Versions Compared

Version Old Version 27 New Version Current
Changes made by

Mark Zuk

Yaron Bialik

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

Ensure both OVA files are available before beginning the installation process.

...

  1. Ensure you have created two static IP address records and two DNS names for both the Services and PostgreSQL servers.

Import and Configure the GYTPOL PostgreSQL OVA

...

  1. Open the Console of the PostgreSQL VM:

    • Use VMware to access the console of the VM where PostgreSQL is installed.

  2. Log in to the VM:

    • Enter the following credentials to log in:

      • Username: ubuntu

      • Password: m-33W8]aiUh

        • (Optional) To change the password, follow these steps:

          • Type passwd.

          • You will be prompted to enter your current password, followed by the new password twice for confirmation.

  3. Initialize PostgreSQL:

    • Once logged in, execute the following command to initialize PostgreSQL: sudo gyt postgres-init

  4. Verify the Initialization:

    • Check the output to ensure PostgreSQL has been successfully initialized.

...

Configure the Network for PostgreSQL VM

...

  1. Passwords to Set:

    • PostgreSQL Master Password:

      • This password secures the PostgreSQL database and will be required for administrative tasks.

      • Choose a strong and secure password. Record it safely for future reference.

    • Keycloak User Password:

      • This password is for managing the Keycloak user database.

      • Again, choose a secure password and record it safely for future reference.

    Input the Passwords When Prompted:

  2. Input the Passwords When Prompted:

    • When the setup script prompts you, type in the passwords carefully and confirm them when asked.

  3. Verify the Passwords:

    • Ensure you see a confirmation message or successful setup output for each password entry.

...

  1. Open Services VM Console:

    • Switch to the console of the Services VM in VMware.

  2. Log in to the Services VM:

    • Use the following credentials to access the VM:

      • Username: ubuntu

      • Password: m-33W8]aiUh

  3. Run the command sudo gyt install

...

        • (Optional) To change the password, follow these steps:

          • Type passwd.

          • You will be prompted to enter your current password, followed by the new password twice for confirmation.

  2. Run the command sudo gyt install

...

Network Configuration for the GYTPOL Services VM

  1. Follow the Network Configuration Prompts:

    • During the initial setup of the GYTPOL Services VM, you will be prompted to configure the network settings.

  2. Choose an IP Address Configuration:

    • We recommend selecting ‘static’ to manually configure the IP address for better reliability and control.

      • Enter the following details:

        • IP Address: Your desired static IP.

        • Subnet Mask: As per your network configuration (e.g., /24 or 24)

        • Gateway: Your network's gateway IP address.

        • DNS Servers: Enter your preferred DNS servers.
          If you have multiple servers, input them one at a time. When finished, type done.

...

  1. GYTPOL_URL:

    • Enter the DNS name of the GYTPOL server. Make sure it’s FQDN.

    • Example: gytpol-app.yourdomain.com

  2. DBMASTER_PASSWORD:

    • Provide the password for the GYTPOL database. Use your own secure password.

    • Choose a secure and memorable password. This is a new password.

    • This isn’t the Master password.

    POSTGRES

  3. POSTGRES_HOST:

    • Enter the IP address of the PostgreSQL VM.

    • Example: 192.168.1.100

    MASTER_PASSWORD:

  4. GYTPOL_ADMIN_USER_EMAIL (default):

    • Enter the email address for the first administrator user in the system.

    • Example: admin@yourdomain.com

  5. USER_MANAGEMENT_ADMIN_PASSWORD:

    • Set a password for accessing the User Management Console. (separate screen for Admin access)

    • Choose a secure and memorable password. This is a new password.

  6. USER_MANAGEMENT_DB_PASSWORD:

...

  1. The setup will request you to create an Initial User Password for the first user account in the system.

  • This is a new password for the first local user created in the GYTPOL_ADMIN_USER_EMAIL step (#4).

...

Wait for the installation to complete. Once finished, you should see the message: “Finished - Creating buckets” and return to the ubuntu@gytpol-services:~$ prompt.

At this point:

  1. The Access Key ID, Secret Access Key and API key will be displayed. Make sure to copy and save them, as they will be required in the next step.

    1. The Secret Access Key will be 16-32 characters long. Ensure you copy it correctly, as the SSH/console may sometimes split the string into two lines.

