Troubleshooting SaltMiner Installation and Configuration

Some Stuff Here

  • Blah

Package Updates and Installation

 

Check to make sure everything is up to date:

  • sudo yum update
  • sudo yum upgrade

Install .net runtime:

  • sudo yum install -y aspnetcore-runtime-6.0

Install nginx:

  • sudo yum install -y nginx

Edit nginx configuration file – change user to nginx and change ports if needed for production system:

  • sudo nano /etc/nginx/nginx.conf

* copy and paste contents of default template from SaltMiner Help Desk

[URL HERE?]

Enable and start nginx service:

  • sudo systemctl enable nginx
  • sudo systemcrl start nginx

**If start fails check system journal:

  • sudo journalctl -xe -u nginx

Confirm status:

  • sudo systemctl status nginx

Install Elasticsearch and Kibana

  • sudo rpm –import https://artifacts.elastic.co/GPG-KEY-elasticsearch
  • sudo nano /etc/yum.repos.d/elasticsearch.repo

paste the following into the file:

[elasticsearch]

name=Elasticsearch repository for 7.x packages

baseurl=https://artifacts.elastic.co/packages/7.x/yum

gppcheck=1

gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch

enabled=0

type=rpm-md

 

  • sudo yum install –enablerepo=elasticsearch elasticsearch

**yum will check size and ask “Is this ok?” It will not proceed until you answer [y]es

 

  • sudo nano /etc/yum.repos.d/kibana.repo

paste the following into the file:

[kibana-7.x]

name=Kibana repository for 7.x packages

baseurl=https://artifacts.elastic.co/packages/7.x/yum

gppcheck=1

gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch

enabled=1

autorefresh=1

type=rpm-md

 

  • sudo yum install kibana

**yum will check size and ask “Is this ok?” It will not proceed until you answer [y]es

 

Reload the system manager configuration.

  • sudo systemctl daemon-reload

 

Generate self-signed CA and transport SSL cert for Elasticsearch                                                                  (take defaults – just hit enter through all of the ELK prompts)

  • sudo /usr/share/elasticsearch/bin/elasticsearch-certutil ca
  • sudo /usr/share/elasticsearch/bin/elasticsearch-certutil cert –ca elastic-stack-ca.p12 –dns transport –name transport
  • sudo mkdir /etc/elasticsearch/certs
  • sudo mv /usr/share/elasticsearch/*.p12 /etc/elasticsearch/certs/
  • list=”$(sudo find /etc/elasticsearch -name *.p12)”
  • for file in $list; do sudo chmod 660 $file; done
  • for file in $list; do sudo chown root:elasticsearch $file; done
  • sudo mv hosts /etc/hosts

 

 

 

SaltMiner: Our Solution for Enterprise Application Security ManagementLearn More
+ +