The aim of this guide is to provide detailed, step-by-step instructions on how to set up and install syslog-ng Store Box in an Amazon Web Services (AWS) virtual environment.
NOTE: When setting up a virtual environment, carefully consider the configuration aspects such as CPU, memory availability, I/O subsystem, and network infrastructure to ensure the virtual layer has the necessary resources available. Please consult One Identity's Product Support Policies for more information on environment virtualization.
The document comprises the following sections:
Prerequisites collects the requirements that you must comply with before deploying SSB on AWS.
Limitations lists the limitations that apply when installing SSB in an AWS virtual environment.
Installing SSB on Amazon Web Services describes how to install SSB in an AWS virtual environment.
The following prerequisites must be met before deploying SSB on Amazon Web Services:
You have a valid One Identity syslog-ng Store Box license.
syslog-ng Store Box uses the "Bring your own license" model. Note that to deploy two active SSB nodes as an availability set, you must purchase two standalone SSB licenses. To purchase a license, contact our Sales Team.
You have an Amazon Web Services account and privileges to access the Amazon Elastic Compute Cloud (EC2) service.
You have secure access to your Amazon Virtual Private Cloud (VPC) resources, for example, through the use of a Virtual Private Network (VPN).
You have working knowledge of the SSB installation process.
You have familiarity with AWS EC2.
The following limitations apply when deploying SSB on Amazon Web Services:
If High Availability (HA) operation mode is required in a virtual environment, use the HA function provided by the virtual environment.
Hardware-related alerts and status indicators of SSB may display inaccurate information, for example, display degraded RAID status.
When running SSB in a virtual environment, it is sufficient to use a single network interface.
During AWS installation, connecting directly to the Internet using a public IP address is not supported. Instead, you must access the Internet via a Virtual Private Network or a jump host.
For more information about AWS and installing SSB on AWS, see Installing SSB on Amazon Web Services.
By default, the publicly available SSB AMIs can be found under Services > AWS Management Console > AWS services > EC2, in the US West (Oregon) region.
Figure 1: Services > AWS Management Console > AWS services > EC2 - Publicly available AMIs under the US West (Oregon) region
If you need a region other than the standard US West (Oregon), you have to copy the AMIs to the destination region of your choice.
To copy your SSB AMIs on AWS to the destination region of your choice
Enter your AWS Services account, and navigate to Services > AWS Management Console > AWS services > EC2.
Navigate to Images > AMIs, then filter the available AMIs for SSB 6 versions.
TIP: The ssb 6 search expression will filter for the AMIs of all available release versions of SSB within the 6 release set. For more information about release version numbering in SSB, see the description of LTS and Feature releases under the syslog-ng Store Box Product Life Cycle table.
Figure 2: Images > AMIs - Available AMIs after filtering for SSB 6 versions
Select the SSB AMI of your choice (for example, SSB 6.0.1), then select Actions > Copy, and select the Destination region of your choice (for example, Asia Pacific (Tokyo), in this example).
Figure 3: Images > AMIs > Actions > Copy AMI pop-up window opened from <the AMI of your choice> - Customizing your AMI copying preferences
(Optional) Enter a Description for the AMI you want to copy, and enable Encryption if you prefer to use it.
TIP: If you are not sure what enabling Encryption results in, click (info) next to Encrypt target EBS snapshots.
Click Copy AMI to finish copying the AMI of your choice with the settings you customize.