WebsiteLoginKostenloser TestzugangCommunity

Manual Installation

  1. Check system requirements for application server, database server, and software components.

  2. Get approved to receive Enginsight and request Docker credentials. Email [email protected].

  3. Database server

    1. Install MongoDB.

    2. Configure the database (especially set up replica set).

  4. Application server

    1. Install Docker.

    2. Install Docker Compose.

    3. Install Enginsight.

  5. Set up the DNS name for app and sensors.

  6. Install the license file.

  7. Take care of securing via SSL/TLS certificate.

  8. Configure your On-Premises instance.

  9. Roll out the software components as sensors.

Make sure that the latest version of Docker Compose is always installed. In addition, do not install Docker via Snap or when installing the operating system, but only install Docker from the package sources in the official instructions.

Database Server: Config MongoDB

All of the following commands require root privileges. You can either execute each command with sudo (as shown below), or alternatively log in as superuser once:

su - root

In this case, sudo can be omitted from the following commands.

  1. Start MongoDB if it does not start automatically.

sudo systemctl enable mongod && sudo systemctl start mongod

  1. Open the file /etc/mongod.conf in an editor of your choice, for example nano.

sudo nano /etc/mongod.conf

  1. Change the net section as follows so that MongoDB is accessible from outside.

net:
  port: 27017
  bindIp: 0.0.0.0

  1. Set up the replica set as follows to allow the database to push information to the API.

replication:
   replSetName: "rs0"

  1. Save the configuration file (Ctrl+o) and confirm the saving process. Close nano (Ctrl+x).

If the database is not running in replica mode, many Enginsight functions will not work correctly.

  1. Restart MongoDB.

sudo systemctl restart mongod

  1. Open the MongoDB CLI.

sudo mongosh

  1. Activate the replica set. For <public DB IP>, enter the IP of the database server that can be reached from the application server.

rs.initiate( {
   _id : "rs0",
   members: [
      { _id: 0, host: "<PUBLIC_DB_IP>:27017" }
   ]
})

  1. Check if the replica sets are active.

rs.status()

If the configuration is correct, you will see the prompt after executing the command:

rs0:PRIMARY>

  1. Close the Mongo interface.

quit()

  1. Secure the database with iptables.

This step is important to ensure the security of the Enginsight software. It results in only the application being able to access MongoDB. Unauthorized access is prevented.

Replace <APP_SERVER_IP> with the IP address of the application server that is accessible from the database. Replace <DB_SERVER_IP> with the IP address of the database server that is accessible from the application.

sudo iptables -A INPUT -p tcp -m tcp --dport 27017 -s 127.0.0.1 -j ACCEPT
sudo iptables -A INPUT -p tcp -m tcp --dport 27017 -s <APP_SERVER_IP> -j ACCEPT
sudo iptables -A INPUT -p tcp -m tcp --dport 27017 -s <DB_SERVER_IP> -j ACCEPT
sudo iptables -A INPUT -p tcp -m tcp --dport 27017 -j DROP

  1. Save the rules and make sure they are loaded at every restart.

sudo apt-get install -y iptables-persistent

Application Server: Install Enginsight

All of the following commands require root privileges. You can either execute each command with sudo (as shown below), or alternatively log in as superuser once:

su - root

In this case, sudo can be omitted from the following commands.

  1. Make sure that you have the latest version of Docker and Docker Compose installed.

    The current version numbers can be found here: Docker Engine, Docker Compose.

    sudo docker version
    sudo docker-compose -v

Do not install Docker via Snap or when installing the operating system. Only install Docker from the package sources in the official guide.

  1. Log in to Docker.

    sudo docker login registry.enginsight.com

    You receive the credentials from us.

    If problems occur during authentication, check whether a current gpg2 key is available and generate it automatically if necessary:

    sudo apt install gnupg2 gpg2 --gen-key

  2. Create a directory and clone Enginsight.

    sudo mkdir -p /opt/enginsight && cd /opt/enginsight
    git clone https://github.com/enginsight/enterprise.git

  3. Execute the setup.

    cd enterprise && ./sudo setup.sh

  4. The installation may take a few moments. In the browser, open the application.

  5. Once the installation is complete, you can log in using the temporary login credentials. You can obtain them as follows:

    sudo docker ps

    Copy the ID of the server-m2 module.

     sudo docker logs <CONTAINER_ID>

    (Container ID of the “server-m2” container, which can be determined via docker ps.)

  6. The credentials for the initial login will now be issued to you. Please save the initial login data.

Change the initial login data immediately after you have logged in for the first time.

To do this, go to SettingsUser account. Adjust your e-mail address in the personal details and assign a new password under Password.

ATTENTION! Without a changed and saved password or saved intial password you will lose access to the Enginsight platform. Use a password manager!

  1. Regulate the memory requirements of the Docker logs by limiting them to 100 Mb as follows:

    sudo nano /etc/docker/daemon.json

    Insert the following:

    {  
  "log-driver": "json-file",  
  "log-opts": {
    "max-size": "100,",
    "max-file": "30"  
  }
}

  2. Restart Docker service:

    sudo systemctl restart docker

Certificate

For a proper operation of the Enginsight application, the access via HTTPS is mandatory.

Install and configure nginx to set up an encrypted connection and enable HTTPS. You can get instructions here.

Buy and import license file

To use Enginsight OnPremises, you need a license file. Contact us to purchase a license package: [email protected]

You can import the license file under SettingsLicense.

Do you want to manage multiple organisations with Enginsight and use the multitenancy? Here you can find out, what you have to consider regarding the license.

Configure On-Premises instance

Configure your Enginsight on-premises installation.

Software Components

In addition to the Enginsight application, you can install other software components to take advantage of the full range of Enginsight features.

Pulsar Agent

Install Pulsar Agent on all servers and clients you want to monitor with Enginsight. Start with the servers on which you have installed Enginsight.

To learn how to install a Pulsar agent, click here.

Observer

The Observer is responsible for monitoring your endpoints from the outside. You can place multiple Observers at different points of the network (e.g. in different network segments) and Internet (e.g. different countries and continents).

You can learn how to add an Observer here.

Watchdog

A watchdog installed in a network segment can perform asset discovery. It is also responsible for agentless monitoring (ping and port monitoring, SNMP).

To learn how to add a watchdog, click here.

Hacktor

The Hacktor is a software component that can be installed on a specific network segment to perform penetration tests on reachable assets.

To learn how to add a Hacktor, click here.

PreviousAutomatic InstallationNextLoad Balancing

Last updated

Was this helpful?