Before the Beginning:
You need to make sure that there is no restriction on the access to the Internet which that you will assign to Logsign SIEM. If you are using firewall, UTM, WebFilter, IPS, IDS, Application Control Module or other third party security hardware or software, you need to authorize internet access (full access) which that you will assign to Logsign SIEM. Because Logsign SIEM installation should be able to access to the internet for software updates.
We are launching our vSphere Client application and fill out the information of your server completely and click on "Login" button.
We are connected to our server and we recommend you read the steps after this step more carefully. In the "Basic Tasks" window, we click on the "Create a New Virtual Machine" button and we are starting to build our server with the following wizard.
a. On the configuration tab, select Typical and proceed to Next.
b. On the Name and Location tab we set a name for our Logsign SIEM and proceed with Next.
c. On the Storage tab, select the datastore partition where you will install Logsign SIEM product and proceed to Next.
d. On the Guest Operating System tab, select Linux and Ubuntu Linux (64-bit) respectively and proceed to Next.
e. On the network tab we select the network adapter to enable Logsign SIEM to access the network and mark the Connect at Power On check box to define the system's network adapter at boot-up and proceed to Next.
f. On the Create a Disk tab we will set the disk size at which to install Logsign SIEM. Here are three (3) options.
Thick Provision Lazy Zeroed: It allocates all of the disk space you allocate from the datastore. If you select this option, the blocks in the disk will be reset as data is written. For this reason it occurs in a short time.
Thick Provision Eager Zeroed: It allocates all of the disk space you allocate from the datastore. If we choose this option, the blocks in the disc will be reset directly without writing any data.
Thin Provision: It differs from our previous two (2) methods. They do not allocate disk space from the datastore. As the disc is used, it expands itself.
Ready to Complete: It's a screen that we can preview the settings we made. With Finish we are terminating the wizard.
Once you have created your machine, you will need to mount your ISO file on the CD ROM after modifying the amount of CPU and RAM by modifying it.
Right-click on the virtual machine we created and click Edit Settings.
On the Memory tab we will set the amount of RAM for Logsign SIEM.
On the CPUs tab, we will set the amount of CPU that we specify set for our virtual machine.
On the CD/DVD Drive tab we will mount Logsign SIEM ISO file. In the right side as you see select the option of the Datastore ISO and click the Browse button. Select the folder where your ISO file is located and click OK button. Then do not forget to check Connect at Power Onin the Device Status section above. Then we click on the OK button to complete the configuration.
Right-clicking on the virtual machine we created and turning and respectively Power -> Power On will enable the virtual machine to receive energy.
Our virtual machine booted up and the loading scenario started. To see what's happening, click on the Console tab from the right-hand side and you can see the images of the installing on the screen.
While the installation is in progress, you will come across different screens and we tried to show below what you need to do on these steps.
#Please note that: Your keyboard language may be "EN" during installation.
On the Configure the Network section, you need to assign the IP address of Logsign SIEM. It's a good idea to make sure that you do not have an IP address used on your network. Then we continue with "arrow keys" using Continue.
The Netmask section comes up and in this section we continue with Continue by typing our network mask.
In the gateway section, we write the address of the network gateway that you use on your network.
In our next step, the installation will ask you to enter the Name Server Address, which is the DNS address. After completing this part, we continue with Continue in the same way.
In this step will copy all the necessary files and install Logsign SIEM along with the operating system.
During installation, a screen will appear titled "Partition Disks" and will ask for approval to perform the operations performed on the disk. In this step, we choose Yes.
Once our installation process is complete, your virtual machine will automatically restart and install the required services/components. Let's wait for an average of three (3) minutes (which may vary by CPU, RAM and DISK speed) to finish the installation process.
The display will show the name of the host operating system and the IP address of your machine.
Open the WEB browser and write http://LOGSIGN_IP_ADDRESS to the address bar. Then you will be directed to the installation wizard when you write Logsign SIEM IP address.