Skip to main content
Skip table of contents

Probe Node Setup in AWS

Create the EC2 instance

  1. In the EC2 dashboard, click Launch Instance.

  2. Enter the name in the Name field.

  3. In Application and OS images, click Ubuntu with AMI as ami-0c65adc9a5c1b5d7c.

  4. In Architecture, select 64-bit (x86).

  5. In Instance type, select r5.8xlarge (for 5gbps) and r5.16xlarge (for 10gbpd).
    For more information, see Holding Doc for AWS/GCP Deployments.

  6. Select the required keypair that is customer environment-specific.

  7. Go to Network Settings and then click Edit.

  8. Select VPC and Subnet.

  9. To create a security group, do the following:

    1. Add the name and description.

    2. Select the inbound rule to allow traffic through UDP port 4789.

    3. Add all the required rules for the probe node to communicate with the CCN and UXN instances. For more information, see LogRhythm NDR Prerequisites.

  10. Configure the required storage.

    1. Disk 1: 1x200 GB → GP2

    2. Disk 2: 23 TB (for 5gbps) and 46 TB (for 10 gbps). For more information, see Holding Doc for AWS/GCP Deployments.

    3. Partition Disk 2 as opt and data with the specification given in the above reference document.

  11. Add the required advanced configurations that are customer-specific.

  12. Install Salt-Minion by following the below steps:

    1. Use command:

      CODE 
      sudo apt-get -y  update

    2. Use command:

      CODE 
      sudo apt-get install -y python3-software-properties

    3. Use the below command:
      To download, go to https://repo.saltproject.io/py3/ubuntu/20.04/amd64/3005/salt-archive-keyring.gpg

      CODE 
      sudo curl -fsSL -o /usr/share/keyrings/salt-archive-keyring.gpg

    4. Use the below command:
      For more information, see https://repo.saltproject.io/py3/ubuntu/20.04/amd64/3005 focal main" | sudo tee /etc/apt/sources.list.d/salt.list

      CODE 
      echo "deb [signed-by=/usr/share/keyrings/salt-archive-keyring.gpg arch=amd64]

    5. Enter the below command:

      CODE 
      mkdir -p /etc/salt-2023

    6. Use command:

      CODE 
      mv /etc/salt/minion /etc/salt-2023/

    7. Enter command:

      CODE 
      sudo apt-get -y  update

    8. Enter the below command:

      CODE 
      sudo apt-get install -y  salt-minion

    9. Use command:

      CODE 
      sudo systemctl enable salt-minion.service

    10. Enter the below command:

      CODE 
      sudo systemctl restart salt-minion.service

To run the above commands as a script, see https://logrhythm.atlassian.net/l/cp/ddTD22jN.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close