Setup Utility¶
The Setup Utility found in ~/flowpro/setup.sh
is responsible for interface management and Plixer FlowPro configuration.
From the Hyper-Visor, launch the virtual console, and then log in to the Plixer FlowPro as the
root
user and passwordplixer
.Accept the FlowPro End User Agreement, and then proceed with the initial setup.
When prompted, enter the values for the following:
Flowpro Hostname (this must be a fully qualified hostname)
IP Address
CIDR (provide the CIDR mask only (i.e. 8,16,24,etc.))
Gateway
DNS IP
root
user’s new passwordplixer
user’s new password
Note
The system will reboot after all the information is provided.
After the system reboots, you can now SSH to the newly configured IP address using the
plixer
user and password that you set in the previous step.Run the following command to setup Plixer FlowPro:
$ sudo /home/plixer/flowpro/setup.sh
.When prompted, enter the values for the following:
plixer
user’s current passwordPrimary Plixer Scrutinizer reporter address
Plixer Scrutinizer Collector address (This should be the Collector that will receive flows from the Plixer FlowPro appliance. This can be the same as the reporter address.)
Plixer Scrutinizer admin auth_token (This is important as part of the initial Plixer FlowPro licensing steps.)
Important
During the setup utility, users cannot use the auth_token that is automatically generated when adding the Plixer FlowPro to the Plixer Scrutinizer UI. An admin token must be created and enter that value instead.
When prompted, enter the values for the following to generate a new SSL certificate:
Country Name (2-letter country code)
State or Province Name (Complete state or province name)
Locality Name (Complete locality or city name)
Organizational Unit Name (Section)
Common Name (Server FQDN or your name)
DNS alternative name 1
Note
Press Enter to stop adding values.
When prompted, enter if your Plixer FlowPro appliance has internet access.
If yes, proceed with the next steps that follow. This may require a docker account.
If no, the setup will be done locally.
When prompted, confirm if you will be configuring an ERSPAN.
If setting up ERSPAN, enter the following details when prompted:
IP address to assign to a monX interface
ERSPAN source IP
ERSPAN destination IP
ERSPAN ID and key
Note
For more information, refer to the ERSPAN section.
Flow data and/or events should begin to populate in Plixer Scrutinizer with an exporter address of the local MGMT interface IP.
Setup Utility Runmodes¶
After inital setup, Plixer Flowpro configuration changes can be made by running the whole setup utility or individual sections.
$ sudo ~/flowpro/setup.sh
- Full application re-configuration
$ sudo ~/flowpro/setup.sh --monitor-ports
- Re-configuration of monitor ports, used when adding additonal interface post-deployment
$ sudo ~/flowpro/setup.sh --exporter-config
- Re-configuration of flow export and destination Scrutinizer
$ sudo ~/flowpro/setup.sh --cert-generation
- Regeneration of local certificates
$ sudo ~/flowpro/setup.sh --container-setup
- Update suricata execution container
$ sudo ~/flowpro/setup.sh --erspan-config
- IP and configure erspan destination post-deployment
$ sudo ~/flowpro/setup.sh --firewall-mgmt
- Reset Firewall to default posture
Plixer FlowPro service¶
The operation is orchestrated through the Plixer FlowPro system service and can be controlled using the following command: service flowpro [start|stop|restart]
.
Note
The setup will generate a certificate signing request ~flowpro/server.csr
. Sign this request and replace the existing ~/flowpro/server.crt
file. Then, restart the Plixer FlowPro service to avoid self-signed operation.