Install Rocky Linux 9.1

Prerequisites

• Internet access and web browser
• VMware (Workstation or Player) or another VM platform

• The Rocky Linux host should have the following firewall configuration:

  Direction	Port	Protocol	Source	Destination	Purpose
  Outbound	443	HTTPS	Open Collector	raw.githubusercontent.com	Identify the latest container versions.
  Outbound	443	HTTPS	Open Collector	*.gcr.io	Download the latest Open Collector software.
  Outbound	443	HTTPS	Open Collector	get.docker.com	Download docker repositories.
  Outbound	443	HTTPS	Open Collector	cloud.google.com	Pull container images.
  Outbound	443	HTTPS	Open Collector	storage.googleapis.com	Auto-update feature.
  Outbound	443	HTTPS	Open Collector	console.cloud.google.com	Auto-update feature.
  Outbound	443	HTTPS	Open Collector	download.docker.com	Allows for LRCTL installation of Open Collector
  Outbound	443	HTTPS	Open Collector	registry-1.docker.io	Allows for LRCTL installation of Open Collector
  Outbound	443	HTTPS	Open Collector	auth.docker.io	Allows for LRCTL installation of Open Collector
  Outbound	443	HTTPS	Open Collector	production.cloudflare.docker.com	Allows for LRCTL installation of Open Collector
  Outbound	514	TCP - Syslog	Open Collector	Windows System Monitor Agent	Syslog feed of data to LogRhythm SIEM.
  Outbound**	6514	TCP+TLS - Secure Syslog	Open Collector	Windows System Monitor Agent	Secure Syslog feed of data to LogRhythm SIEM.
  Outbound	8076	TCP - Influx/Vitals	Open Collector	Platform Manager	Data feed for Centralized Metrics (LogRhythm 7.5+ only).
  Inbound	3000	HTTP	User machine	Open Collector	View Open Collector metrics in Grafana.
  Inbound	22	SSH	User machine	Open Collector	Interact with Open Collector.
  Inbound	5044	TCP - Lumberjack	Beats	Open Collector	Method to send data from Beats collected outside the Open Collector.

  **indicates optional setting

Rocky Linux 9.1 Installation Setup

1. Download Rocky Linux 9.1 from https://download.rockylinux.org/pub/rocky/9/isos/x86_64/
2. Create a VM with the following settings:
   • CPU: 8 cores (or more)
   • RAM: 8 GB (or more)
   • HDD: 50 GB (or more)
   • DVD: Rocky-9.1-x86_64-dvd.iso
   • User: In addition to the root user, create the following user:

     • username: logrhythm

     • password: <enter a password of your choice>

3. On initial boot, log in as the root user.

4. Add the new "logrhythm" user to the sudoers wheel:

   CODE

   usermod -aG wheel logrhythm

5. Reboot the VM, and log in as the "logrhythm" user.

Install Rocky Linux 9.1

1. Boot your VM with your installation media attached to the virtual CD-ROM drive (.iso format).
   

   

2. Select Install Rocky Linux 9.1.0.
3. Wait for the media check to complete.
   

   

4. Once the Rocky Linux 9.1 installer GUI starts, select your language localization settings.
   

   

5. Click Continue.
   The Installation Summary screen appears.
   

   

6. In the System section, click Network & Host Name.
   This is required to get networking on your VM without manual configuration.
7. In the upper-right corner, click the toggle switch to On.  
   

   

   
   The VM retrieves an IP address and DNS settings using DHCP.
8. In the upper-left corner, click Done.
   The Installation Summary screen appears.
9. In the Localization section, click Time & Date.  
   The Time & Date screen appears.
   

   

10. Confirm the date and time are correct. 

    

    You can also use the Network Time (NTP) option (networking must be configured to use this option).
11. In the upper-left corner, click Done.
    The Installation Summary screen appears.
12. In the System section, click Installation Destination.  
    The Installation Destination screen appears.
    

    

13. Ensure your local disk is selected. The recommended disk capacity is 50GB.
14. In the upper-left corner, click Done.
    The Installation Summary screen appears.
    

    

15. In the bottom-left corner under USER SETTINGS, click Root Password.
    The Root Password screen appears.
    

    

16. Enter your desired password and check the Allow root SSH login with password checkbox.
17. In the upper-left corner, click Done.
    The Installation Summary screen appears.
18. In the bottom-right corner, click Begin Installation.
    The Installation Progress screen appears.
    

    

19. Once the installation is completed, click on Reboot System at the bottom right corner.
    

    

    
    The SETUP screen appears after reboot.
20. Click on the Start Setup button.
    

    

    
    The Privacy screen appears.
    

    

21. Keep the default privacy settings and click Next in the top-right corner.
    The Online Accounts window appears.
22. Optionally, configure your online account, or click Skip in the top-right corner.
    

    

    
    The About You window appears.
23. Enter appropriate details for the logrhythm user and click Next in the top-right corner.
    

    

    
    The Password window appears.

24. Enter a strong password, and then click Next in the top-right corner.
    

    

    

    You can also create a logrhythm user manually after installation.

    The Setup Complete window appears.

25. Click the Start Using Rocky Linux button.
    

    

    

    Make sure to remove the installation media. The method for removal is hypervisor-specific.