You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-iot/organizations/ot-deploy/activate-deploy-sensor.md
+41-33Lines changed: 41 additions & 33 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -162,6 +162,10 @@ Use this procedure to configure the following initial setup settings via CLI:
162
162
- Defining network details for your sensor
163
163
- Defining the interfaces you want to monitor
164
164
165
+
> [!NOTE]
166
+
> The information in this article applies to the sensor version 24.1.5. If you are running an earlier version, see [configure ERSPAN mirroring](../traffic-mirroring/configure-mirror-erspan.md).
167
+
>
168
+
165
169
Continue with [activating](#activate-your-ot-sensor) and [configuring SSL/TLS certificate settings](#define-ssltls-certificate-settings) in the browser.
166
170
167
171
**To configure initial setup settings via CLI**:
@@ -173,66 +177,70 @@ Continue with [activating](#activate-your-ot-sensor) and [configuring SSL/TLS ce
173
177
-**Username**: `admin`
174
178
-**Password**: `admin`
175
179
176
-
When you enter your password, the password characters don't display on the screen. Make sure you enter them carefully.
180
+
When you enter your password, the password characters don't display on the screen. Make sure you enter them carefully.
177
181
178
182
1. At the prompt, enter a new password for the *admin* user. Your password must contain lowercase and uppercase alphabetic characters, numbers, and symbols.
179
183
180
184
When prompted to confirm your password, enter your new password again. For more information, see [Default privileged users](../manage-users-sensor.md#default-privileged-users).
181
185
182
-
The `Package configuration` Linux configuration wizard opens. In this wizard, use the up or down arrows to navigate, and the **SPACE** bar to select an option. Press **ENTER**to advance to the next screen.
186
+
1. After changing the password, the `Sensor Config` wizard automatically starts. Continue to step 5.
183
187
184
-
1. In the wizard's `Select monitor interfaces` screen, select any of the interfaces you want to monitor with this sensor.
188
+
If you're logging in on subsequent occassions continue to step 4.
185
189
186
-
The system selects the first interface it finds as the management interface, and we recommend that you leave the default selection. If you decide to use a different port as the management interface, the change is implemented only after the sensor restarts. In such cases, make sure that the sensor is connected as needed.
190
+
1. To start the `Sensor Config` wizard, at the prompt type `network reconfigure`. If you are using the cyberx user, type `python3 -m cyberx.config.configure`.
187
191
188
-
For example:
192
+
1. The `Sensor Config` screen shows the present set up of the interfaces. Ensure that one interface is set as the management interface. In this wizard, use the up or down arrows to navigate, and the **SPACE** bar to select an option. Press **ENTER** to advance to the next screen.
189
193
190
-
:::image type="content" source="../media/install-software-ot-sensor/select-monitor-interfaces.png" alt-text="Screenshot of the Select monitor interfaces screen.":::
191
-
192
-
> [!IMPORTANT]
193
-
> Make sure that you select only interfaces that are connected.
194
-
>
195
-
> If you select interfaces that are enabled but not connected, the sensor will show a *No traffic monitored* health notification in the Azure portal. If you connect more traffic sources after installation and want to monitor them with Defender for IoT, you can add them later via the [CLI](../references-work-with-defender-for-iot-cli-commands.md).
194
+
Select the interface you want to configure, for example:
196
195
197
-
1. In the `Select management interface` screen, select the interface you want to use to connect to the Azure portal or an on-premises management console.
196
+
:::image type="content" source="media/activate-deploy-sensor/ersp-cli-settings.png" alt-text="Screenshot of the Select monitor interfaces screen.":::
198
197
199
-
For example:
198
+
1. In the `Select type` screen select the new configuration type for this interface.
200
199
201
-
:::image type="content" source="../media/install-software-ot-sensor/select-management-interface.png" alt-text="Screenshot of the Select management interface screen.":::
202
-
203
-
1. In the `Enter sensor IP address` screen, enter the IP address you want to use for this sensor. Use this IP address to connect to the sensor via CLI or the browser. For example:
204
-
205
-
:::image type="content" source="../media/install-software-ot-sensor/enter-sensor-ip-address.png" alt-text="Screenshot of the Enter sensor IP address screen.":::
200
+
> [!IMPORTANT]
201
+
> Make sure that you select only interfaces that are connected.
