Skip to main content

Diskover 2.4.X OVA Configuration

Brandon Langley
Updated

Importing the OVA

Diskover provides identical OVA builds for both VMWare Workstation and VirtualBox. These OVAs can easily be imported into either of these hypervisors and booted up to run Diskover! Below are some light instructions on how to import the OVA properly and get it booted up.. 

 (VirtualBox Import)
- To import the OVA you will choose File -> Import Appliance
- Choose Source -> 'Local File System'
- File : -> Browse for the OVA on your local machine and import it here
-- Once imported here choose 'Next'

  (VirtualBox Adjust VM Settings)
  By default the OVA sets the CPU=2 and RAM=2GB
- Adjust these settings to something applicable for your host machine
-- Recommended Specs for OVA usage for POC : CPU=12 and RAM=64GB
- Adjust the disk space allocation to at least 100GB
-- Once you've adjusted the settings choose 'Start'


  (VMWare Workstation Import)
- To import the OVA you will choose File -> Open
- Give the VM a unique name - ex:'diskover-2.4.0'
-- Once you've given the VM a name, choose 'Import'

  (VMWare Workstation Adjust VM Settings)
  By default the OVA sets the CPU=2 and RAM=2GB
- Adjust these settings to something applicable for your host machine
-- Recommended Specs for OVA usage for POC : CPU=12 and RAM=64GB
- Adjust the disk space allocation to at least 100GB
-- Once you've adjusted the settings choose 'Power on this virtual machine'

Configuring Diskover Front-End

Now that we have the OVA imported into our hypervisor we have a bit of configuration to do here to get the system up and running and ready to scan..

These instructions will be the same regardless of which hypervisor you imported the OVA into! 

 (OVA Login)
- You will see two user accounts 'Vagrant' and 'Diskover'
- Choose to login as the 'Diskover' user
-- Password 'darkdata'

  (Open Activies)
- Click on 'Activities' in the top left
-- Open the terminal app
   -- run 'sudo -i' to escalate to the 'root' user
-- Additionally, open Google Chrome or Firefox

  (Diskover Configuration Wizard)
  2.4.X has an easy configuration wizard that we will walk through here
- In the browser window go to : http://localhost:8000
-- Default login is username: admin & password: darkdata

  (Diskover Configuration Wizard - ElasticSearch)
- In the initial section here you will see 'hosts-0' and within the box you will see 'elasticsearch', replace this with the IP of the OVA, or just 'localhost'
-- Choose 'Test' in the bottom right
    * This should show your ES cluster health with a status of 'green' at the top of the window. 
- Choose 'Save & Continue'
- Choose 'Yes'
-- Choose 'Test' in the bottom right
    * This should show your ES cluster health with a status of 'green' at the top of the window. 
- Choose 'Save & Continue'

  (Diskover Configuration Wizard - License)
- You will need to request a license here from the Diskover Data team. There are two options :
--You can do so by following the Request License prompt (this requires outbound email access from the OVA)
--You can grab the System Hardware ID is xxxxxxxxxxxxxxx value and send it to licenses@diskoverdata.com separately!
    ** Once the licenses have been provided and entered in let’s go ahead and issue a startup command for DiskoverD on the back-end to get it running **

  (Diskover Configuration Wizard - Time Settings)
- Select your proper timezone
- Choose 'Save & Continue'
- Check the box for 'Show Times in Local Timezone'
- Choose 'Save & Continue'
  
  (Diskover Configuration Wizard - RabbitMQ)
-- Choose 'Test' in the bottom right
    * This should show 'Connection Successful' at the top of the screen

  (Diskover Configuration Wizard - API)
- Put in port '8000' in the API Port section
-- Choose 'Save & Continue'

Configuring Diskover Back-End

Now our Diskover system is mostly configured and online but we want to make a couple of quality of life changes, here we go..

Most of these commands are issued via the terminal with the exception of the ‘enable logging’ section! 

  (Diskover-Web Ownership)
chown -R nginx.nginx /var/www/diskover-*

  (Enable and Start the diskoverd Service)
systemctl enable diskoverd --now

  (Set Python Utility)
In the left hand pane of Diskover Admin expand the 'DiskoverD' section and you should see another non 'Default' option here that matches the hostname
of your machine. This might just be 'worker-localhost_localdomain'
    * Under 'Python Command' section put in 'python3.11' instead of just 'python3'
    * Hit 'Save' in the bottom right
  
  (Restart Services)
systemctl restart diskover-admin diskoverd

Scanning Sample Storage

This section will be a real quick test scan of the local OVA filesystem. To properly scan your own storage you will need to set up and configure SMB / NFS shares to be mounted to the OVA. Once these shares are mounted you can follow a similar process as outlined below to scan those storage repositories! 

  (Login to Diskover)
Go to - http://localhost:8000 and login as the 'admin' user
  Username : admin
  Password : darkdata
    * Once you input this password you will be prompted to reset the password and log back in with your own password
    
  (Create a Task)
On this next page choose 'Schedule Index Task'
On this next page choose 'New Index Task' - button near the top left of the screen

    * We will only change 5 fields in this default template to scan our local storage

Name - set to some distriptive name (ex : Diskover Build Directory)
Description - set some some more detailed desscription of the task (ex : Scan of the local /opt/diskover directory)
Crawl Directory(s) - this will be the path available to the OVA that we want to scan (ex : /opt/diskover)
Scanner - Set this to 'DirCache'
Custom Index Name - we want to differentiate each task(s) index name so that they're never the same (ex : diskover-opt-%Y%m%d%H%M)
Custom Schedule - let's just set this to 1AM Daily - 0 1 * * *
Disabled - we will want to just uncheck this box! 

    * Once we've set all these properties we can choose 'Create Task' at the bottom of the page
  
  (Review the Log Files)
    * Before we start our scan task, let's tail the log files so we can watch progress of our scan! 
tail -F /var/log/diskover/*
  
  (Start a Scan)
    * From the task list page - http://localhost:8000/tasks/index.php
Choose your newly created task and select the arrow next to the 'Info' button and choose 'Run Now' and click 'Ok'
    * Open your terminal and watch the scan logs

Reviewing the Sample Index

Now that we have scanned the test directory let’s take a look at that index that got created from this storage location! 

  (Go to Indices page)
In the top right corner choose the settings cog dropdown and select 'Indices'
    * Or go directly to http://localhost:8000/selectindices.php
In the top left side of the screen you will see 'Always use latest indices (auto select)' ensure this checkbox is selected

  (Go to File Search page)
In the top left corner choose the folder icon
    * You can now review your scan of your test folder and see / search across the contents within

Helpful Bookmarks

Within the the OVA itself if you’re using it as a self-contained image and not accessing the OVA over a bridged network outside of the OVA itself it can be helpful to bookmark a couple of links inside of the OVA so it’s easy to get to these things:

Diskover - http://localhost:8000

Diskover Admin - http://localhost:8000/diskover_admin/config/

Kibana - http://localhost:5601

RabbitMQ - http://localhost:15672

(default login info admin/darkdata)

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk