Prerequisites

1. Install OpenJDK 11 by running the following command:
   sudo yum install java-11-openjdk-devel -y

2. Verify the java installation by running the following command:
   java -version

3. Install wget by running the following command:
   yum install wget -y

4. Increase the map count by running the following command:
   sysctl -w vm.max_map_count=262144
   Add the line to the file to set this permanently in /etc/sysctl.conf :
   vm.max_map_count=262144

   To check the map count you can use the following command:
   sysctl -q vm.max_map_count

5. Increase ulimit value and validate system settings

   To change the file descriptor setting, add the line to the file /etc/sysctl.conf.
   fs.file-max=100000 to it.

   Apply the changes by running the following command:
   sysctl -p

   To change the ulimit setting, edit the file /etc/security/limits.conf and set the hard and soft limits:
   * soft nofile 100000
* hard nofile 100000

   After these changes, please reboot the server by running the following command:
   reboot

   Check the ulimit settings by running the following command:
   ulimit -a

Installation

1. Please login as root using sudo su if you are not the root user.

2. Create a SearchBlox user by running the following commands:
   sudo adduser searchblox
sudo passwd searchblox

3. SearchBlox has to be installed in /opt folder, so change directory to /opt by running the following command:
   cd /opt

4. Download SearchBlox rpm package by running the following command:
   sudo wget https://d2fco3ozzrfhhd.cloudfront.net/v9.2.2/searchblox-9.2.2-0.noarch.rpm

5. Install the rpm package by running the following command:
   sudo rpm -ivh searchblox-9.2.2-0.noarch.rpm

6. Change permission for few folders by running the following commands:
   sudo chown -R searchblox:searchblox /opt/searchblox
sudo chmod -R 755 /opt/searchblox/logs
sudo chmod -R 755 /opt/searchblox/elasticsearch/logs
sudo chmod -R 755 /opt/searchblox/bin
sudo chmod -R 755 /opt/searchblox/analytics/node/bin
sudo chmod -R 755 /opt/searchblox/elasticsearch/bin

7. Start Elasticsearch and SearchBlox services by running the following commands:
   systemctl start sbelastic
systemctl start searchblox

8. Stop SearchBlox and Elasticsearch services by running the following commands:
   systemctl stop searchblox
systemctl stop sbelastic

9. To verify the status of the elasticsearch and searchblox services please use the following commands:
   systemctl status sbelastic
systemctl status searchblox

After you start the services, wait for 30 seconds then go to http://localhost:8080/searchblox/admin/main.jsp to access the SearchBlox Admin Console to login.

Running Analytics as Service

1. Download sbanalytics.service file into /etc/systemd/system
   wget https://d2fco3ozzrfhhd.cloudfront.net/9.2/analytics/sbanalytics.service

2. Enable sbanalytics.service using the command:
   systemctl daemon-reload

3. Start Analytics service using the command:
   systemctl start sbanalytics

4. View the status of the Analytics service using the command:
   systemctl status sbanalytics

5. To stop the Analytics service run the following command:
   systemctl stop sbanalytics

Verify Installation

Once you see the message "The service has started", wait for few seconds then go to http://localhost:8080/searchblox/admin/main.jsp in your browser to validate.

You can verify if SearchBlox has started successfully by viewing the status.log file in the <SEARCHBLOX_INSTALLATION_PATH>/webapps/searchblox/logs folder.

Please confirm the message "Started Successfully" is shown in the log. In case of any errors, this log will provide additional information for troubleshooting.

• To learn more on Troubleshooting visit: Logging and Troubleshooting

• To learn about accessing SearchBlox visit: Overview of SearchBlox

• To learn about tuning after installation visit: Installation Tuning

🚧

SearchBlox Admin Console Access using IP Address or Domain Name

• You can use your IP instead of localhost in the URL to access the SearchBlox Admin Console.
• If a domain name is mapped to the IP address, you can use the domain name:
  https://exampledomain:port/searchblox/admin/main.jsp
  https://exampledomain:port/searchblox/plugin/index.html

Change SearchBlox Server Port

SearchBlox Server runs on port 8080 by default.

You can change the port by following the steps as shown in the following:

1. Stop SearchBlox service

2. Edit the file /opt/searchblox/start.ini at line number 163 as follows:
   jetty.http.port=8080

3. Start SearchBlox service

If it is not possible to run SearchBlox in a port less than 1024 since SearchBlox runs as a non-root user, you can enable port forwarding if required using :
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

Uninstall

Uninstall or remove SearchBlox by running the following command:
yum remove searchblox

Disk Encryption

🚧

Additional Disk is required for disk encryption

1. Installation of cryptsetup
   for RHEL / CentOS
   yum install cryptsetup-luks

2. LUKS Format disk
   Note: while formatting the disk we have to give some password
   cryptsetup luksFormat /dev/sdb

WARNING!
========
This will overwrite data on /dev/sdb irrevocably.
Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase:
Verify passphrase:

3. Luks open
   Note: We have to use the password created earlier while formatting the disk.
   cryptsetup luksOpen /dev/sda data

Enter passphrase for /dev/sdb:

4.create a filesystem
mkfs -t ext4 /dev/mapper/data

mke2fs 1.42.13 (17-May-2015)
Creating filesystem with 52428288 4k blocks and 13107200 inodes
Filesystem UUID: 1c71b0f4-f95d-46d6-93e0-cbd19cb95edb
Superblock backups stored on blocks: 
	32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 
	4096000, 7962624, 11239424, 20480000, 23887872
Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

5. Mounting the new file system at /opt
mount /dev/mapper/data /opt
6. To get UUID
   blkid /dev/mapper/data

/dev/mapper/data: UUID="0a228c13-06d8-4739-99c3-f596c2dcce8e" TYPE="ext4"

7. We need to add the UUID into /etc/fstab like this and save it
   Note: We need to add the UUID into etc/fstab file

LABEL=cloudimg-rootfs   /        ext4   defaults,discard        0 0
UID="4539b70d-66ab-4c07-b2a2-d4583f461a2f"   /secret   ext4 defaults 0 0
UID="4539b70d-66ab-4c07-b2a2-d4583f461a2f"   /opt      ext4 defaults 0 0
UUID="0a228c13-06d8-4739-99c3-f596c2dcce8e"   /opt  ext4  defaults 0  0
===================================================

• To close encryption
  cryptsetup luksClose /dev/mapper/data

• To open encryption
  cryptsetup luksOpen /dev/mapper/data

CentOS Full Disk Encryption

❗️

Important Note

Before installation of OS, the entire root volume can be encrypted using the following steps for GUI based CentOS systems

1. To enable the disk encryption please go to installation destination

2. While installing Centos7 Installation Enable the Encryption.

3. Next create Disk Encryption Passphrase.

4. On reboot you would get the following prompt to enter the passphrase so that you can successfully unlock the drive:

5. Please use the command as in the following screenshot to verify the disk Encryption