Change Guardian Forwarder is deployed and configured on cloud to receive events from agents that are configured on cloud. It also forwards the event data to regional instances. To install a Forwarder on cloud, ensure that you perform the following steps in all the regions that will be using the Forwarder:
Login to AWS console and deploy a RedHat 7.9 instance by navigating to EC2 > Images > AMIs. Select Public Images and use the filters below to find the latest image:
AMI name: RHEL-7.9_HVM-*
Architecture: x86_64
Virtualization: hvm
Root device type: ebs
Owner: 309956199498
Additionally, you can also choose the following during deployment:
Instance type: m5.4xlarge
Disk with a minimum storage space of 1 TB
Ports can be used during the creation of security groups. For more information on ports, see Understanding Ports Used.
Installing Change Guardian
Ensure that all the Change Guardian prerequisites are met. For information on the prerequisites, see Installing Change Guardian.
NOTE:For additional package installation, you might require a RedHat Subscription.
It is recommended to configure Change Guardian with a private IP address. Post installation, if you change the IP address of the cloud forwarder machine, the communication between Change Guardian server and agents gets disrupted. To restore the communication, you need to reconfigure the server.
Download the Change Guardian installation file from the Downloads website. Copy to the cloud forwarder instance.
On the command line, log in as the root user and type the following command to extract the installation file:
tar -zxvf change_guardian-<version>.tgz.
Run the Change Guardian server installation program as root by typing the following command in the root of the extracted directory: ./install-changeguardian.sh
NOTE:Ensure that you allocate the recommended disk space in / and /home.
(Conditional) If NTP could not synchronize your computer time with the network time, make the required changes to the computer.
(Conditional) If your system does not meet the recommended disk space, make the required changes to the computer.
Specify the language as English, then press Enter. The end user license agreement is displayed in the selected language.
Press the space bar to read the license agreement. You must scroll through the entire agreement before you can accept it.
When prompted, select the standard configuration.
Create an admin account password for global system administration.
NOTE:While setting the admin password, all non-alphanumeric characters are allowed to be used to set the password.
When prompted Do you want the Change Guardian agents to locate this system by IP address or by host name?, Select default choice [1] if the Connector Host Appliance is configured with static IP Address.
When prompted Please enter your Sentinel admin password, enter the password created for admin account.
Create a password for the cgadmin user.
Select ‘n', when prompted Configure a default email destination.
After the completion of Change Guardian server installation, it might take a few minutes for all services to start. Wait until the installation finishes and starts all services before you log in to the server.
To verify the installation, see Verifying the Installation.