Deploying Collectors

This section provides information about deploying Collectors, Non-TLS, TLS, and FIPS deployment.

  1. Under Dashboard > Deployment View, click the icon next to the Connectors/Collectors label and click Add Collector.

  2. From the Add Collector window, under add collector details select the collector template.

Non-TLS Collectors Deployment

For Non-TLS Collector deployment:

  1. Follow the steps in Deploying Collectors section, and select the Syslog Daemon Collector template.

  2. Scroll down to Destination > Destination Template and select the TH Collector Template.

  3. Under Kafka Broker Host(s):Port(s), confirm that port number is 9092, otherwise, change it accordingly.

  4. Set the Kafka Broker on SSL/TLS flag to false.

  5. Click Install.

TLS Collectors Deployment

For TLS Collector deployment:

  1. Follow the steps in Deploying Collectors section, and select the Syslog NG Daemon Collector template.

  2. Scroll down to Destination > Destination Template and select the TH Collector Template.

  3. Under Kafka Broker Host(s):Port(s) confirm that port number is 9093, otherwise, change it accordingly.

  4. Set the Kafka Broker on SSL/TLS flag to true.

  5. Click Install.

FIPS Collectors Deployment

FIPS can be enabled on Collectors either during the deployment of the Collector or while creating the Collector Configuration Template.

  1. Follow the steps in Deploying Collectors section.

  2. From the Add Collector window, under add collector details select the collector template. Scroll down to the Global Fields section, and select Enabled from the Enable FIPS mode drop-down.

  3. Replicate steps 2 through 4 in the TLS Collectors Deployment section.

  4. Click Install.

Post Deployment Collector Property Update

FIPS

  1. Go to Configuration Management > Bulk Operations.

  2. Click on the Collector tab, select one of the Collectors from the Manage Collectors table, and click Properties.

  3. In the Collector Property Update window, click the icon next to Property List and search for fips.enable.

  4. Click Edit and set the Value to true.

    Note: When setting the fips.enable property to true, you need to modify the property’s agents[0].destination[0].params bootstraphosts parameter port value to 9093, as well as change the usessl parameter (SSL/TLS) value to true.
  5. Click Save.

Non-TLS and TLS

For Non-TLS and TLS the process remains the same for steps 1 to 2 listed in Post Deployment Collector Property Update In the Collector Property Update window, click the icon next to Property List and search for the agents[0].destination[0].params property. See the table below for the correct values.

Property Parameter Non-TLS TLS
agents[0].destination[0].params bootstraphosts port value: 9092 port value: 9093
agents[0].destination[0].params usessl false true