|
1 | 1 | --- |
2 | | -id: i_se_install_01 |
| 2 | +id: se_install_01 |
3 | 3 | title: Security Engine Installation |
| 4 | +pagination_next: /u/user_guides/interactive_se_install/se_install_02 |
4 | 5 | --- |
5 | 6 |
|
6 | 7 | import Tabs from '@theme/Tabs'; |
7 | 8 | import TabItem from '@theme/TabItem'; |
8 | 9 | import CodeBlock from '@theme/CodeBlock'; |
9 | 10 |
|
10 | | -import testmdximport from './01_import_test.mdx'; |
11 | | - |
12 | 11 | # Interractive Security Engine Installation Guide |
13 | 12 |
|
14 | 13 | Welcome! This interactive guide will help you set up your CrowdSec Security Engine and validate each step to ensure proper operation. |
@@ -68,12 +67,81 @@ But if you're comfortable with Docker it also is a great way to get started and |
68 | 67 |
|
69 | 68 | ### Verification |
70 | 69 |
|
71 | | -// dump the content of the testmdximport mdx file here |
72 | | -// this is a test to see if the mdx import works properly |
73 | | -// if it does not work, we can remove this part and just have the testmdximport in the next section |
74 | | -<testmdximport /> |
| 70 | +Let's check that CrowdSec is running and able to retrieve the community blocklist ! |
| 71 | + |
| 72 | +#### CrowdSec installation health |
| 73 | + |
| 74 | +[] Check that the CrowdSec service is running |
| 75 | +```bash |
| 76 | +systemctl status crowdsec |
| 77 | +``` |
| 78 | +- You should see the service status as "active (running)". |
| 79 | +- The port configuration can be setup in config.yaml file or by setting the environment variables depending on your implementation |
| 80 | + |
| 81 | +[] Check that your Local API (LAPI) is properly running: |
| 82 | +```bash |
| 83 | +sudo cscli machines list |
| 84 | +``` |
| 85 | +- You should see a list of machines, including the one you just installed CrowdSec on. |
| 86 | +- For an autonomous install the Security Engine is running and connecting to it's own LAPI |
| 87 | +- You should see a recent last heartbeat and a checkmark in status. |
| 88 | + |
| 89 | +[] Check the metrics can be queried (optionnal for cscli metrics and prometheus): |
| 90 | +```bash |
| 91 | +sudo cscli metrics |
| 92 | +``` |
| 93 | +- CrowdSec serves the metrics via a prometheus endpoint, check that it's able to run properly |
| 94 | +- You should see various tables, most still empty except the Local API Machines Metrics |
| 95 | + |
| 96 | +[] Setup hub-update // ?@seb case we need this ? |
| 97 | +- ... |
| 98 | + |
| 99 | +#### CrowdSec connectivity health |
| 100 | + |
| 101 | +[] Check your security engine can connect to the Central API |
| 102 | +```bash |
| 103 | +sudo cscli capi status |
| 104 | +``` |
| 105 | +- You should see: "You can successfully interact with Central API (CAPI)" |
| 106 | +- Optionally additional status |
| 107 | + - Sharing signals is enabled //+link to doc where to turn this on/off ? |
| 108 | + - Pulling community blocklist is enabled //+link to doc where to turn this on/off ? |
| 109 | + - Pulling blocklists from the console is enabled //+link to doc where to turn this on/off ? |
| 110 | + |
| 111 | +#### Enroll your Security Engine into CrowdSec Console |
| 112 | +For advanced monitoring and trouble shooting the CrowdSec Console is a great tool to visualize your Security Engine's activity and alerts. |
| 113 | + |
| 114 | +[] Enroll into the console |
| 115 | +- [link to doc] |
| 116 | +- You'll see a confirmation pop up in the console for enrollment if not you might have conectivity issue to the central API [link to troubleshooting section] |
| 117 | +- You'll see the last heartbeat and the status of your Security Engine in the console |
| 118 | +- You'll be able to check various configurations for the upcoming steps of the installation |
| 119 | +- You'll be warned when a new version of CrowdSec is available |
75 | 120 |
|
76 | 121 | ### Troubleshooting |
77 | | - |
78 | | - |
79 | | - |
| 122 | +<details> |
| 123 | + <summary>There could be ports conflicts with other services</summary> |
| 124 | + |
| 125 | + The Local API is running on port 8080 by default, and the Metrics server is running on port 6060 by default. |
| 126 | + If you have other services running on these ports, you can change the ports in the configuration file `/etc/crowdsec/config.yaml` or by setting the environment variables `CROWDSEC_API_PORT` and `CROWDSEC_METRICS_PORT` when running CrowdSec in a container. |
| 127 | +</details> |
| 128 | +<details> |
| 129 | + <summary>No connectivity to Central API</summary> |
| 130 | + |
| 131 | + Check that you have access to internet at least api.crowdsec.net |
| 132 | + Check that your online api credentials exist /etc/crowdsec/config/online_api_credentials.yaml (default path) |
| 133 | + Eventually reset them with the following command sudo cscli capi register |
| 134 | +</details> |
| 135 | +<details> |
| 136 | + <summary>Enrollment in Console not working</summary> |
| 137 | + |
| 138 | + Make sure you are looking in the proper organization in the console: the enrollment key is linked to your organization. |
| 139 | + If you have multiple organizations, you can switch using the organization selector in the top left corner of the console. |
| 140 | + If you already checked that there are no connectivity issues, you can try to re-enroll using the --overwrite flag, effectively forcing the engine to link to your organization. |
| 141 | +</details> |
| 142 | +<details> |
| 143 | + <summary>Can't see the latest version of the package</summary> |
| 144 | + |
| 145 | + Update your repository and install again. |
| 146 | + If latest version not available, Might depend on the plateform you're installing it on (be patient, it will come) |
| 147 | +</details> |
0 commit comments