  2. If the API key is needed for future use (reporting, BI etc.), copy and store it securely.

  3. Run the following command to retrieve the License ID, which will also be used in the next step: sudo gyt get-license-id

...

  • Send the following details to license@gytpol.com:

    • License ID (5 characters)

    • Access Key ID

    • Secret Access Key

    • API Key

    • GYTPOL Services Server FQDN and IP address

      • FQDN for Windows sensors and IP for Linux/macOS sensors

  • The GYTPOL team will respond with the license key and sensor installation files.

...

  • Access the server using PuTTY or any other SSH client, connecting over port 12222.

  • Retrieve the S3 keys by running: sudo gyt get-s3-keys

  • Retrieve the License ID by running: sudo gyt get-license-id

  • Retrieve the API Key by running: sudo gyt get-api-key

Copying Sensor Installation Files/Packages to the Services OVA

The sensor files are provided in a ZIP format. Before copying the files, ensure you extract the sensor files into a folder.

...

  1. Copy All Sensor Installation Files:

    • Use WinSCP or the scp command (as described earlier) to transfer all sensor installation files you receive to the services OVA.

  2. Log in to the Services OVA:

    • Open the VMware console or use SSH to access the GYTPOL services server.

    • Use the credentials you configured during the setup.

  3. Run the Command for Each Sensor Installation File: sudo gyt copy-client <OS> <VERSION> <FILENAME>, for example:

Code Block
languagebash
sudo gyt copy-client linux 2.4.9.18 gytpol-client_2.4.9.18-18_amd64.deb #for Debian
sudo gyt copy-client mac 2.4.9.18 gytpol-client_2.4.9.18-18_amd64.pkg #for macOS
sudo gyt copy-client windows 2.36.3.0 gytpolClient_x64.msi #for 64-bit Windows
sudo gyt copy-client windows 2.36.3.0 gytpolClient_x86.msi #for 32-bit Windows

...

Info

...

For the Windows Sensor, ensure you extract the files first instead of copying or uploading the ZIP file. Use only the MSI files and exclude the rest of the ZIP contents.

...

Finalizing Sensor Setup

  1. Generate Sensor Links:

    • Run the following command in the GYTPOL Services server to generate sensor links in the GYTPOL UI: sudo kubectl create job --from cj/gytpol-analyzer-periodic-client-signer-cj signer-job -n gytpol

  2. Alternatively, Wait:

    • If you do not run the command, the system will automatically generate sensor links within 30 minutes.

    Access GYTPOL:

    • sudo kubectl create job --from cj/gytpol-analyzer-periodic-client-signer-cj signer-job -n gytpol.

  3. Access GYTPOL:

    Once the sensor links are available, you can start using GYTPOL through the configured interface.

Installing the License for GYTPOL

...

Replace <LICENSE-FILENAME.txt> with the full path or name of the license file.

...

...

Adding SSL Certificate to GYTPOL

By default, GYTPOL will run on http if no certificate is added https with self-signed certificate.

...

To enable HTTPSadd a personal certificate, you will need to provide SSL certificate files (.crt and .key) for the DNS domain name associated with your GYTPOL server.

  • Obtain Certificate Files:

    • Acquire an SSL certificate (.crt file) and its corresponding private key (.key file) for your DNS domain name from a trusted Certificate Authority (CA) or generate self-signed certificates for testingcertificates for testing.

Info

If you only have a PFX or CER format certificate, please follow this guide. Once the necessary files are generated, you can proceed with the steps below.

  • Copy Certificate Files to the Services VM:

    • Use WinSCP or the scp command to transfer the .crt and .key files to the services VM.

    • Example Command: scp -P 12222 -o StrictHostKeyChecking=no /path/to/your/cert.crt /path/to/your/key.key ubuntu@<services-OVA-IP>:/home/ubuntu

...

  • Replace:

    • /path/to/your/cert.crt: Path to the .crt file on your local machine.

    • /path/to/your/key.key: Path to the .key file on your local machine.

    • <services-OVA-IP>: The IP address of the services VM.

