Chat now with support
Chat with Support

syslog-ng Store Box 6.10.0 - Installation Guide

Introduction

The aim of this guide is to provide detailed, step-by-step instructions on how to set up and install syslog-ng Store Box on unpacking it and any subsequent occasions that might require the re-installation of the product.

Note that the contents of this document were previously included in the syslog-ng Store Box Administrator Guide. This standalone guide was created to:

  • Improve how information is organized in the syslog-ng Store Box documentation set.

  • Make it easier for users to find information relevant to their roles, context, and how they use the product.

Package contents inventory

Carefully unpack all server components from the packing cartons. The following items should be packaged with the syslog-ng Store Box:

  • A syslog-ng Store Box appliance, pre-installed with the latest syslog-ng Store Box firmware.

  • syslog-ng Store Box accessory kit, including the following:

    • syslog-ng Store Box 6.10.0 Packaging Checklist (this document).

    • GPL v2.0 license.

  • Rack mount hardware.

  • Power cable.

The default BIOS and IPMI passwords are in the documentation.

syslog-ng Store Box Hardware Installation Guide

This section describes how to set up the syslog-ng Store Box (SSB) hardware. Refer to the following documents for step-by-step instructions:

The manuals are also available online at the syslog-ng Store Box Documentation page. Note that SSB hardware is built to custom specifications: CPU, memory, network card, and storage options differ from the stock chassis. You can find the hardware specifications in "Hardware specifications" in the Installation Guide.

Installing the SSB hardware

The following section describes how to install a single syslog-ng Store Box (SSB) unit.

To install a single SSB unit

  1. Unpack SSB.

  2. Optional step: Install SSB into a rack with the slide rails. Slide rails are available for all SSB appliances.

  3. Connect the cables.

    1. For general networks:

      Connect the Ethernet cable facing your LAN to the Ethernet connector labeled 1. This is the external interface of SSB. This interface is used for the initial configuration of SSB, and for communication between SSB and the clients. (For details on the roles of the different interfaces, see "Network interfaces" in the Administration Guide.)

      For 10Gbit-only networks:

      Connect the cable facing your LAN to the SFP+ connector labeled 5. This is the external interface of SSB. This interface is used for the initial configuration of SSB, and for communication between SSB and the clients. (For details on the roles of the different interfaces, see "Network interfaces" in the Administration Guide.)

      NOTE: Only Intel-based SFP+ transceivers are compatible with the Intel 82599EB host chipset found in SSB.

      The following Intel-based optical and Direct Attached Copper (DAC) SFP+ transceivers have been tested successfully with SSB, but in the future, their compatibility with SSB is not guaranteed:

      • AOC-E10GSFPSR (optical)

      • SFP-10GE-SR (DAC)

      • FTLX8571D3BCVIT1 (DAC)

      For a list of Intel-based connectors that may be compatible with the Intel 82599EB host chipset found in SSB, see the 82599-BASED ADAPTERS section on the Linux* Base Driver for the Intel(R) Ethernet 10 Gigabit PCI Express Adapters page at 82599-BASED ADAPTERS/Linux* Base Driver for the Intel(R) Ethernet 10 Gigabit PCI Express Adapters.

      Caution:

      Do not leave any unused SFP/SFP+ transceiver in the 10Gbit interface. It may cause network outage.

    2. Connect an Ethernet cable that you can use to remotely support the SSB hardware to the IPMI interface of SSB. For details, see the following documents:

      For syslog-ng Store Box (SSB) Appliance 3000 and 3500, see the Latest IPMI firmware for Syslog-ng Store Box 3000/3500 and One Identity Safeguard for Privileged Sessions 3000/3500 appliances.

      For syslog-ng Store Box (SSB) T1 and syslog-ng Store Box (SSB) T4, see the IPMI User's Guide.

      Caution:

      Connect the IPMI before plugging in the power cord. Failing to do so will result in IPMI failure.

      Caution: SECURITY HAZARD!

      The IPMI interface, like all out-of-band management interfaces, has known vulnerabilities that One Identity cannot fix or have an effect on. To avoid security hazards, One Identity recommends that you only connect the IPMI interface to well-protected, separated management networks with restricted accessibility. Failing to do so may result in an unauthorized access to all data stored on the SSB appliance. Data on the appliance can be unencrypted or encrypted, and can include sensitive information, for example, passwords, decryption keys, private keys, and so on.

      For more information, see Best Practices for managing servers with IPMI features enabled in Datacenters.

      NOTE: The administrator of SSB must be authorized and able to access the IPMI interface for support and troubleshooting purposes in case vendor support is needed.

      The following ports are used by the IPMI interface:

      • Port 623 (UDP): IPMI (cannot be changed)

      • Port 5123 (UDP): floppy (cannot be changed)

      • Port 5901 (TCP): video display (configurable)

      • Port 5900 (TCP): HID (configurable)

      • Port 5120 (TCP): CD (configurable)

      • Port 80 (TCP): HTTP (configurable)

    3. Optional step: Connect the Ethernet cable to be used for managing SSB after its initial configuration to the Ethernet connector labeled 2. This is the management interface of SSB. (For details on the roles of the different interfaces, see "Network interfaces" in the Administration Guide.)

    4. Optional step: Connect the Ethernet cable connecting SSB to another SSB node to the Ethernet connector labeled 4. This is the high availability (HA) interface of SSB. (For details on the roles of the different interfaces, see "Network interfaces" in the Administration Guide.)

  4. Power on the hardware.

  5. Change the BIOS password on the syslog-ng Store Box. The default password is ADMIN or changeme, depending on your hardware.

  6. Change the IPMI password on the syslog-ng Store Box. The default password is ADMIN or changeme, depending on your hardware.

    NOTE:Ensure that you have the latest version of IPMI firmware installed. You can download the relevant firmware from the One Identity Knowledge Base:

    To change the IPMI password, connect to the IPMI remote console.

    NOTE: If you encounter issues when connecting to the IPMI remote console, add the DNS name or the IP address of the IPMI interface to the exception list (whitelist) of the Java console. For details on how to do this, see the Java FAQ entry titled How can I configure the Exception Site List?.

  7. Following boot, SSB attempts to receive an IP address automatically via DHCP. If it fails to obtain an automatic IP address, it starts listening for HTTPS connections on the 192.168.1.1 IP address.

    To configure SSB to listen for connections on a custom IP address, complete the following steps:

    1. Access SSB from the local console, and log in with username root and password default.

    2. In the Console Menu, select Shells > Core shell.

    3. Change the IP address of SSB:

      ip addr add <IP-address>/24 dev eth0

      Replace <IP-address> with an IPv4 address suitable for your environment.

    4. Set the default gateway using the following command:

      ip route add default via <IP-of-default-gateway>

      Replace <IP-of-default-gateway> with the IP address of the default gateway.

    5. Type exit, then select Logout from the Console Menu.

  8. Connect to the SSB web interface from a client machine and complete the Welcome Wizard as described in "The Welcome Wizard and the first login" in the Administration Guide.

    NOTE: The syslog-ng Store Box Administrator Guide is available on the syslog-ng Store Box Documentation page.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating