Merge pull request #23 from NextronSystems/v4

V4
NextronSystems · May 6, 2024 · 310c7da · 310c7da
2 parents 9e9facb + fee8dd4
commit 310c7da
Show file tree

Hide file tree

Showing 14 changed files with 161 additions and 104 deletions.
diff --git a/administration/index.rst b/administration/index.rst
@@ -21,11 +21,10 @@ These steps are described in detail in the following sections.
 .. toctree::
     :caption: Contents
 
-    initial
+    amc
     case-recommendations
     syslog
     system-settings
     log-file
-    amc
     sandbox
     api
diff --git a/administration/initial.rst b/administration/initial.rst
diff --git a/administration/sandbox.rst b/administration/sandbox.rst
@@ -14,6 +14,9 @@ your own connector, for a different sandbox, if you need to:
 .. note:: 
    This section only focuses on the integration of your Analysis Cockpit
    with an existing sandbox. We will not cover how to set up the sandbox.
+   Since the CPAEv2 Sandbox is an open source tool provided by the broader
+   community, we encourage you to read through the extensive documentation
+   to get an overview of the setup process.
 
 Analysis Cockpit Sandbox Configuration
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

diff --git a/faqs/admin-pass.rst b/faqs/admin-pass.rst
@@ -10,6 +10,8 @@ the system via SSH, you can reset it via command line using the following comman
 
 .. code-block:: console
 
-   nextron@cockpit:~$ sudo mysql analysiscockpit -e "UPDATE users SET password = '7951GYqdAjLAoO1NaQu1ManJDIk' WHERE name = 'admin';"
-
-This resets the password to ``admin``. You should then change that password immediately.
+   nextron@cockpit:~$ sudo asgard-analysis-cockpit set-password
+   Please enter password for user `admin`: 
+   Please re-enter password for user `admin`: 
+   2024-04-10T08:26:29Z [INF] SET_PASSWORD: Database initialized..
+   2024-04-10T08:26:29Z [INF] SET_PASSWORD: password successfully updated
diff --git a/images/cockpit_license.png b/images/cockpit_license.png
diff --git a/images/cockpit_new_role.png b/images/cockpit_new_role.png
diff --git a/images/setup_nextronInstaller-diagnostics.png b/images/setup_nextronInstaller-diagnostics.png
diff --git a/images/setup_nextronInstaller-fqdn.png b/images/setup_nextronInstaller-fqdn.png
diff --git a/images/setup_nextronInstaller-landing.png b/images/setup_nextronInstaller-landing.png
diff --git a/images/setup_nextronInstaller-settings.png b/images/setup_nextronInstaller-settings.png
diff --git a/images/setup_nextronInstaller.png b/images/setup_nextronInstaller.png
diff --git a/maintenance/cluster.rst b/maintenance/cluster.rst
@@ -0,0 +1,21 @@
+.. index:: Cluster Update
+
+Elasticsearch Cluster Update
+============================
+
+If you are running an Elasticsearch Cluster with your Analysis Cockpit,
+we recommend to update the cluster members anytime you are installing an
+update on your Analysis Cockpit. Not only might an update for the Analysis
+Cockpit contain an update for Elasticsearch, but more importantly, system
+and security updates for the underlying debian system are also included.
+
+To update your cluster members, run the following commands on each of them:
+
+.. code-block:: console
+
+   nextron@node-1:~$ sudo apt update
+   nextron@node-1:~$ sudo apt upgrade
+
+.. note::
+   Performing system updates is usually risk free. However, we still recommend that you
+   create a backup/snapshot before updating your cluster nodes.
diff --git a/maintenance/index.rst b/maintenance/index.rst
@@ -12,4 +12,5 @@ which are not found in your Web UI.
 
     backup
     disk-space
-    elasticsearch
+    elasticsearch
+    cluster
diff --git a/setup/components.rst b/setup/components.rst
@@ -1,33 +1,141 @@
 .. Index:: Install Service
 
-Install the Analysis Cockpit Services
--------------------------------------
+Install the ASGARD Analysis Cockpit Service
+-------------------------------------------
 
-The base installation is now complete. In the next step we'll install
-the Analysis Cockpit service.
+The Nextron Universal Installer is a web based installer
+which will guide you through the installation of our
+ASGARD products. The Nextron Universal Installer will install
+**one** of the following products on your server (this manual
+focuses on the ``ASGARD Analysis Cockpit``):
 
-.. important::
-   - Internet connectivity is required for this step.
-   - Use an upper case ``i`` in the word ``nextronInstaller``.
+- ASGARD Management Center; alternatively if your license permits:
+
+  * ASGARD Broker
+  * ASGARD Gatekeeper
+  * ASGARD Lobby
 
-Use the VMWare console or SSH to the appliance using the user
-``nextron``.
+- Master ASGARD
 
-To start the Analysis Cockpit installation run the following command:
+- ASGARD Analysis Cockpit; alternatively:
+
+  * Elasticsearch Cluster Node for ASGARD Analysis Cockpit
 
