CyOPs™ supports externalization of your CyOPs™ databases, i.e., the PostgreSQL database on Amazon RDS, and the MongoDB and ElasticSearch data on Amazon CentOS. Externalization is migration of data from your local database instance to a remote database instance that has same version of Postgresql, MongoDB, or ElasticSearch outside of the CyOPs™ virtual appliance.
The process of externalizing your Postgresql and MongoDB databases, and ElasticSearch data is explained in the CyOPs™ documentation: Externalization of your CyOPs™ Postgresql and MongoDB databases chapter in the "Administration Guide." The process of externalizing your ElasticSearch data is explained in the CyOPs™ documentation: Elasticsearch Configuration chapter in the "Administration Guide."
Minimum Recommended Storage Size for the externalized database is 50GB.
5432.
The process of externalizing your Postgresql is explained in the CyOPs™ documentation: Externalization of your CyOPs™ Postgresql and MongoDB databases chapter in the "Administration Guide."
Specify DB details
page, enter the following details:Instance specifications
section, from the DB engine version drop-down list, select PostgreSQL 10.3-R1.Settings
section, in the Master username field enter postgres
and in the Master password field, enter the password that you want to specify for your PostgreSQL database.Specify DB details
page, and click Next.Configure Advanced Settings
page enter the following details:Database Options
section, in the Database name field enter postgres
. Configure Advanced Settings
page, and click Save to create your PostgreSQL database on Amazon RDS.psql -h <pg_hostname> -U <pg_username> -p <port_no> -l postgres
postgres
database and perform the following steps:cyberpgsql
user using following command: # CREATE USER cyberpgsql WITH PASSWORD ‘<your password>’ CREATEROLE CREATEDB;
cyberpgsql
role using the following command:GRANT cyberpgsql TO postgres;
psql -h <external_rds_ip/host> -U cyberpgsql -l postgres
The process of externalizing your MongoDB databases is explained in the CyOPs™ documentation: Externalization of your CyOPs™ Postgresql and MongoDB databases chapter in the "Administration Guide."
You must have version 3.4 of MongoDB installed.
ssl
directory in the /var/lib/mongo/
folder and run the following command to change the permission and ownership:$ sudo chown -R mongod:mongod /var/lib/mongo/ssl
$ sudo chmod 700 /var/lib/mongo/ssl
.pem
file that contains a public key certificate and its associated private key. Copy this .pem
file to the /var/lib/mongo/ssl
directory, and ensure that the file's ownership is set as mongod:mongod
./etc/mongod.conf
file and edit the following:bindip
in the net
section to the CyOPs™ IP address from where you are externalizing MongoDB. For more information, see https://docs.mongodb.com/manual/reference/configuration-options/#net-optionsnet: ssl:
section ensure that the location of the server pem file (mentioned in step 2) is correct. For example, /var/lib/mongo/ssl/<file_name>.pem
. For more information, see the ssl section in https://docs.mongodb.com/manual/reference/configuration-options/#net-options$ sudo systemctl restart mongod
use venom
db.createUser
(
{
user: “cybermongo”,
pwd: “<yourMongoDBPassword>”,
roles: [
{ role: “readWrite”, db: “venom” }
]
}
)
usr/bin/mongo
--sslAllowInvalidHostnames <MONGO_HOST_EXTERNAL>:3128/venom
--sslPEMKeyFile <path_of_ssl_file> --ssl -u <user_name> -p <_mongo_external_password> --eval "db.stats(1024)"
The process of externalizing your ElasticSearch data is explained in the CyOPs™ documentation: Elasticsearch Configuration chapter in the "Administration Guide."
elasticsearch.yml
file, which is located at /etc/elasticsearch/elasticsearch.yml
replace network.host:
with the IP address from where you are going to receive the input for ElasticSearch. db_config.yml
of your CyOPs™ instance located at /opt/cyops/configs/database/db_config.yml
,
replace localhost with the IP address of the ElasticSearch instance,
and update your elasticsearch username and password in the 'es_user'
and 'secret'
keys, respectively.sudo -u nginx php /opt/cyops-api/app/console cybersponse:elastic:create --env="prod"
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.