Doc fix install (#494)
This commit is contained in:
parent
71325d9134
commit
e5487aacdb
3 changed files with 49 additions and 35 deletions
|
@ -14,4 +14,3 @@ labels:
|
|||
filename: /var/log/apache2/*.log
|
||||
labels:
|
||||
type: apache2
|
||||
---
|
|
@ -41,26 +41,24 @@ You are then ready to [take a tour](/Crowdsec/v1/getting_started/crowdsec-tour/)
|
|||
sudo {{v1X.wizard.bin}} --bininstall
|
||||
```
|
||||
|
||||
This will deploy a valid/empty {{v1X.crowdsec.name}} configuration files and binaries.
|
||||
Beware, in this state, {{v1X.crowdsec.name}} won't monitor/detect anything unless configured.
|
||||
This will only deploy the binaries, and some extra installation steps need to be completed for the software to be functional :
|
||||
|
||||
```
|
||||
cscli install collection crowdsecurity/linux
|
||||
```
|
||||
- `sudo cscli hub update` : update the hub index
|
||||
- `sudo cscli machines add -a` : register crowdsec to the local API
|
||||
- `sudo cscli capi register` : register to the central API
|
||||
- `sudo cscli collections install crowdsecurity/linux` : install essential configs (syslog parser, geoip enrichment, date parsers)
|
||||
- configure your sources in your {{v1X.ref.acquis}} : `/etc/crowdsec/acquis.yaml`
|
||||
|
||||
You can now start & enable the crowdsec service :
|
||||
|
||||
Installing at least the `crowdsecurity/linux` collection will provide you :
|
||||
|
||||
- syslog parser
|
||||
- geoip enrichment
|
||||
- date parsers
|
||||
|
||||
|
||||
You will need as well to configure your {{v1X.ref.acquis}} file to feed {{v1X.crowdsec.name}} some logs.
|
||||
|
||||
- `sudo systemctl start crowdsec`
|
||||
- `sudo systemctl enable crowdsec`
|
||||
|
||||
## Using the unattended wizard
|
||||
|
||||
If your setup is standard and you've walked through the default installation without issues, you can win some time in case you need to perform a new install : `sudo ./wizard.sh --unattended`
|
||||
|
||||
This mode will emulate the interactive mode of the wizard where you answer **yes** to everything and stick with the default options.
|
||||
|
||||
## From source
|
||||
|
||||
|
@ -75,12 +73,9 @@ Go in {{v1X.crowdsec.name}} folder and build the binaries :
|
|||
|
||||
```bash
|
||||
cd crowdsec
|
||||
```
|
||||
```bash
|
||||
make build
|
||||
make release
|
||||
```
|
||||
|
||||
|
||||
{{v1X.crowdsec.name}} bin will be located in `./cmd/crowdsec/crowdsec` and {{v1X.cli.name}} bin in `cmd/crowdsec-cli/{{v1X.cli.bin}}`
|
||||
This will create you a directory (`crowdsec-vXXX/`) and an archive (`crowdsec-release.tgz`) that are release built from your local code source.
|
||||
|
||||
Now, you can install either with [interactive wizard](#using-the-interactive-wizard) or the [unattended mode](#using-unattended-mode).
|
|
@ -14,7 +14,7 @@ To upgrade {{v1X.crowdsec.name}} from v0.X to v1, we'll follow those steps
|
|||
|
||||
#### Backup up configuration
|
||||
|
||||
```
|
||||
```bash
|
||||
sudo cscli backup save /tmp/crowdsec_backup
|
||||
sudo cp -R /etc/crowdsec/config/patterns /tmp/crowdsec_backup
|
||||
```
|
||||
|
@ -23,7 +23,7 @@ sudo cp -R /etc/crowdsec/config/patterns /tmp/crowdsec_backup
|
|||
|
||||
Download latest V1 {{v1X.crowdsec.name}} version [here]({{v1X.crowdsec.download_url}})
|
||||
|
||||
```
|
||||
```bash
|
||||
tar xvzf crowdsec-release.tgz
|
||||
cd crowdsec-v1*/
|
||||
sudo ./wizard.sh --uninstall
|
||||
|
@ -37,32 +37,52 @@ sudo ./wizard.sh --bininstall
|
|||
|
||||
!!! warning
|
||||
Before restoring old backup, if you have `local` or `tainted` postoverflows, be aware that they are no longer compatible. You should update the syntax (the community and us are available to help you doing this part).