Adding SSL Certificate to Enable HTTPS

To enable HTTPS for GYTPOL, you can add the SSL certificate directly to the services OVA by following these steps:

Steps to Add SSL Certificate

Replace the self-signed certificate with a personal SSL certificate

  1. SSH into the Services OVA:

    • Use an SSH client (e.g., terminal, PuTTY) to connect to the services OVA over port 12222.

      • Example:ssh -p 12222 ubuntu@<services-OVA-IP> (replace <services-OVA-IP> with the IP address of the services OVA).

  2. Run the Command to Add SSL Certificate:

    • Once logged in, use the sudo gyt add-ssl-certificate <CRT FILENAME> <KEY FILENAME> command to apply the certificate.

...

  1. Open a web browser and navigate to https://<gytpol-services-dns>:9093/admin
    Replace <gytpol-services-dns> with the DNS name of your GYTPOL services.

  2. Log In:

    • Use the following credentials:

      • Username: admin

      • Password: The password configured as USER_MANAGEMENT_ADMIN_PASSWORD during installation (#5 in this step).

  3. After logging in, select Users from the left-hand navigation pane.

    image-20250113-092807.png

  4. Click on Add User button

    image-20250113-092843.png

  5. Select “Email Verified” and ensure that both the username and email fields are filled with valid email addresses.

    image-20250113-093006.png

  6. After creating the user, navigate to “Role Mapping” and click on “Assign Role”.

    image-20250113-093058.png

    1. Assign “gytpol”:

    image-20250113-093127.png

  7. Navigate to “Credentials” and click on “Set Password”:

    image-20250113-093216.png

  8. Enter the password and choose whether the user should be required to change it upon their first login by setting it as Temporary or not.

...

This setup will enable you to log in using Active Directory (AD) users from your domain, utilizing their email and domain password.Before connecting GYTPOL to Active Directory, ensure that all users have a valid email configuredutilizing their userPrincipalName and domain password.

Next, create a new user in your Active Directory:

  1. The user should be a regular domain user Domain User without any administrative rights.

  2. The user must be a member of the "Performance Log Users" group (this user will be used for the AD and GPO screens).

Ensure the user is configured correctly before proceeding with the AD connection.

...

  • Set the Edit Mode to READ_ONLY.

  • Enter the Users DN for the OU containing GYTPOL's allowed users.

  • For Username LDAP Attribute, enter sAMAccountName UserPrincipalName.

    image-20250114-083620.pngImage Removedimage-20250220-112113.pngImage Added

  1. Click “Save” once done.

  2. Select the provider name that was created

    image-20250220-112233.pngImage Added

  3. Select “Mappers

    image-20250220-112313.pngImage Added

  4. Select the “email” mapper

    image-20250220-112341.pngImage Added

  5. Change the “LDAP Attribute” to userPrincipalName and”Save

    image-20250220-112426.pngImage Added

Change session timeouts

  1. Open the User Management Console:

  2. Log In:

    • Use the following credentials:

      • Username: admin

      • Password: The password configured as USER_MANAGEMENT_ADMIN_PASSWORD during installation.

  3. After logging in, navigate to Realm settings from the left-hand navigation pane and click on Sessions.

    image-20250114-092730.png

  4. Change the settings you would like to change and click the Save button

...

  1. Open the User Management Console:

  2. Log In:

    • Use the following credentials:

      • Username: admin

      • Password: The password configured as USER_MANAGEMENT_ADMIN_PASSWORD during installation.

  3. After logging in, navigate to Identity providers

    image-20250116-110537.png

  4. Select SAML v2.0

...

  1. Enter an Alias and then copy the Redirect URI and Service provider entity ID (copy must be done after entering the alias)

...

  1. Select SAML 2.0

    image-20250116-111204.png

  2. Enter the Single sign-on URL (the Redirect URI from step 5) and the Audience URI (service provider entity ID from step 5).

    1. in Name ID format select EmailAddress

    2. in Application username select Email

      image-20250116-111536.png

  3. continue Continue with the rest of the application setup

  4. copy Copy the Metadata URL

    image-20250116-111957.png

  5. Assign the application to the users you want

...

  1. Go back to GYTPOL, paste the URL you copied in the SAML entity descriptor

    image-20250116-112239.png

  2. click Click on the Add button and you should see a success popup

    image-20250116-112512.png

  3. You should now be able to login to GYTPOL using Okta

    image-20250116-113120.png

...