CentOS 6.X Setup Cyberoam iView on Linux

From Notes_Wiki
Revision as of 15:15, 30 December 2017 by Saurabh (talk | contribs) (Created page with "<yambe:breadcrumb>Cyberoam_firewall|Cyberoam firewall</yambe:breadcrumb> =CentOS 6.X Setup Cyberoam iView on Linux= To configure cyberoam iView on Linux use following steps:...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

<yambe:breadcrumb>Cyberoam_firewall|Cyberoam firewall</yambe:breadcrumb>

CentOS 6.X Setup Cyberoam iView on Linux

To configure cyberoam iView on Linux use following steps:

  1. Create a VM with CentOS 6.X including PostgreSQL 8.X
  2. Download Appropriate Linux bin file from https://sourceforge.net/projects/cyberoam-iview/files/ Name of latest stable release is typically shown at the top.
    You can also download installation manuals from the Documents folder from the same link.
  3. Download java 1.5 rpm bin file for linux from http://www.oracle.com/technetwork/java/javasebusiness/downloads/java-archive-downloads-javase5-419410.html
  4. Copy the iView bin file and downloaded java to the VM
  5. Login as root user in the VM
  6. Install java1.5 using java rpm bin file. (chmod +x <filename>, ./<filenam> as root)
  7. chmod +x iView setup file
  8. Verify that postgresql database version is 8.4 (rpm -qa | grep postgre)
  9. service postgresql initdb
  10. Edit /var/lib/pgsql/data/pg_hba.conf and update all ident to trust. For example.
    local all all ident
    to
    local all all trust
    You would have to update this at three places local, 127.0.0.1, ::1
  11. service postgresql restart
  12. Execute iView setup file in terminal (./<filename>)
    1. iView setup path can be /var/iview
    2. Archive path can be /var/iview/archived
    3. PostgreSQL data folder is at /var/lib/pgsql
    4. Java is perhaps at /usr/java/jdk1.5.0_22
    5. Choose appropriate iView admin password
    6. Give appropriate admin email ID
  13. cat /var/iview/installation.log and make sure everything went fine
  14. service iviewd status
  15. service iptables stop
  16. chkconfig iptables off
  17. chkconfig postgresql on
  18. Check iView dashboard at http://<machine-ip>:8000/
  19. Log into admin console on cyberoam
  20. Go to "Logs & Reports" -> Configuration
  21. Enter IP address of the iView server. Port number is 514. Select Facility Daemon and Severity Information. Format can be left as it is to CyberoamStandardFormat.
  22. Go to "Log settings" tab
  23. Select appropriate categories for which logs are desired for the newly added Log server
  24. Again log into iView dashboard
  25. Add the new device with appropriate name and type as 'cyberoam'
  26. You can additionally do "tcpdump -vn -i <interface-name> 'udp and port 514'" on Linux VM to verify that cyberoam is sending logs to the new iView server
  27. You can also go to iView Dashboard. System -> Archives -> Live Logs. Select the correct device and click Go. Also click 'Start update'.
  28. Wait 10 minutes. Then do 'service iviewd restart'. Then again login into dashboard to see various details.


<yambe:breadcrumb>Cyberoam_firewall|Cyberoam firewall</yambe:breadcrumb>