Skip to main content
Skip table of contents

Gen6 Data Indexer Appliance Hardware Installation

This guide will help you install your LogRhythm Data Indexer Appliance and direct you to additional information.

Unpack the Appliance

Unpack your appliance, keeping all shipping materials in case you need them later.

Your Indexer Appliance ships with a rack-mount chassis and rails for installing the appliance in a high-density server rack. Depending on your appliance model, the rack kit includes some or all of the following:

  • One pair of sliding rail assemblies
  • Nylon Velcro straps

Install the Appliance in a Server Rack

For additional information about installing the rails, installing the appliance, and routing cables, see the Rack Installation Instructions that are included with your Indexer Appliance.

Before you install the appliance, make sure that your rack meets the following specifications:

  • American National Standards Institute (ANSI)/Electronic Industries Association (EIA) standard 310-D-92
  • International Electrotechnical Commission (IEC) 297
  • Deutsche Industrie Norm (DIN) 41494

Connect Network, iDRAC and Power Cables

Your new LogRhythm Appliance is equipped with redundant power supplies, multiple Network Interface Cards and a dedicated iDRAC port for Out-Of-Band Management. Its recommended you connect all cables prior to powering on the appliance.

Screenshots below may not match your appliance exactly, LogRhythm Gen6 appliances come in multiple 1U and 2U form factors however they all have the same basic connectivity ports

  1. Connect the iDRAC port to your switch using an RJ45 standard twisted-pair Ethernet with Cat5 or Cat6 cabling. This is an Out-of-Band Management port and is recommended to be connected to a dedicated management network if available. By default this port will use DHCP to acquire its IP address, you can set a static IP in the boot menu when first powering on the appliance.

  2. Connect the Intel OCP 10Gb/s Network ports to your switch. LogRhythm recommends connecting multiple ports in a TEAM or Port-Channel configuration for redundancy. At least 1 of these ports must be connected for the appliance to be configured and accessible on the network, these will be configured for DHCP within the operating system and should be set to static IP Addressing after first-boot.

    Its highly recommended these ports be connected to 10Gb/s switch ports in multi-box LogRhythm deployments, the speed of these ports have a major impact on LogRhythm application performance.


  3. Some LogRhythm Appliance models ship with 2 additional Broadcom Integrated ports at 1Gb/s, these are not used and do not need to be connected
  4. Connect the Power cables by bending the system power cable into a loop as shown below, then secure the cable in the provided strap. For hot-swapping to occur, each of the two power supplies must be powered with its own cord. LogRhythm Gen6 appliances ship with a C13 to C14 power cable which is the global standard for datacenter use. This will not connect to a normal land wall-socket in any country!
  5. Turn on the system by pressing the power button. The power indicators should light up.

Configuring iDRAC (OOBM) Port

LogRhythm Appliances all ship with a dedicated iDRAC port as described above. In factory there is a standard iDRAC/Lifecycle Controller configuration applied which will pre-configure the dedicated port as enabled, set the IP Address settings to DHCP and set a standard username/password for access to the iDRAC web interface. For Gen6 Windows Appliances you can also access the iDRAC via the OS by launching the start Menu and opening "iDRAC GUI Launcher"

Setting the iDRAC IP configuration from BIOS

  1. Power on the server, during startup press F2 to enter System Setup
  2. Select iDRAC Settings from the menu
  3. Select Network to adjust the Network Settings
  4. Scroll down to the IPV4 Settings, configure the settings appropriate to your network, by default these will be set to DHCP. You can set "Enable DHCP" to "Disabled" if you wish to use static addressing. LogRhythm Recommends configuring valid DNS 
  5. Press the "Back" button at the bottom, then "Finish" on the next screen. You will be prompted if you would like to Save Changes, select Yes if you wish to save the changes. 
  6. This will return you to the System Setup screen, press "Finish" again and the server will reboot

Complete the Initial Appliance Configuration

Your new Indexer Appliance comes from the factory pre-installed with:

  • CentOS 7.x or Rocky 9.x (if shipped after July 2023)
  • LogRhythm Data Indexer Software Installation Script

When you first log in to the Indexer Appliance, you must provide configuration details that are specific to your network and organization.

Do not skip the initial configuration script after logging in to the Indexer Appliance. If you do, your Indexer will be configured to use DHCP on the primary Ethernet adapter, which is not a supported configuration for a production environment.

 If you experience any problems with your new appliance during initial setup, contact LogRhythm Support.

To complete the initial appliance configuration, do the following:

  1. When prompted to log in, type logrhythm for the login and the default LogRhythm password for Password.
  2. Press y to run the script.
    You will be prompted for network and NTP details. At each prompt, detected or default values are displayed in parentheses. To accept these values, press Enter.
  3. Enter the network and NTP information, as follows:

Prompt

Description

IP address

The IP address that you want to assign to this Data Indexer node.

Netmask

The netmask to use.

Default gateway

The IP address of the network gateway.

NTP servers

The IP address of one or more NTP servers. Enter the IP address of each server one at a time, followed by Enter. When you are finished, press Ctrl + D to end.

After completing the items in the configuration script, the system will test connectivity to the default gateway and the NTP servers. If any of the tests fail, press n when prompted to enter addresses again.

If you plan to deploy the Indexer in a different network environment and you expect the connectivity tests to fail, you can press y to proceed.

After confirming the gateway and NTP values, you will be logged in as the logrhythm user.

  1. Restart the network interfaces to apply the new settings: 

    CODE 
    sudo systemctl restart network

  2. Restart chrony to apply NTP changes: 

    CODE 
    sudo systemctl restart chronyd
  3. If you are installing a cluster of Indexers, repeat the initial configuration on each Indexer node.
  4. When you have completed the initial configuration of all Indexer nodes, install either a single-node cluster or a multi-node cluster.
    For instructions on installing the Data Indexer, refer to Install the LogRhythm Data Indexer.

Install the Data Indexer

For instructions on installing the Data Indexer, refer to Install the LogRhythm Data Indexer.

Create a LogRhythm Support Account

The LogRhythm Support site has the most current help documentation, software revisions, patches, and other important information.

To become a registered user, log in to the LogRhythm Support site at https://support.logrhythm.com

  1. Click Request a New Account.
  2. Complete the request form.

Your registration confirmation is emailed to you. If you have not received an email for your account, check your spam folder. Contact support if you still have not received it within a reasonable amount of time.

Proceed with Deployment Setup

For further instructions, see Getting Started: LogRhythm Appliance Software Configuration on the LogRhythm Support site.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close