The main use for an Alert Logic virtual appliance is for remote syslog log collection and in on-premises deployments.
If you have experience with VMWare management tools and virtual machine installation, you can install a virtual appliance into your environment to collect data from remote syslog sources.
The instructions below are not a complete guide to configure vSphere or virtual data centers. VMWare offers more information regarding vSphere.
Data Center deployments only
For Data Center deployments, you must locate the Unique Registration Key from the Configuration page. Copy your unique registration key. You will need to enter this key to install the agent.
Alert Logic uses the Unique Registration Key to assign the agent to your Alert Logic account.
To access your Unique Registration Key:
- In the Alert Logic console, click Deployments, and then select an existing deployment.
- On the side navigation, click Installation Instructions, and then copy the Unique Registration Key.
Before you download the virtual appliance, review the virtual appliance requirements.
To download the virtual appliance, click the link in the table:
|threat-virtual-appliance_1.9.ova||https://scc.alertlogic.net/software/threat-virtual-appliance_LATEST.ova||2017-07-13 13:24, 938.14MB||b5734be9bed1822283703fa86ee33a2f|
The appliance is configured with a 40 GB virtual drive.
To install a virtual appliance with vSphere:
- Save the virtual appliance image to your target machine.
- Import the file into vSphere.
- Power on the virtual machine.
- Configure your IP address. To manually assign an address, log into a serial console with the following credentials: setup/7739521
- In your browser, type: http://<YourVirtualApplianceIPAddress>.
- For Data Center deployments only, in Unique Registration ID, paste your unique registration key.
- Click Start Claim Process. A screen informing you your appliance is provisioning appears. For status details, click Go To Detailed Status .
- Configure all remote syslog sources to send logs to the virtual appliance address on TCP/UDP port 514.