ACSIA Help Center

ACSIA SOS Manager V7.0.x Installation

Permanently deleted user
Permanently deleted user
  • Updated

Requirements

Before installing ACSIA SOS, make sure your system matches the needed requirements.


Introductory note

This article shows how to:

  • Install the ACSIA manager.
  • Use the administrative back end to create tenants and users and how to associate them.
  • Load sigma rules on a tenant.

The process guides you through several steps to accomplish these goals, so you can follow this guide as is when performing a new installation.


How to install the ACSIA manager 

Environment configuration

Step 1: install make

$ sudo apt install make

 

Step 2: Add keys for ubuntu user

$ ssh-keygen

 

Step 3: create the destination folder for the installation

Call xdrplus the destination folder:

$ mkdir xdrplus

 

Step 4: download xdrplus-xxx.tar.gz file into the /home/ubuntu/xdrplusfolder

Download the file you received into the /home/ubuntu/xdrplusfolder.

 

Step 5: prepare the SSL certificates and put it into the virtual machine

Set up the certificates based on your domain and put them into the virtual machine.

You can set up certificates with Let's Encrypt or any vendor you prefer.

 

Create the /certs folder:

$ mkdir certs

 

Put the privatekey and the full chain file into the /home/ubuntu/certs folder.

 

 

ACSIA manager installation

After the environment configuration, you can install the ACSIA manager using the following procedure.

 

Step 1: unpack the archive

If your archive is named xdrplus-6.4.x.tar.gzunpack it like so:

$ tar xvf xdrplus-6.4.x.tar.gz -C xdrplus/

With this command, the package is unpacked in the folder of xdrplus created before

Step 2: go into the folder where you unpacked the archive

$ cd xdrplus/

 

Step 3: make the configuration

$ make configure

You'll be asked to insert:

  • The backend domain: 
    • For the on-premises version of ACSIA: your backend domain.
    • For the SaaS version of ACSIA: https://app.xdrplus.com, 168.63.110.116.
  • Your private key. Copy and paste the path to your certs/ folder that is:
    /home/ubuntu/certs/privkey.pem

     

  • The domain full chain. Copy and paste the path to your certs/ folder that is:
    /home/ubuntu/certs/fullchain.pem

     

  • The credentials to pull the Docker:
    • User: the user you received.
    • Password: the token you received.
This process will take some minutes to conclude.

 

Step 4: run the stack

$ make up

 

Step 5: verify that everything runs correctly

Verify that the containers run without any error by typing:

$ docker compose ps

Users and tenants management

After the installation, you must create users and tenants.

 

Step 1: Login to the administration back end

Go to the URL domain/iam-admin (wheredomain is the domain associated with the ACSIA manager) and log in with the admin user as follows:

  • User name. 
  • Password.

Step 2: Create a new tenant

Once logged in to the administration backend, create a new tenant as follows:

 

ORGANIZATION > Organizational Tenants > ADD ORGANIZATIONAL TENANT

Then:

  • Compile the name field.
  • Verify the is activebox is flagged.
  • Save.

Step 3: create a user

Once logged in to the administration backend, create a new user as follows:

 

USERS AUTHENTICATION AND AUTHORIZATION > user > ADD USER

Then:

  • Compile the name field.
  • Set a secure password.
  • Confirm yourpassword.
  • Verify the is activebox is flagged.
  • Click on Save and continue to modify.

Compile the following fields:

  • Name.
  • Surname.
  • Email address.
  • Click on Save.

Step 4: affiliate a user with a tenant

After creating a new tenant and a new user, you have to affiliate the user to the tenant.

 

Here's how to do so:

 

ORGANIZATION > user affiliations> ADD USER AFFILIATION

Then:

  • In Organization choose the tenant.
  • In userchoose the user.
  • Set date and hour.
  • Verify the is activebox is flagged.
  • Click on Save.

Make the user admin of the tenant by selecting the user, then:

  • Action > sign as tenant amin.

2024-02-26_16-44.png

 

Step5: create Google or Microsoft logins

After the creation of a new tenant and a new user and their affiliation, you can set Google or Microsoft logins.

 

ACCOUNT > email address > ADD EMAIL ADDRESS

Then:

  • In userchoose the user.
  • Email address. Paste the Microsoft or Google email of the user.
  • Check the verifiedbox.
  • Click on Save.

Loading sigma rules

After the creation of a new tenant, it is mandatory to load the Sigma Rules for that specific tenant. This procedure must be done only once, and it needs to be executed for each tenant created, before installing any device.

For the procedure, contact our Support Team at support@dectar.com