Skip to content

Latest commit

 

History

History
65 lines (42 loc) · 3.55 KB

Manual Installation.md

File metadata and controls

65 lines (42 loc) · 3.55 KB
Raw

Installation

This guide walks through installing several components.

Bro/Zeek

Installing Bro is recommended. RITA needs Bro logs as input so if you already have Bro or its logs you can skip installing Bro.

  1. Follow the directions at https://zeek.org/get-zeek/.
  2. Use the quick start guide to configure.

MongoDB

RITA requires Mongo for storing and processing data. The current recommended version is 3.6, but anything >= 3.2.0 and < 3.7.0 should work.

  1. Follow the MongoDB installation guide at https://docs.mongodb.com/manual/installation/
  2. Ensure MongoDB is running before running RITA.

RITA

You have a few options for installing RITA.

  1. The main install script. You can disable Bro and Mongo from being installed with the --disable-bro and --disable-mongo flags.
  2. A prebuilt binary is available for download on RITA's release page. In this case you will need to download the config file from the same release and create some directories manually, as described below in the "Configuring the system" section.
  3. Compile RITA manually from source. See below.
Installing Golang

In order to compile RITA manually you will need to install both Golang and Dep.

  1. Install Golang using the instructions at https://golang.org/doc/install
  2. After the install you need to create a local Go development environment for your user. This is typically done in $HOME/go which is what the directions here will use.
    1. mkdir -p $HOME/go/{src,pkg,bin}
  3. Now you must add the GOPATH to your .bashrc file. You will also want to add your bin folder to the path for this user.
    1. echo 'export GOPATH="$HOME/go"' >> $HOME/.bashrc
    2. echo 'export PATH="$PATH:$GOPATH/bin"' >> $HOME/.bashrc
    3. source $HOME/.bashrc
  4. Install the depenency manager dep using these instructions
Building RITA

At this point you can build RITA from source code.

  1. go get github.com/activecm/rita or git clone https://github.com/activecm/rita.git $GOPATH/src/github.com/activecm/rita
  2. cd $GOPATH/src/github.com/activecm/rita
  3. make (Note that you will need to have make installed. You can use your system's package manager to install it.)

This will yield a rita binary in the current directory. You can use make install to install the binary to /usr/local/bin/rita or PREFIX=/ make install to install to a different location (/bin/rita in this case).

Configuring the system

RITA requires a few directories to be created for it to function correctly.

  1. sudo mkdir /etc/rita && sudo chmod 755 /etc/rita
  2. sudo mkdir -p /var/lib/rita/logs && sudo chmod -R 755 /var/lib/rita

Copy the config file from your local RITA source code.

  • sudo cp $GOPATH/src/github.com/activecm/rita/etc/rita.yaml /etc/rita/config.yaml && sudo chmod 666 /etc/rita/config.yaml

At this point, you can modify the config file as needed and test using the rita test-config command. There will be empty quotes or 0's assigned to empty fields. RITA's readme has more information on changing the configuration.