Configuring and Installing the Database Server

Before installing the database, ensure that you estimate the storage needed for the incoming EPS (event per second) and event size, and also evaluate the retention policy accordingly. You also must create an IAM role prior to installing the database. For information about creating an IAM Role, see Understanding Methods for Connecting to AWS S3 Buckets.

Perform the following steps as root user:

  1. On the Database cluster node1 server, create a folder for the database installer and enable permissions. For example:

    mkdir /opt/arcsight-db-tools
    chmod 755 /opt/arcsight-db-tools
    /opt/arcsight-db-tools should not be under /root or /opt/vertica.
  2. From the master node where you performed the Downloading Installation Packages steps, copy the following file on the Database cluster node1 server:

    db-installer_x.x.x-x.tar.gz

    to the /opt/arcsight-db-tools directory

    sudo yum install tar
    sudo yum install unzip
  3. To extract the installer file and place it in the correct directory, run the following commands:

    cd /opt/arcsight-db-tools
    tar xvfz db-installer_x.x.x.x.tar.gz
  4. Edit the config/db_user.properties file and add all database node IPs to the hosts property.

    Property

    Description

    hosts

    A comma separated list of the database servers in IPv4 format (for example, 1.1.1.1,1.1.1.2,1.1.1.3).

    If it is necessary to construct the cluster, avoid using local loopback (localhost, 127.0.0.1, etc.).

  5. Install the database.

    Please make sure you have performed the steps detailed in Enabling Root Login for AWS Passwordless Communication before attempting the installation command.
    ./db_installer install
  6. When prompted, create the database administrator user.

    The database administrator user account is used during database deployment, configuration, upgrade, and debugging. For security reasons, the platform deployed capabilities will not ask you for the credentials for this user.

    For a list of options that you can specify when installing the database, see Understanding the Database Installer Options.
  7. Specify the shard count. We recommend a shard count of 3 for single-node, or a count of 18 for multi-node to allow for scalability. The prompt options are based on your environment, single-node or multi-node:

    • Single-node:

      # ========================================
      # STEP 1: Specify Database Shard Count for Eon Mode
      Do you plan to keep the database cluster to a single node in the future?
      If yes, the database will be optimized for performance on a single node by setting the default shard count to 3.
      Shard Count [3]:
      Confirm shard count [3]?(y/n):y
      Check memory size, 48GB required for single node installation with shard count > 3.
      PASS: Single node installation for shard count: 3
      
    • Multi-node:

      # ========================================
      # STEP 1: Specify Database Shard Count for Eon Mode
      Recommended shard count for multi node database deployment is 18. 
      Shard Count [18]:
      Confirm shard count [18]?(y/n):y
  8. Set up the communal storage type for S3 when prompted. For example:

    # STEP 2: Specify communal storage details
    Supported communal storage types -
    1) S3
    2) Azure Blob Storage
    Choose a communal storage type from the above (1/2):1
    Are you using IAM role authentication for AWS S3 Storage?(y/n):y
    Specify S3 bucket for communal storage:<yourS3BucketName>
    Specify the folder under bucket for communal storage if applicable:<newFolderNametoCreate>
    Communal storage url is: <s3://<yourS3BucketName> /newFolderNametoCreate>
    
    If you require a folder under your S3 bucket, it must be created in the communal storage procedure shown above. Folders pre-created under the bucket via the AWS console are not supported.
    ArcSight database AWS communal storage supports the S3 Intelligent-Tiering storage class. To learn more details about how to automatically configure the storage lifecycle rules, see AWS documentation, Automate S3 Lifecycle rules at scale to transition data to S3 Intelligent-Tiering.
  9. Create the schema.

    ./db_installer create-schema
  10. When prompted, create the following users:

    • App admin user: A regular database user granted elevated permissions for performing operations on the database to manage the database, schema, and resource pools. The credentials for this user will need to be provided later in the OMT Management Portal when you are deploying capabilities.

    • Search user: A regular database user with permissions restricted to event search operations. The credentials for this user will need to be provided later in the OMT Management Portal when you are deploying capabilities.

  11. Monitor your database cluster status constantly. For more information, see Monitoring the Database.

    • Database nodes status: Ensures all nodes are up

    • Database nodes storage status: Ensures storage is sufficient

Note: If you have a Recon license, the default retention period for Default Storage Group events is 12 months. You can modify this value based on your data storage policy. If you do not have a Recon license, the retention period for the Default Storage Group is one month.

Next Step - If your deployment includes Intelligence(Conditional – Intelligence) Configuring Settings for Elasticsearch in AWS

Next Step - If your deployment does not include IntelligenceBootstrapping OMT