Source)
at com.zerog.ia.installer.InstallablePiece.install(Unknown Source)
at com.zerog.ia.installer.InstallablePiece.install(Unknown Source)
at com.zerog.ia.installer.GhostDirectory.install(Unknown Source)
at com.zerog.ia.installer.InstallablePiece.install(Unknown Source)
at com.zerog.ia.installer.Installer.install(Unknown Source)
at com.zerog.ia.installer.LifeCycleManager.consoleInstallMain(Unknown Source)
at com.zerog.ia.installer.LifeCycleManager.executeApplication(Unknown Source)
at com.zerog.ia.installer.Main.main(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.zerog.lax.LAX.launch(Unknown Source)
at com.zerog.lax.LAX.main(Unknown Source)
Execute Custom Code
class com.shell.command.saas.EditConfigurationFiles.install() runtime exception:
java.lang.NullPointerException
at com.shell.command.saas.EditConfigurationFiles.install(EditConfigurationFiles.java:90)
at com.zerog.ia.installer.actions.CustomAction.installSelf(Unknown Source)
at com.zerog.ia.installer.InstallablePiece.install(Unknown Source)
at com.zerog.ia.installer.InstallablePiece.install(Unknown Source)
at com.zerog.ia.installer.GhostDirectory.install(Unknown Source)
at com.zerog.ia.installer.InstallablePiece.install(Unknown Source)
at com.zerog.ia.installer.Installer.install(Unknown Source)
at com.zerog.ia.installer.LifeCycleManager.consoleInstallMain(Unknown Source)
at com.zerog.ia.installer.LifeCycleManager.executeApplication(Unknown Source)
at com.zerog.ia.installer.Main.main(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.zerog.lax.LAX.launch(Unknown Source)
at com.zerog.lax.LAX.main(Unknown Source)
Checking for correctness of sudo password
Checking for correctness of sudo password
Entered tokengen step
Sep 04, 2021 10:08:30 AM com.shell.command.onprem.TokenGen install
INFO: Token is already present in ingestercloud.properties file. Proceeding without generating Token.
Retrying Installables deferred in pass 0
Deferral retries done because:
There were no deferrals in the last pass.
8. final log file name=/Securonix/_INGESTER_installation/Logs/Remote_Ingester_Install_09_04_2021_10_08_14.log