Install and Configure the Alert Logic Virtual Appliance

The main use for an Alert Logic virtual appliance is for remote syslog log collection and in on-premise deployments.

If you have experience with VMWare management tools and virtual machine installation, you can install a virtual appliance into your environment to collect data from remote syslog sources.

The instructions below are not a complete guide to configure vSphere or virtual data centers. VMWare offers more information regarding vSphere.

Data Center deployments only

For Data Center deployments, you must locate and copy your Unique Registration Key, which you need to install the agent.

Alert Logic uses the Unique Registration Key to assign the agent to your Alert Logic account.

To access your Unique Registration Key:

  1. In the Alert Logic console, click the Settings icon (), and then select Support Information.
  2. Copy your Unique Registration Key.

Download the virtual appliance

Before you download the virtual appliance, review the virtual appliance requirements.

To download the virtual appliance, click the link in the table:

Version Link More Information MD5
threat-virtual-appliance_1.9.ova 2017-07-13 13:24, 938.14MB b5734be9bed1822283703fa86ee33a2f

Install the virtual appliance

The appliance is configured with a 40 GB virtual drive.

To install a virtual appliance with vSphere:

  1. Save the virtual appliance image to your target machine.
  2. Import the file into vSphere.
  3. Power on the virtual machine.
  4. Configure your IP address. To manually assign an address, log into a serial console with the following credentials: setup/7739521
  5. In your browser, type: http://<YourVirtualApplianceIPAddress>.
  6. For Data Center deployments only, in Unique Registration ID, paste your unique registration key.
  7. Click Start Claim Process. A screen informing you your appliance is provisioning appears. For status details, click Go To Detailed Status .
  8. Configure all remote syslog sources to send logs to the virtual appliance address on TCP/UDP port 514.
Use of a remote collector is allowed as an alternate method of syslog collection. See Install the remote collector in Windows or Install the remote collector for Linux for more information.

Related topics