|
||||
```
|
||||
```bash
|
||||
sudo cscli hub update
|
||||
sudo cscli config restore --old-backup /tmp/crowdsec_backup/
|
||||
sudo cp -R /tmp/crowdsec_backup/patterns /etc/crowdsec/
|
||||
```
|
||||
|
||||
### Register crowdsec to local & central API
|
||||
|
||||
```bash
|
||||
$ sudo cscli machines add -a
|
||||
INFO[0000] Machine '...' created successfully
|
||||
INFO[0000] API credentials dumped to '/etc/crowdsec/local_api_credentials.yaml'
|
||||
```
|
||||
|
||||
Before starting the services, let's check that we're properly registered :
|
||||
|
||||
```bash
|
||||
$ sudo cscli capi status
|
||||
INFO[0000] Loaded credentials from /etc/crowdsec/online_api_credentials.yaml
|
||||
INFO[0000] Trying to authenticate with username ... on https://api.crowdsec.net/
|
||||
INFO[0000] You can successfully interact with Central API (CAPI)
|
||||
```
|
||||
|
||||
#### Start & health check
|
||||
|
||||
Finally, you will be able to start {{v1X.crowdsec.name}} service. Before that, just check if {{v1X.lapi.name}} and {{v1X.api.name}} are correctly configured.
|
||||
|
||||
```
|
||||
ubuntu@ip-:~$ sudo cscli lapi status
|
||||
```bash
|
||||
$ sudo systemctl enable crowdsec
|
||||
$ sudo systemctl start crowdsec
|
||||
$ sudo cscli lapi status
|
||||
INFO[0000] Loaded credentials from /etc/crowdsec/local_api_credentials.yaml
|
||||
INFO[0000] Trying to authenticate with username 941c3fxxxxxxxxxxxxxxxxxxxxxx on http://localhost:8080/
|
||||
INFO[0000] Trying to authenticate with username ... on http://localhost:8080/
|
||||
INFO[0000] You can successfully interact with Local API (LAPI)
|
||||
|
||||
ubuntu@ip-:~$ sudo cscli capi status
|
||||
$ sudo cscli capi status
|
||||
INFO[0000] Loaded credentials from /etc/crowdsec/online_api_credentials.yaml
|
||||
INFO[0000] Trying to authenticate with username 941c3fxxxxxxxxxxxxxxxxxxxxxxx on https://api.crowdsec.net/
|
||||
INFO[0000] Trying to authenticate with username ... on https://api.crowdsec.net/
|
||||
INFO[0000] You can successfully interact with Central API (CAPI)
|
||||
|
||||
ubuntu@ip-:~$ sudo systemctl start crowdsec.service
|
||||
ubuntu@ip-:~$ sudo systemctl status crowdsec.service
|
||||
```
|
||||
|
||||
You can even check logs (located by default here: `/var/log/crowdsec.log` & `/var/log/crowdsec_api.log`).
|
||||
!!! warning
|
||||
If you're facing issues with `cscli lapi status`, just re-run `cscli machines add -a`.
|
||||
If you're facing issues with `cscli capi status`, just re-run `cscli capi register`
|
||||
|
||||
|
||||
You can check logs (located by default here: `/var/log/crowdsec.log` & `/var/log/crowdsec_api.log`).
|
||||
|
||||
You can now navigate documentation to learn new {{v1X.cli.name}} commands to interact with crowdsec.
|
||||
|
||||
|
|
Loading…
Reference in a new issue