Relay installation in any Linux distribution
See below the instructions to manually install and validate a relay in any Linux distribution.
These instructions refer to the installation of the In-house Relay in a Redhat system using the yum package manager. You can replace yum with the package manager you use for your Linux distribution.
It is necessary to install dialog, java, and wget before installing the relay.
# yum install dialog # yum install java # yum install wget
Installing the relay
Download, decompress, and install the relay package (logtrust-relay).
# cd /tmp/; wget http://repository.logtrust.net/packages/logtrust-relay.tar.gz # tar -zxvf /tmp/logtrust-relay.tar.gz # cd /tmp/logtrust-relay-0.5 # ./install.sh
Reload the environment:
# source /etc/profile # . /etc/profile
Ensure that the environment has been updated.
# java -version # echo $SCOJA_HOME
If it has not been updated, log in again.
Run the configuration script:
If the executable is not found, make sure the PATH includes /usr/local/bin:
# export PATH=/usr/local/bin:$PATH
If using the VDC (Spain), USA, or Azure clouds, update the first two lines of the file /etc/logtrust/relay/logtrust.conf to specify the correct cloud.logtrust.services.url = ""
logtrust.services.downloadHomeRelayConfig.url = " "
- For VDC, use spain.logtrust.com
- For AWS USA, use usa.logtrust.com
- For Azure, use azure.logtrust.com
Activating the relay
Go to Administration → Relays, select the newly created relay, click the ellipsis icon, and select Activate.
Testing the relay
Once installed and activated, you can now test the relay.
Make sure the Java process is running:
# ps auxwww|grep java|grep scoja|grep -v grep root 19051 0.3 4.3 2056048 175568 ? Sl 10:23 0:17 /opt/java/bin/java -server -Xms200M -Xmx200M -XX:+UseConcMarkSweepGC -classpath :/opt/logtrust/scoja/scoja.jar:/opt/logtrust/scoja/scoja-cc.jar:/opt/logtrust/scoja/scoja-compression.jar:/opt/logtrust/scoja/scoja-rpc.jar:/opt/logtrust/scoja/scoja-beep.jar:/opt/logtrust/scoja/jython.jar -Djava.library.path=/opt/logtrust/scoja -Dscoja.home=/opt/logtrust/scoja -Xms500M -Xmx500M org.scoja.server.Scoja -r 5s -G /etc/logtrust/scoja/current/all-me.conf -j /etc/logtrust/scoja/current/all-var.conf
Make sure the ports are listening:
# netstat -atun --program|grep `pgrep -f org.scoja.server.Scoja`|grep LISTEN tcp6 0 0 :::13001 :::* LISTEN 1319/java tcp6 0 0 :::13002 :::* LISTEN 1319/java tcp6 0 0 127.0.0.1:5140 :::* LISTEN 1319/java tcp6 0 0 :::13000 :::* LISTEN 1319/java
Make sure that the client.jks certificate was correctly downloaded:
# ls -al /etc/logtrust/scoja/current/keys/ total 16 drwx------ 2 root root 4096 Jan 28 10:24 . drwxr-xr-x 5 root root 4096 Jan 28 10:24 .. -rw-r--r-- 1 root root 8048 Jan 28 10:24 client.jks lrwxrwxrwx 1 root root 43 Jan 28 10:14 me.jks -> /etc/logtrust/scoja/current/keys/client.jks
Cron downloads configuration properly:
# cat /var/log/lt-relay.log: 2016-01-28 10:16:01.374445 [ERROR] Property 'api.key' not found in conf file 2016-01-28 10:17:01.510618 [ERROR] Property 'api.key' not found in conf file 2016-01-28 10:18:01.651220 [ERROR] Property 'api.key' not found in conf file 2016-01-28 10:19:01.791669 [ERROR] Property 'api.key' not found in conf file 2016-01-28 10:20:01.932002 [ERROR] Property 'api.key' not found in conf file 2016-01-28 10:21:02.073736 [ERROR] Property 'api.key' not found in conf file 2016-01-28 10:22:01.208316 [ERROR] Property 'api.key' not found in conf file 2016-01-28 10:23:00.488298 [SUCCESS] Relay activation is still pending, waiting for user to activate the Relay 2016-01-28 10:23:01.158783 [SUCCESS] Relay activation is still pending, waiting for user to activate the Relay 2016-01-28 10:24:01.331976 [SUCCESS] Relay is active, deploying new configuration set 2016-01-28 10:25:01.794021 [SUCCESS] No changes in the Relay Configuration ...
- The first several errors appear because the logtrust-relay-configure script has not yet been run so the API key is missing.
- The message "Relay activation is still pending" appears when the relay has been created but not yet activated.
- The message "Relay is active" appears because a new configuration is downloaded. The first configuration is the one downloading the certificate.
- If the certificate download process fails, go to Administration → Relays, click the relay you are configuring, and select the Force Generate New Certificate check box.
Once you have confirmed everything else, you can test the following basic logging commands:
# yum install nc # for i in `seq 1 100`; do (echo "<14>Jan 1 00:00:00 xxx test.keep.free: evento de prueba $i"|nc localhost 13000); done
- This command sends 100 events to port 13000 (the pure relay) tagged as test.keep.free in order to generate a test table. Go to Data Search, locate the test.keep.free table and ensure that it contains 100 events. If it does not appear in the Finder area of the Search tool (the Finder takes some time to show the first events of a new relay), click Free text query and type from test.keep.free.