# Prerequisites

  1. Install OpenJDK 11 by running the following command: `sudo add-apt-repository ppa:openjdk-r/ppa && sudo apt-get update -q && sudo apt install -y openjdk-11-jdk`

  2. Verify the java installation by running the following command: `java -version`

  3. Install wget using the following command: `sudo apt-get update` `sudo apt-get install wget`

  4. Increase the map count with the following command `sysctl -w vm.max_map_count=262144` set this permanently in /etc/sysctl.conf by adding the following line: `vm.max_map_count=262144`

  5. Increase ulimit value and validate system settings

    To change the file descriptor setting, edit the file /etc/sysctl.conf. Add line `fs.file-max= 100000` to it.

    To apply the changes : `sysctl -p`

    To change the ulimit setting, edit the file /etc/security/limits.conf and set the hard and soft limits: `* soft nofile 100000` `* hard nofile 100000`

    After that enable the pam_limits as followings:

    Edit the file `/etc/pam.d/common-session` and add the following line: `session required pam_limits.so`

    Reboot the server for the changes to take effect: `reboot`

    Check the ulimit settings by running the following commands: `ulimit -a` `ulimit -Sn` # Check soft limit `ulimit -Hn` # Check hard limit

# SearchBlox Installation

  1. Please login as root using **sudo su** if you are not the root user or install using sudo as below.

  2. Create a SearchBlox user by giving the necessary details `sudo adduser searchblox`

  3. SearchBlox has to be installed in /opt folder, so change directory to /opt `cd /opt`

  4. Download SearchBlox debain package `sudo wget https://d2fco3ozzrfhhd.cloudfront.net/v9.2.2/searchblox_9.2.2-0_all.deb`

  5. Install the debian package `sudo dpkg -i searchblox_9.2.2-0_all.deb`

  6. Change permission for few folders `sudo chown -R searchblox:searchblox /opt/searchblox` `sudo chmod -R 755 /opt/searchblox/logs` `sudo chmod -R 755 /opt/searchblox/elasticsearch/logs` `sudo chmod -R 755 /opt/searchblox/bin` `sudo chmod -R 755 /opt/searchblox/analytics/node/bin` `sudo chmod -R 755 /opt/searchblox/elasticsearch/bin`

  7. To start Elasticsearch and SearchBlox services `systemctl start sbelastic` `systemctl start searchblox`

  8. To stop SearchBlox and Elasticsearch services `systemctl stop searchblox` `systemctl stop sbelastic`

  9. To verify the status of the elasticsearch and searchblox services please use the following commands: `systemctl status sbelastic` `systemctl status searchblox`

# Running Analytics as Service

  1. Download sbanalytics.service file into /etc/systemd/system `wget https://d2fco3ozzrfhhd.cloudfront.net/9.2/analytics/sbanalytics.service`

  2. Enable sbanalytics.service using the command: `systemctl daemon-reload`

  3. Start Analytics service using the command: `systemctl start sbanalytics`

  4. View the status of the Analytics service using the command: `systemctl status sbanalytics`

  5. To stop the Analytics service run the following command: `systemctl stop sbanalytics`

# Verify Installation

Once you see the message "The service has started", wait for few seconds then go to http://localhost:8080/searchblox/admin/main.jsp to validate.

  • You can verify if SearchBlox has started successfully by viewing the status.log file in the `<SEARCHBLOX_INSTALLATION_PATH>/webapps/searchblox/logs` folder.

Please confirm the message "Started Successfully" is shown in the log. In case of any errors, this log will provide additional information for troubleshooting.

  • To learn more on Troubleshooting visit: [Logging and Troubleshooting](🔗)

  • To learn about accessing SearchBlox visit: [Overview of SearchBlox](🔗)

  • To learn about tuning after installation visit: [Installation Tuning](🔗)

SearchBlox Admin Console Access using IP Address or Domain Name

  • You can use your IP instead of localhost in the URL to access the SearchBlox Admin Console.

  • If a domain name is mapped to the IP address, you can use the domain name: https://exampledomain:port/searchblox/admin/main.jsp https://exampledomain:port/searchblox/plugin/index.html

# Change SearchBlox Server Port

**SearchBlox Server runs on port 8080 by default.**

You can change the port by following the steps below:

  1. Stop SearchBlox

  2. Edit the file _/opt/searchblox/start.ini_ at line number 163 as follows: `jetty.http.port=8080`

  3. Start SearchBlox

If it is not possible to run SearchBlox in a port less than 1024 since SearchBlox runs as a non-root user, you can enable port forwarding if required using : `iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080`

# Uninstall

Run the following command to uninstall or remove SearchBlox:

`apt-get remove searchblox`

# Disk Encryption

Additional Disk is required for disk encryption

  1. Installation of cryptsetup for Ubuntu: `sudo apt-get install cryptsetup`

  2. LUKS Format disk Note: while formatting the disk we have to give some password `cryptsetup luksFormat /dev/sdb`

  1. Luks open Note: We have to use the password created earlier while formatting the disk. `cryptsetup luksOpen /dev/sda data`

  1. Create a filesystem `mkfs -t ext4 /dev/mapper/data`

  1. Mounting the new file system at /opt `mount /dev/mapper/data /opt`

  2. To get UUID `blkid /dev/mapper/data`

  1. We need to add the UUID into /etc/fstab like this and save it Note: We need to add the UUID into etc/fstab file

  • To close encryption `cryptsetup luksClose /dev/mapper/data`

  • To open encryption `cryptsetup luksOpen /dev/mapper/data`