Create the EC2 instance
-
In the EC2 dashboard, click Launch Instance.
-
Enter the name in the Name field.
-
In Application and OS images, click Ubuntu with AMI as ami-0c65adc9a5c1b5d7c.
-
In Architecture, select 64-bit (x86).
-
In the Instance type, select r5.8xlarge (for 5gbps) and r5.16xlarge (for 10gbpd).
-
Select the required keypair that is customer environment-specific.
-
Go to Network Settings and then click Edit.
-
Select VPC and Subnet.
-
To create a security group, do the following:
-
Add the name and description.
-
Select the inbound rule to allow traffic through UDP port 4789.
-
Add all the required rules for the probe node to communicate with the CCN and UXN instances. For more information, see LogRhythm NDR Prerequisites.
-
-
Configure the required storage.
-
Disk 1: 1x200 GB → GP2
-
Disk 2: 23 TB (for 5 Gbps) and 46 TB (for 10 Gbps).
-
Partition Disk 2 as opt and data with the specification given in the above reference document.
-
-
Add the required advanced configurations that are customer-specific.
-
Install Salt-Minion by following the below steps:
-
Use command:
sudo apt-get -y update -
Use command:
sudo apt-get install -y python3-software-properties -
Use the below command:
To download, go to https://repo.saltproject.io/py3/ubuntu/20.04/amd64/3005/salt-archive-keyring.gpgsudo curl -fsSL -o /usr/share/keyrings/salt-archive-keyring.gpg -
Use the below command:
For more information, see https://repo.saltproject.io/py3/ubuntu/20.04/amd64/3005 focal main" | sudo tee /etc/apt/sources.list.d/salt.listecho "deb [signed-by=/usr/share/keyrings/salt-archive-keyring.gpg arch=amd64] -
Enter the below command:
mkdir -p /etc/salt-2023 -
Use command:
mv /etc/salt/minion /etc/salt-2023/ -
Enter command:
sudo apt-get -y update -
Enter the below command:
sudo apt-get install -y salt-minion -
Use command:
sudo systemctl enable salt-minion.service -
Enter the below command:
sudo systemctl restart salt-minion.service
-