Log Collector Installation - Onboarding "Let's Go"
Log Collector Installation in CyTech - Aquila
This guide providesoutlines the step-by-step instructionsprocess for installingdeploying the Elastic Agent as a log collector inwithin the CyTech - Aquila environment. By followingFollowing these steps,instructions you’llwill set upestablish a secure,secure and automated methodmechanism for gatheringlog collection and managing system logs,management, enabling centralized monitoringvisibility and analysis essentialcritical forto cybersecurity operations.
Pre-requisites:
- Access to CyTech - Aquila (Only users with "
Owner"Owner" or "Admin"Admin" role are able to access the Log Collector Installation information).
Steps to Add Log Collector
Please follow the steps below to add a Log Collector using Windows Environment.
- Log in to CyTech -
Aquila.Aquila. Click here: cytechint.io .
- Go to the Aquila Modules>Cyber Monitoring>Cyber Incident Management (SIEM and XDR).
.
2. In the Cyber Incident Monitoring(Monitoring (CIM) Dashboard,Dashboard, scroll to the buttonbottom and click the "Let'Let’s Go" button.button Thisto will then displayinitiate the window for Log Collector installation.installation interface.
3. Once the installation window display is shown, click "Next" to proceed.
You can also refer to our documentation manuals for Log Collector Installations Guidelines: https://docs.cytechint.io/books/log-collector-installations
5. From the options, select the "Automatic" installation option. Then click "Next".
6a. Download the Windows Installer.
- Click on the "Download Installer" button to download the Windows MSI Package for Elastic Agent.
- The URL can also be found on https://artifacts.elastic.co/downloads/beats/elastic-agent/elastic-agent-8.15.1-windows-x86_64.msi
6b. Copy the commands displayedprovided on the installation page and execute itthem onesequentially byto one forensure successful executions.execution. You will need theseThese commands are required to complete the installation process for the log collector installation in the nextsubsequent steps. Please proceedProceed to stepStep 7. to continue.
Note: Click only the "Next" button after successfully executed the commands
7. In your dedicated environment for your Log Collector, open the Command Prompt and run as Administrator..
- For example (elastic-agent-<VERSION>-windows-x86_64.msi INSTALLARGS="--url=<URL> --enrollment-token=<TOKEN>").
9. After successful executions of the commands, go back to Cytech - Aquila as shown in figure 6b and then click "Next" to proceed.
10. Allow 3–5 minutes for the Log Collector Agent to complete registration and report its "Online" status to the fleet server, indicating a successful installation.
11. This step confirms the successful installation and enrollment of the Log Collector Agent with the fleet server. The interface will display the Log Collector host name and the user who performed the installation. Click "Continue" to complete the setup process.
12. Also you can verify successful installation by going to Cyber Incident Monitoring>Settings>Log Collector.
- In the Log Collector List, you can see all the log collector installed. You can also view the Log Collector details such us: Agent Name, Status and IP address.
***If you encounter Log Collector Setup Failed. Please click "Retry" and carefully go gack to Steps 5 or 6. You can also try "Manual" installation. If issues persist please contact our technical support at support@cytechint.com for prompt assistance and guidance.
If you need further assistance, kindly contact our technical support at support@cytechint.com for prompt assistance and guidance.