10-24-2018 03:31 AM
need steps to install minemeld on redhat
10-29-2018 11:14 PM
Installation on RHEL7 worked (for me) with the following steps:
Installation of required packages
sudo yum install wget git gcc python-devel libffi-devel openssl-devel
Install and setup pip and ansible
wget https://bootstrap.pypa.io/get-pip.py
sudo -H python get-pip.py
sudo -H pip install ansible
Download application code
#sudo git clone https://github.com/PaloAltoNetworks/minemeld-ansible.git
Downgrade pip to prevent an installation issue with Frigidaire (part of minemeld)
#sudo -H /opt/minemeld/engine/current/bin/pip install -U "pip<10.0"
Adjust ansible role to reflect environment (e.g. selinux was not active on this machine, so the ansible role failed with the first try)
#sudo vim ./roles/minemeld/tasks/RedHat-7-post.yml
Uncomment selinux policy deployment and selinux policies (if required)
#- name: enable nginx connections to upstream
# command: setsebool -P httpd_can_network_connect 1
#- name: copy collectd selinux policy file
# copy:
# src: mmcollectd.pp
# dest: /tmp/mmcollectd.pp
# owner: root
# group: root
# mode: 0600
#- name: load selinux collectd policy
# command: semodule -i /tmp/mmcollectd.pp
Run the local ansible services installation
#sudo ansible-playbook -K -i 127.0.0.1, local.yml
Installation should complete without errors (if there is an error, ansible logs give you a good indication what went wronf)
127.0.0.1 : ok=78 changed=29 unreachable=0 failed=0
Add users to minemeld group
#sudo usermod -a -G minemeld root
#sudo usermod -a -G minemeld <you user>
Check service status:
# sudo -u minemeld /opt/minemeld/engine/current/bin/supervisorctl -c /opt/minemeld/supervisor/config/supervisord.conf status
4 Services should run (if not, check the logs)
minemeld-engine RUNNING pid 26418, uptime 0:43:26
minemeld-supervisord-listener RUNNING pid 26417, uptime 0:43:26
minemeld-traced RUNNING pid 26419, uptime 0:43:26
minemeld-web RUNNING pid 26420, uptime 0:43:26
Ensure the Web Interface is up and running.
Login as user admin an change the default password.
Note: After this is complete, in case you want to use Client-Cert protected feeds; You need to update minmelds gevent (as it ssems to have an issue on rhel 7)
For this, stop minemeld, install and upgrade python gevent, replace minemelds gevent, start minemeld services.
#sudo systemctl stop minemeld
#sudo pip install --upgrade gevent
Replace /opt/minemeld/engine/current/lib/python2.7/site-packages/gevent with /usr/lib64/python2.7/site-packages/gevent
#sudo systemctl start minemeld
After the installation, i suggest you move the logs to /var/log; implement logorotate, harden NGINX and the local services added by the minemeld installation.
Happy Mining.
10-26-2018 01:30 AM
Hi @LCMember3226,
option A: Use the Ansible Playbook
option B: Add Docker support to your RedHat system and deploy the jtschichold/minemed image in DockerHub
10-29-2018 11:14 PM
Installation on RHEL7 worked (for me) with the following steps:
Installation of required packages
sudo yum install wget git gcc python-devel libffi-devel openssl-devel
Install and setup pip and ansible
wget https://bootstrap.pypa.io/get-pip.py
sudo -H python get-pip.py
sudo -H pip install ansible
Download application code
#sudo git clone https://github.com/PaloAltoNetworks/minemeld-ansible.git
Downgrade pip to prevent an installation issue with Frigidaire (part of minemeld)
#sudo -H /opt/minemeld/engine/current/bin/pip install -U "pip<10.0"
Adjust ansible role to reflect environment (e.g. selinux was not active on this machine, so the ansible role failed with the first try)
#sudo vim ./roles/minemeld/tasks/RedHat-7-post.yml
Uncomment selinux policy deployment and selinux policies (if required)
#- name: enable nginx connections to upstream
# command: setsebool -P httpd_can_network_connect 1
#- name: copy collectd selinux policy file
# copy:
# src: mmcollectd.pp
# dest: /tmp/mmcollectd.pp
# owner: root
# group: root
# mode: 0600
#- name: load selinux collectd policy
# command: semodule -i /tmp/mmcollectd.pp
Run the local ansible services installation
#sudo ansible-playbook -K -i 127.0.0.1, local.yml
Installation should complete without errors (if there is an error, ansible logs give you a good indication what went wronf)
127.0.0.1 : ok=78 changed=29 unreachable=0 failed=0
Add users to minemeld group
#sudo usermod -a -G minemeld root
#sudo usermod -a -G minemeld <you user>
Check service status:
# sudo -u minemeld /opt/minemeld/engine/current/bin/supervisorctl -c /opt/minemeld/supervisor/config/supervisord.conf status
4 Services should run (if not, check the logs)
minemeld-engine RUNNING pid 26418, uptime 0:43:26
minemeld-supervisord-listener RUNNING pid 26417, uptime 0:43:26
minemeld-traced RUNNING pid 26419, uptime 0:43:26
minemeld-web RUNNING pid 26420, uptime 0:43:26
Ensure the Web Interface is up and running.
Login as user admin an change the default password.
Note: After this is complete, in case you want to use Client-Cert protected feeds; You need to update minmelds gevent (as it ssems to have an issue on rhel 7)
For this, stop minemeld, install and upgrade python gevent, replace minemelds gevent, start minemeld services.
#sudo systemctl stop minemeld
#sudo pip install --upgrade gevent
Replace /opt/minemeld/engine/current/lib/python2.7/site-packages/gevent with /usr/lib64/python2.7/site-packages/gevent
#sudo systemctl start minemeld
After the installation, i suggest you move the logs to /var/log; implement logorotate, harden NGINX and the local services added by the minemeld installation.
Happy Mining.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
