To deploy an OnSight vCollector as an image, you need to download the VMware or Hyper-V appliance images from the Panopta package server and import the image into a designated hypervisor. The system requirements are detailed here.
To install the OnSight vCollector, perform the following steps:
Select + Add from the main navigation header then select OnSight vCollector.
A new window will open guiding you through the process of installing the OnSight vCollector.
Select the Virtual Appliance tab then follow the on-screen instructions.
After downloading the OnSight image, import it as a virtual machine into your hypervisor. Once your OnSight is imported and booted, the VM will go through the normal Linux startup process, finishing with a login prompt.
Log in with username panopta and password panopta and will then be prompted to set a new password.
Do not lose this password. Without it, there is no way to access the OnSight for further updates.
Configure the network by running onsight configure-network as root. See Network configuration for more details.
- Register the OnSight by running onsight register as root. Your OnSight appliance key will also be displayed.
Proceed through the final steps of the OnSight installation process in the Panopta Control Panel, where you can assign things such as the Alert Timeline and Instance Group to use for your new OnSight.
The OnSight will begin syncing immediately after deployment, assuming networking is configured correctly.
By default, the OnSight vCollector will attempt to use DHCP except in AWS, which pre-configures networking correctly. Basic network configuration is available by running:
This will walk you through a series of steps that allows you to configure the following:
- Select a network interface for the OnSight
- Use static IP or DHCP
- IP address
For complex use cases like bridging multiple networks or custom route configurations, you need to manually configure the network. Please reach out to email@example.com
if you need assistance.
NTP server configuration
The OnSight uses the default Ubuntu NTP servers for time synchronization. If your environment blocks outbound NTP access, you can configure the OnSight to use an internal NTP server using the following:
This will request a list of servers to use then update the configuration and restart the NTP daemon to pick up the new servers.