need steps to install minemeld on redhat

L1 Bithead

need steps to install minemeld on redhat

need steps to install minemeld on redhat

L5 Sessionator

Re: need steps to install minemeld on redhat

Hi @LCMember3226,

 

option A: Use the Ansible Playbook

option B: Add Docker support to your RedHat system and deploy the jtschichold/minemed image in DockerHub

L1 Bithead

Re: need steps to install minemeld on redhat

Installation on RHEL7 worked (for me) with the following steps:

 

Installation of required packages

 

sudo yum install wget git gcc python-devel libffi-devel openssl-devel

 

Install and setup pip and ansible

 

wget https://bootstrap.pypa.io/get-pip.py

sudo -H python get-pip.py

sudo -H pip install ansible

 

Download application code

 

#sudo git clone https://github.com/PaloAltoNetworks/minemeld-ansible.git

 

Downgrade pip to prevent an installation issue with Frigidaire (part of minemeld)

 

#sudo -H /opt/minemeld/engine/current/bin/pip install -U "pip<10.0"

 

Adjust ansible role to reflect environment (e.g. selinux was not active on this machine, so the ansible role failed with the first try)

 

#sudo vim ./roles/minemeld/tasks/RedHat-7-post.yml

 

Uncomment selinux policy deployment and selinux policies (if required)

 

#- name: enable nginx connections to upstream

#  command: setsebool -P httpd_can_network_connect 1

#- name: copy collectd selinux policy file

#  copy:

#    src: mmcollectd.pp

#    dest: /tmp/mmcollectd.pp

#    owner: root

#    group: root

#    mode: 0600

#- name: load selinux collectd policy

#  command: semodule -i /tmp/mmcollectd.pp

 

Run the local ansible services installation

 

#sudo ansible-playbook -K -i 127.0.0.1, local.yml

 

Installation should complete without errors (if there is an error, ansible logs give you a good indication what went wronf)

 

127.0.0.1 : ok=78   changed=29   unreachable=0    failed=0

 

Add users to minemeld group

 

#sudo usermod -a -G minemeld root

#sudo usermod -a -G minemeld <you user>

 

Check service status:

 

# sudo -u minemeld /opt/minemeld/engine/current/bin/supervisorctl -c /opt/minemeld/supervisor/config/supervisord.conf status

 

4 Services should run (if not, check the logs)

 

minemeld-engine                  RUNNING   pid 26418, uptime 0:43:26

minemeld-supervisord-listener    RUNNING   pid 26417, uptime 0:43:26

minemeld-traced                  RUNNING   pid 26419, uptime 0:43:26

minemeld-web                     RUNNING   pid 26420, uptime 0:43:26

 

Ensure the Web Interface is up and running.

 

Login as user admin an change the default password.

 

 

Note:  After this is complete, in case you want to use Client-Cert protected feeds; You need to update minmelds gevent (as it ssems to have an issue on rhel 7)

 

For this, stop minemeld, install and upgrade python gevent, replace minemelds gevent, start minemeld services.

 

#sudo systemctl stop minemeld

#sudo pip install --upgrade gevent

 

Replace /opt/minemeld/engine/current/lib/python2.7/site-packages/gevent with /usr/lib64/python2.7/site-packages/gevent

 

#sudo systemctl start minemeld

 

After the installation, i suggest you move the logs to /var/log; implement logorotate, harden NGINX and the local services added by the minemeld installation.

 

Happy Mining.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!