need steps to install minemeld on redhat

LCMember3226 — Wed, 24 Oct 2018 10:31:28 GMT

Re: need steps to install minemeld on redhat

xhoms — Fri, 26 Oct 2018 08:30:41 GMT

Hi @LCMember3226,

option A: Use the Ansible Playbook

option B: Add Docker support to your RedHat system and deploy the jtschichold/minemed image in DockerHub

Re: need steps to install minemeld on redhat

lukasj — Tue, 30 Oct 2018 06:14:12 GMT

Installation on RHEL7 worked (for me) with the following steps:

Installation of required packages

sudo yum install wget git gcc python-devel libffi-devel openssl-devel

Install and setup pip and ansible

wget https://bootstrap.pypa.io/get-pip.py

sudo -H python get-pip.py

sudo -H pip install ansible

Download application code

#sudo git clone https://github.com/PaloAltoNetworks/minemeld-ansible.git

Downgrade pip to prevent an installation issue with Frigidaire (part of minemeld)

#sudo -H /opt/minemeld/engine/current/bin/pip install -U "pip<10.0"

Adjust ansible role to reflect environment (e.g. selinux was not active on this machine, so the ansible role failed with the first try)

#sudo vim ./roles/minemeld/tasks/RedHat-7-post.yml

Uncomment selinux policy deployment and selinux policies (if required)

#- name: enable nginx connections to upstream

# command: setsebool -P httpd_can_network_connect 1

#- name: copy collectd selinux policy file

# copy:

# src: mmcollectd.pp

# dest: /tmp/mmcollectd.pp

# owner: root

# group: root

# mode: 0600

#- name: load selinux collectd policy

# command: semodule -i /tmp/mmcollectd.pp

Run the local ansible services installation

#sudo ansible-playbook -K -i 127.0.0.1, local.yml

Installation should complete without errors (if there is an error, ansible logs give you a good indication what went wronf)

127.0.0.1 : ok=78 changed=29 unreachable=0 failed=0

Add users to minemeld group

#sudo usermod -a -G minemeld root

#sudo usermod -a -G minemeld <you user>

Check service status:

# sudo -u minemeld /opt/minemeld/engine/current/bin/supervisorctl -c /opt/minemeld/supervisor/config/supervisord.conf status

4 Services should run (if not, check the logs)

minemeld-engine RUNNING pid 26418, uptime 0:43:26

minemeld-supervisord-listener RUNNING pid 26417, uptime 0:43:26

minemeld-traced RUNNING pid 26419, uptime 0:43:26

minemeld-web RUNNING pid 26420, uptime 0:43:26

Ensure the Web Interface is up and running.

Note: After this is complete, in case you want to use Client-Cert protected feeds; You need to update minmelds gevent (as it ssems to have an issue on rhel 7)

For this, stop minemeld, install and upgrade python gevent, replace minemelds gevent, start minemeld services.

#sudo systemctl stop minemeld

#sudo pip install --upgrade gevent

Replace /opt/minemeld/engine/current/lib/python2.7/site-packages/gevent with /usr/lib64/python2.7/site-packages/gevent

#sudo systemctl start minemeld

After the installation, i suggest you move the logs to /var/log; implement logorotate, harden NGINX and the local services added by the minemeld installation.

Happy Mining.

topic need steps to install minemeld on redhat in General Topics

need steps to install minemeld on redhat

Re: need steps to install minemeld on redhat

Re: need steps to install minemeld on redhat