-.. code:: console
-   
-   nextron@asgard-ac:~$ sudo nextronInstaller -cockpit
+- ASGARD Security Center, in the following variants:
 
-After the installer has completed its operations successfully, the
-system is ready to be used.
+  * ASGARD Security Center (Backend Only)
+  * ASGARD Security Center (Frontend Only)
+  * ASGARD Security Center (All-in-one, unrecommended)
 
-.. figure:: ../images/nextron_installer_cockpit.png
-   :alt: Message upon successful completion
+.. note::
+   You can only install one product on one server, since the
+   products are not designed to coexist on the same server.
+   The exception being the ASGARD Security Center (All-in-one).
 
-   Message upon successful completion
+The installation takes roughly between 5-15 minutes, depending
+on your internet connection and the server you are installing
+the product on.
 
-Note that the FQDN shown after ``https://`` has to be resolvable by the
-connected ASGARD Management Centers and users that try to access the
-Analysis Cockpit.
+If you encounter problems during your installation, please see
+:ref:`setup/components:diagnostic pack` for further instructions.
 
+Requirements
+~~~~~~~~~~~~
+
+The installation of the ASGARD Analysis Cockpit requires
+the following:
+
+- A valid license file for the ASGARD Analysis Cockpit
+- A configured FQDN (with some exceptions, see :ref:`setup/components:valid fqdn`)
+- Internet access during installation (see :ref:`setup/components:connectivity check`)
+
+Installation
+~~~~~~~~~~~~
+
+After the ISO installer is finished with the setup,
+you will be greeted at the console login prompt with
+the following message:
+
+.. figure:: ../images/setup_nextronInstaller.png
+   :alt: Login prompt ASGARD Server
+
+Follow the instructions and navigate to the webpage
+displayed on your console. You will most likely get
+a browser warning when you connect the first time to
+the page. This is due to the page using a self signed
+certificate, since it will only be used to install the
+ASGARD Analysis Cockpit. You can safely ignore this
+warning and proceed to the page.
+
+You will be greeted with a small introduction as to what
+the Nextron Universal Installer is and what it does. After
+you click ``Next``, you will be presented with the landing
+page of the Nextron Universal Installer.
+
+.. figure:: ../images/setup_nextronInstaller-landing.png
+   :alt: landing page of the Universal Installer
+
+Enter the Installation Code from the terminal and click
+``Next``. The Installer will now guide you through the
+installation.
+
+Connectivity Check
+~~~~~~~~~~~~~~~~~~
+
+The Nextron Universal Installer will try to connect to our
+update server in order to download all the necessary packages
+once the installation starts. Make sure you can reach the
+update servers (see :ref:`requirements/network:internet access during installation`).
+
+Please configure your proxy settings if you are behind a
+proxy (see :ref:`setup/components:proxy and ntp settings`).
+
+Valid FQDN
+~~~~~~~~~~
+
+The Nextron Universal Installer will prompt you to verify the
+FQDN which you configured during the installation of the base
+system (see :ref:`setup/network:network configuration`). This
+is needed in order for your ASGARD Management Center to communicate
+via a HTTPs connection with the ASGARD Analysis Cockpit. The Management
+Center will use the FQDN of your Analysis Cockpit to connect to
+it and also verify the Common Name of the certificate to verify its
+authenticity. If there is a mismatch the Management Center will
+not be able to sync events with the Analysis Cockpit.
+
+If the displayed FQDN is not correct, you can change it by
+clicking on the ``View FQDN Change Instructions`` button.
+This will open a dialog with instructions on how to change
+the FQDN of your server. Once you have changed the FQDN,
+you can continue with the installation.
+
+.. figure:: ../images/setup_nextronInstaller-fqdn.png
+   :alt: FQDN Verification of the Universal Installer
+
+Proxy and NTP Settings
+~~~~~~~~~~~~~~~~~~~~~~
+
+If you need to configure a proxy or change the NTP settings
+of your system, you can do so by clicking on the ``Settings``
+button in the left menu of the Nextron Universal Installer.
+
+.. figure:: ../images/setup_nextronInstaller-settings.png
+   :alt: Settings of the Universal Installer
+
+If you configured a proxy during the ISO installation, those
+settings will be carried over into the Universal Installer.
+The settings will also be carried over into your ASGARD
+Analysis Cockpit. The same goes for NTP.
+
+Diagnostic Pack
+~~~~~~~~~~~~~~~
+
+In case of errors or problems during the installation, you can
+download a diagnostic pack by navigating to the ``Diagnostics``
+tab in the left menu of the Nextron Universal Installer. Click
+on the ``Download Diagnostic Pack`` button to download the
+diagnostic pack. You can then send the diagnostic pack to our
+support team for further analysis.
+
+.. figure:: ../images/setup_nextronInstaller-diagnostics.png
+   :alt: Diagnostics of the Universal Installer