Articles in this section

Install SkyFormation App on Linux Machine

Avatar
Nadav Lavy
  • Updated
Follow

If you're having trouble at any stage please contact us at support@skyformation.com

 

IMPORTANT NOTE
This guide explains how to use the new SkyFormation installation framework that was introduced from SkyFormation version 2.1.21. If you have copies of the old SkyFormation installation procedure make sure to delete it. Please use only the procedure described in here.

Prerequisites

- Complete the tasks detailed at:
  SkyFormation Platform Prerequisites 

- Have your dedicated SkyFormation Linux machine up and running

- Make sure you have your SkyFormation license key  

Steps

a. Running the installation 

   SSH into the SkyFormation dedicated Linux machine with a "sudo"er account

command to use if you have no proxy
sudo bash -c "$(curl -L    https://download.skyformation.net/v2/download/installer/edge/pre-install.sh)"

command to use if you are running behind a proxy
sudo bash -c "$(curl -x https://proxyserver:8080 -L  https://download.skyformation.net/v2/download/installer/edge/pre-install.sh)"

Note: if you have an authenticated proxy, and you have special characters in your username or password, you need to send them to both curl -x parameter and skyformation install script in URL encoded format. You may use the following command line on your terminal to see the encoded format of your user and password (in this example the password is ab$#^%cd, replace it with yours):

   curl -s -o /dev/null -w %{url_effective} --get --data-urlencode 'ab$#^%cd' "" | cut -c 3-
   
    the result on the screen is the encoded password, in this case :

    ab%24%23%5E%25cd

Optional Parameters

You can set up the integration user for skyformation open-api usage during the installation. To do so, use the following optional parameters:

-u=inetgration-user-name

-p=integration-user-password

-r=integration-user-role (the only valid value is "integration-admin". If you're setting a regular , non-admin integration user don't use this parameter).

In case you are using any of the optional parameters the installation command would be slightly different:

command to use if you have no proxy

curl -L https://download.skyformation.net/v2/download/installer/edge/pre-install.sh > preinstall.sh && chmod +x preinstall.sh && sudo ./preinstall.sh -u=myintegrationuser -p=myintegerationuserpassword -r=integration-admin && rm preinstall.sh

command to use if you are running behind a proxy

curl -x https://proxyserver:8080 -L https://download.skyformation.net/v2/download/installer/edge/pre-install.sh > preinstall.sh && chmod +x preinstall.sh && sudo ./preinstall.sh-u=myintegrationuser -p=myintegerationuserpassword -r=integration-admin && rm preinstall.sh

The encoding for special characters apply.

b. Insert the following parameters when asked (highlighted in green below): 

curl -L https://download.skyformation.net/v2/download/installer/edge/pre-install.sh > preinstall.sh && chmod +x preinstall.sh && sudo ./preinstall.sh && rm preinstall.sh
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  1469  100  1469    0     0   3981      0 --:--:-- --:--:-- --:--:--  3981
Proxy server (full with schema, host and port, i.e. https://myproxy.corp.com:8080 ; if the proxy requires auth also put credentials i.e. https://myuser:mypwd@myproxy.corp.com:8080) []: 

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  6476  100  6476    0     0  33729      0 --:--:-- --:--:-- --:--:-- 33729
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 25733  100 25733    0     0  91903      0 --:--:-- --:--:-- --:--:-- 91576
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   473  100   473    0     0   3032      0 --:--:-- --:--:-- --:--:--  3032
License key:     

Application port [8443]: 

Testing license key...
License is valid
 

   >> Proxy server [] :   
      Default is no proxy in use. Press enter if no proxy is in use. 
      If you are running behind a proxy insert the proxy DNS and port (e.g. proxyserver:8080). If the              proxy requires auth also put credentials i.e. https://myuser:mypwd@myproxy.corp.com:8080)
Again, if you have special characters in the user or the password or both, you have to send the encoded strings here.

>> License key:    
      Insert your SkyFormation app license key provided by SkyFormation

>> Application port [8443]:  
     Port used by the SkyFormation web app. Enter for default 8443

You should see the two lines (as in the above diagram):
>> Testing license key
>> License key is valid

Installation is completed successfully and SkyFormation app is running when you see the following output lines:

Starting the compose service...
Compose service is up
==> Done!

In case you're having trouble logging into our docker repository, refer to this guide. 

c. Verify that the SkyFormation web app is accessible

    Open your Chrome browser and enter the SkyFormation webapp URL as followed:
    https://<skyformationserver>:8443

    You will see a screen asking you to approve the SkyFormation web app certificate in use

skyformation_webapp_access_untrusted_cert_approval.png

 

  • Press on "ADVANCED" link and then in the expanded part on "Proceed to ..."
    (see the screenshot above)
  • Insert in the SkyFormation login screen the default user & password
    (see the screenshot below)

         Default User: sk4admin
         Default Password: password

         skyformation_login_page.png

 

WARNING:
    Leaving the default password is a security risk. Please change to a secure one using the link:
    How to replace/rest the SkyFormation password

 

If you see the SkyFormation app 'License" page as seen below your SkyFormation app installation was completed successfully.

d. Activate your SkyFormation app license

  • Review and accept the SkyFormation End User License Agreement (EULA) by pressing
    "I Agree"
    (see the screenshot below) 

accept_the_skyformation_eula.png

  • Put the SkyFormation app license key provided to you at the "License Key" text box

        If the license is valid you will see "OK, The license is valid" as seen below

inserting_the_skyformation_license_key_and_verify_accepted.png

 

  • Press "SAVE & CONTINUE"

skyformation_license_save_bottom.png

 

e. Choose SINGLE-TENANT or MULTI-TENANT SkyFormation mode

    SkyFormation app could run in either a "single-tenant" or "Multi-tenant" mode. 

    Single-tenant mode

    Will allow you to integrate only one SIEM as the target system to get the SkyFormation events,
    and each cloud app connector added will automatically be attached to the single default tenant.

    Most popular option for most customers using SkyFormation as a single organization solution.

    Multi-tenant mode

    Allow you to add multiple tenants to the system and attach to each a dedicated SIEM as its
    target system to get the SkyFormation events. Each cloud app connector added will
    have the option to be assigned to any of the tenants in the system.

    Most popular option for Managed Security Service Providers using SkyFormation
    to monitor and protect multiple tenants.

    skyformation_single_or_multi_tenant_mode.png

    

  • Press "SAVE & FINISH"

 

    skyformation_tenant_mode_save_bottom.png

 

DONE

 

NEXT STEPS 

You might want to go now to: Steps To Take Before Adding Cloud Connector for the first time

 

 

Related articles

Comments

0 comments

Please sign in to leave a comment.