Installing Logsign SIEM on VMware with ISO file

VMware ESXi the latest hypervisor offered by VMware is the virtualization architecture. It has ultra-slim architecture, therefore it has a remarkable performance on all operating systems. Let’s begin installation process of Logsign SIEM on VMware ESX.

 

Before the Beginning:

You need to make sure that there is no restriction on the access to the Internet which that you will assign to Logsign SIEM. If you are using firewall, UTM, WebFilter, IPS, IDS, Application Control Module or other third party security hardware or software, you need to authorize internet access (full access) which that you will assign to Logsign SIEM. Because Logsign SIEM installation should be able to access to the internet for software updates.

 

The disk will be formatted that you have allocated for Logsign SIEM. For this reason we recommend you should not install Logsign SIEM which is an important server on datastore. Otherwise, you may lose all your data.

If you have not downloaded the ISO file, you can download from here.

We are launching our vSphere Client application and fill out the information of your server completely and click on "Login" button.

IP Address / Name: Server name or IP address

User Name: User name

Password: Password

 

Click on the "Install this certificate and do not display any security warnings" button in the warning that appears on the screen. 

We are connected to our server and we recommend you read the steps after this step more carefully. In the "Basic Tasks" window, we click on the "Create a New Virtual Machine" button and  we are starting to build our server with the following wizard.

 a. On the configuration tab, select Typical and proceed to Next.

b. On the Name and Location tab we set a name for our Logsign SIEM and proceed with Next.

c. On the Storage tab, select the datastore partition where you will install Logsign SIEM product and proceed to Next.

 

d. On the Guest Operating System tab, select Linux and Ubuntu Linux (64-bit) respectively and proceed to Next.

e. On the network tab we select the network adapter to enable Logsign SIEM to access the network and mark the Connect at Power On check box to define the system's network adapter at boot-up and proceed to Next.

f. On the Create a Disk tab we will set the disk size at which to install Logsign SIEM. Here are three (3) options.

Thick Provision Lazy Zeroed: It allocates all of the disk space you allocate from the datastore. If you select this option, the blocks in the disk will be reset as data is written. For this reason it occurs in a short time.

Thick Provision Eager Zeroed: It allocates all of the disk space you allocate from the datastore. If we choose this option, the blocks in the disc will be reset directly without writing any data.

Thin Provision: It differs from our previous two (2) methods. They do not allocate disk space from the datastore. As the disc is used, it expands itself.

Ready to Complete: It's a screen that we can preview the settings we made. With Finish we are terminating the wizard.

 

Once you have created your machine, you will need to mount your ISO file on the CD ROM after modifying the amount of CPU and RAM by modifying it.

Right-click on the virtual machine we created and click Edit Settings.

On the Memory tab we will set the amount of RAM for Logsign SIEM.

On the CPUs tab, we will set the amount of CPU that we specify set for our virtual machine. 

On the CD/DVD Drive tab we will mount Logsign SIEM ISO file. In the right side as you see select the option of the Datastore ISO and click the Browse button. Select the folder where your ISO file is located and click OK button. Then do not forget to check Connect at Power On in the Device Status  section above. Then we click on the OK button to complete the configuration.

Right-clicking on the virtual machine we created and turning and respectively Power -> Power On will enable the virtual machine to receive energy.

Our virtual machine booted up and the loading scenario started. To see what's happening, click on the Console tab from the right-hand side and you can see the images of the installing on the screen.

While the installation is in progress, you will come across different screens and we tried to show below what you need to do on these steps.

#Please note that: Your keyboard language may be "EN" during installation.

 On the Configure the Network section, you need to assign the IP address of Logsign SIEM. It's a good idea to make sure that you do not have an IP address used on your network. Then we continue with "arrow keys" using Continue.

The Netmask section comes up and in this section we continue with Continue by typing our network mask.

In the gateway section, we write the address of the network gateway that you use on your network.

In our next step, the installation will ask you to enter the Name Server Address, which is the DNS address. After completing this part, we continue with Continue in the same way.

In this step will copy all the necessary files and install Logsign SIEM along with the operating system.

During installation, a screen will appear titled "Partition Disks" and will ask for approval to perform the operations performed on the disk. In this step, we choose Yes.

Once our installation process is complete, your virtual machine will automatically restart and install the required services/components. Let's wait for an average of three (3) minutes (which may vary by CPU, RAM and DISK speed) to finish the installation process. 

 

The display will show the name of the host operating system and the IP address of your machine.

Open the WEB browser and write http://LOGSIGN_IP_ADDRESS to the address bar. Then you will be directed to the installation wizard when you write Logsign SIEM IP address.

You will see two (2) different options:

I have a License Key: If you have a license key that you have purchased, you are choosing this option.

Free Edition: As you know free version

Host ID: Unique identification number of Logsign SIEM.

Serial Key: This section is the the serial number given to you when you purchased Logsign SIEM (this requirement will not be asked if you choose Free Edition).

Name: Name of the person who will use Logsign SIEM.

Last Name: Last name of the person who will use Logsign SIEM.

Company Name: Name of the company to use Logsign SIEM.

E-mail: E-mail address of the person who will use Logsign SIEM.

Phone: Phone number of the person who will use Logsign SIEM.

Once the above information has been completely filled in, click the Activate button in the lower right corner of the window and the next step is executed after the activation of the product is performed.

#Please note that: Once you have filled in the information under the “License” tab in the setup wizard, you can not return to the license registration information window, which is the previous step from the password setting screen.

There are points to note in this section that you will set the password for the admin user for use in the WEB interface.

 

Password: WEB interface password that you specified.

Verify Password: You need to rewrite your password in this section, which is required for validation of the WEB interface password that you specified.

After you specify your password, click the Next button in the lower right corner to move to the next step.

#Please note that: When the password creation process of Logsign SIEM is carried out, the name, date of birth, football team, etc. should not contain easily guessable spoken words. It is recommended that you use a combination of at least one (1) uppercase, lowercase, digit (not consecutive), and special characters.

In this section Logsign SIEM allows you to change the password of the iadmin user, which is required to provide access via the CLI, as well as the password creation policies specified in the WEB interface.

Password: CLI password that you specified.

Verify Password: You need to rewrite your password in this section, which is required for validation of the CLI password that you specified.

#Please note that: When the password creation process of Logsign SIEM is carried out, the name, date of birth, football team, etc. should not contain easily guessable spoken words. It is recommended that you use a combination of at least one (1) uppercase, lowercase, digit (not consecutive), and special characters.

After you specify your Logsign SIEM CLI password, click the Next button in the lower right corner to move to the next step.

 

E-mail 

Use SMTP Authentication: We mark this box to use the SMTP authenticator.

Username: The username of the person who will use SMTP authentication.

Password: The password for the username that will be doing SMTP authentication.

SMTP Port: The port address to use for SMTP authentication (may vary depending on the email provider).

Use TLS: This box should be checked if your email provider is using the TLS service.

SMTP Server: The server name of the SMTP e-mail provider.

From Mail: The e-mail address that will send the information messages about Logsign SIEM.

Destination Mail: The e-mail address that will receive the information messages about Logsign SIEM.

Click on the Test Mail button below and you will see Success on the screen if your configurations are correct.

Then we go to the next step with the Next button in the bottom right corner.

#Please note that: You can skip with the Skip button in the bottom right corner and reconfigure it at another time.

 

Finish

This is where the configuration of your setup wizard ends.

Once you click Launch Logsign button, you will be redirected to the WEB interface login page.

Have more questions? Submit a request

Comments