Connecting to the OMT

With the OMT bootstrap procedure completed, the next step in installing OMT and the ArcSight Platform is to connect to the OMT web installation UI, then proceed through the installation wizard.

Accessing the OMT Installation UI

At the end of the OMT bootstrap process, you were prompted to connect to the URL https://<external access host>:3000, which is part of the standard OMT installation procedure.

The OMT installation port 3000 is now accessible through the chosen Route 53 record set, but only within the VPC. The VPC and any resources inside it are isolated from access from the internet (except for the bastion host, which is accessible on port 22, the SSH port).

You cannot access the created DNS record outside the VPC, since that DNS record will resolve to one of the three private subnet IP addresses which are hidden (and, in our case, in a private A-class IP range).

There are two methods for connecting a browser to the OMT port 3000: forwarding DISPLAY and forwarding local ports.

Forwarding DISPLAY

Prerequisite: An operating system capable of running X-server, such as *nix, linux, or MacOS.

For connection to the bastion, the easiest and fastest option is to connect to the bastion using SSH with the -X or -Y switch. This will set the remote DISPLAY accordingly, so the process running remotely will render its UI on the local X-server. The bastion host you configured earlier has the Mozilla Firefox browser installed.

The drawback of this method is that only one user can be connected and use the web browser, and the browser response might be quite slow. Any subsequent user will receive a message that the browser is already running, and results in significant lag while in the browser. However, the browser is used only for installation and configuration tasks, which are typically done once and by a single user, so the impact will likely be small.

To connect with this method:

Using SSH, connect to the bastion host with the additional parameters for dbus. Example command:

ssh -i /{path to ssh key} /aws.pem -X centos@54.188.142.125 'firefox https://srgdemo.arcsight-dev.com:3000'

Browse to the URL that OMT returned at the end of its CLI installation. For example:
```
https://srgdemo.arcsight-dev.com:3000
```

Forwarding local ports

Prerequisite: Ability to execute SSH with command line switches, as well as the Web UI ability to edit the system file /etc/hosts or the corresponding file.

To connect with this method, connect to the bastion host, adding the -L parameter. Example:

ssh -i .ssh/srgdemo.pem -L 3000:srgdemo.arcsight-dev.com:3000 centos@3.120.237.11

The -L parameter opens local port 3000 and connects each request to the srgdemo.arcsight-dev.com port 3000 on the remote side. So, the bastion resolves srgdemo.arcsight-dev.com and opens a connection to it on port 3000.

The second part of this approach is to edit /etc/hosts, and add your domain to the line containing localhost. Example: 127.0.0.1 localhost srgdemo.arcsight-dev.com.

When editing your etc/hosts file, ensure that the IP address specified each host is unique and not duplicated across hosts. A single IP address can be associated with multiple hostnames, but the same IP address may not be used for multiple hosts.

To execute the following steps,open your preferred browser and direct it to the address that OMT output at the end of its CLI installation. For example: https://srgdemo.arcsight-dev.com:3000.