202
+
>
203
+
> If you select interfaces that are enabled but not connected, the sensor will show a *No traffic monitored* health notification in the Azure portal. If you connect more traffic sources after installation and want to monitor them with Defender for IoT, you can add them later via the [CLI](../references-work-with-defender-for-iot-cli-commands.md).
204
+
>
206
205
207
-
1. In the `Enter path to the mounted backups folder` screen, enter the path to the sensor's mounted backups. We recommend using the default path of `/opt/sensor/persist/backups`. For example:
206
+
An interface can be set as either **Management**, **Monitor**, **Tunnel** or **Unused**. You may wish to set an interface as **Unused** as a temporary setting, to reset it, or if a mistake was made in the original set up.
208
207
209
-
:::image type="content" source="../media/install-software-ot-sensor/mounted-backups.png" alt-text="Screenshot of the mounted backups folder configuration.":::
208
+
1. To configure a **Management** interface:
210
209
211
-
1. In the `Enter Subnet Mask` screen, enter the IP address for the sensor's subnet mask. For example:
210
+
1. Select the interface.
211
+
1. Select **Management**.
212
+
1. Type the sensor's **IP address**, **DNS server** IP address and the default **Gateway** IP address.
212
213
213
-
:::image type="content" source="../media/install-software-ot-sensor/subnet-mask.png" alt-text="Screenshot of the Enter Subnet Mask screen.":::
214
+
:::image type="content" source="media/activate-deploy-sensor/ersp-cli-management-settings.png" alt-text="Screenshot of the interface Management screen.":::
214
215
215
-
1. In the `Enter Gateway` screen, enter the sensor's default gateway IP address. For example:
216
+
1. Select **Back**.
216
217
217
-
:::image type="content" source="../media/install-software-ot-sensor/enter-gateway.png" alt-text="Screenshot of the Enter Gateway screen.":::
218
+
1. To configure a **Monitor** interface:
218
219
219
-
1. In the `Enter DNS server` screen, enter the sensor's DNS server IP address. For example:
220
+
1. Select the interface.
221
+
1. Select **Monitor**. The **Sensor Config** screen updates.
220
222
221
-
:::image type="content" source="../media/install-software-ot-sensor/enter-dns-server.png" alt-text="Screenshot of the Enter DNS server screen.":::
223
+
1. To configure an ERSPAN interface:
222
224
223
-
1. In the `Enter hostname` screen, enter a name you want to use as the sensor hostname. Make sure that you use the same hostname as is defined in the DNS server. For example:
225
+
1. Select **Type**.
226
+
1. Select **ERSPAN**.
227
+
1. Select **Confirm**.
224
228
225
-
:::image type="content" source="../media/install-software-ot-sensor/enter-hostname.png" alt-text="Screenshot of the Enter hostname screen.":::
229
+
1. To configure an interface as **Unused**:
226
230
227
-
1. In the `Run this sensor as a proxy server (Preview)` screen, select `<Yes>` only if you want to configure a proxy, and then enter the proxy credentials as prompted. For more information, see [Configure proxy settings on an OT sensor](../connect-sensors.md).
231
+
1. Select the interface.
232
+
1. Select the existing status.
233
+
1. Select **Unused**. The **Sensor Config** screen updates.
228
234
229
-
The default configuration is without a proxy.
235
+
1. After configuring all of the interfaces, select **Save**.
230
236
231
-
1. The configuration process starts running, reboots, and then prompts you to sign in again. For example:
237
+
### Automatic backup folder location
232
238
233
-
:::image type="content" source="../media/install-software-ot-sensor/final-cli-sign-in.png" alt-text="Screenshot of the final sign-in prompt at the end of the initial CLI configuration.":::
239
+
The sensor automatically creates a backup folder. To change the location of the mounted backups you must:
234
240
235
-
At this point, open a browser to the IP address you'd defined for your sensor and continue the setup in the browser. For more information, see [Activate your OT sensor](#activate-your-ot-sensor).
241
+
1. Log in to the sensor using the **admin** user.
242
+
1. Type the following code in the CLI interface: `system backup path` and then add the path location, for example `/opt/sensor/backup`.
243
+
1. The backup runs automatically and might take up to one minute.
236
244
237
245
> [!NOTE]
238
246
> During initial setup, options for ERSPAN monitoring ports are available only in the browser-based procedure.
0 commit comments