Skip to content
This repository has been archived by the owner on Sep 20, 2023. It is now read-only.

Commit

Permalink
#199 update installation guide
Browse files Browse the repository at this point in the history
  • Loading branch information
@jeromeleonard
jeromeleonard committed Oct 24, 2020
1 parent 43cddb2 commit 6b806cf
Showing 1 changed file with 20 additions and 26 deletions.
46 changes: 20 additions & 26 deletions installation/install-guide.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ And setup your system to connect the RPM repository. Create and edit the file `/
enabled=1
priority=1
name=TheHive-Project RPM repository
baseurl=http://rpm.thehive-project.org/stable/noarch
baseurl=http://rpm.thehive-project.org/stable/es7
gpgcheck=1
```

Expand Down Expand Up @@ -91,7 +91,7 @@ To install the Debian package, use the following commands:

```bash
curl https://raw.githubusercontent.com/TheHive-Project/TheHive/master/PGP-PUBLIC-KEY | sudo apt-key add -
echo 'deb https://deb.thehive-project.org stable main' | sudo tee -a /etc/apt/sources.list.d/thehive-project.list
echo 'deb https://deb.thehive-project.org stable main es7' | sudo tee -a /etc/apt/sources.list.d/thehive-project.list
sudo apt-get update
sudo apt-get install thehive
```
Expand Down Expand Up @@ -123,7 +123,7 @@ file starts Elasticsearch and TheHive:
version: "2"
services:
elasticsearch:
image: elasticsearch:6.8.8
image: elasticsearch:7.9.1
environment:
- http.host=0.0.0.0
- discovery.type=single-node
Expand All @@ -132,13 +132,13 @@ services:
soft: 65536
hard: 65536
cortex:
image: thehiveproject/cortex:latest
image: thehiveproject/cortex:3.1.0-1
depends_on:
- elasticsearch
ports:
- "0.0.0.0:9001:9001"
thehive:
image: thehiveproject/thehive:latest
image: thehiveproject/thehive:3.5.0-1
depends_on:
- elasticsearch
- cortex
Expand Down Expand Up @@ -228,13 +228,13 @@ Once the Docker image is up and running, proceed to the configuration using the
If you would like to use pre-release, beta versions of our Docker images and help us find bugs to the benefit of the whole community, please use `thehiveproject/thehive:version-RCx`. For example `thehiveproject/thehive:3.1.0-RC1`.

### Binary
The following section contains the instructions to manually install TheHive using binaries on **Ubuntu 18.04 LTS**.
The following section contains the instructions to manually install TheHive using binaries on **Ubuntu 20.04 LTS**.

#### 1. Minimal Ubuntu Installation
Install a minimal Ubuntu 18.04 system with the following software:
Install a minimal Ubuntu 20.04 system with the following software:

- Java runtime environment 1.8+ (JRE)
- Elasticsearch 5.x
- Elasticsearch 7.x

Make sure your system is up-to-date:

Expand All @@ -261,12 +261,12 @@ Download and unzip the chosen binary package. TheHive files can be installed whe

```bash
cd /opt
wget https://dl.bintray.com/thehive-project/binary/thehive-latest.zip
wget https://download.thehive-project.org/thehive-latest.zip
unzip thehive-latest.zip
ln -s thehive-x.x.x thehive
```

**Note**: if you would like to use pre-release, beta versions of and help us find bugs to the benefit of the whole community, please download `https://dl.bintray.com/thehive-project/binary/thehive-version-RCx.zip`. For example `https://dl.bintray.com/thehive-project/binary/thehive-3.1.0-RC1.zip`.
**Note**: if you would like to use pre-release, beta versions of and help us find bugs to the benefit of the whole community, please download `https://download.thehive-project.org/thehive-version-RCx.zip`. For example `https://download.thehive-project.org/thehive-3.5.0-RC1-1.zip`.

#### 5. First start
It is recommended to use a dedicated, non-privileged user account to start TheHive. If so, make sure that the chosen account can create log files in `/opt/thehive/logs`.
Expand Down Expand Up @@ -353,7 +353,7 @@ restart the service.
```bash
service thehive stop
cd /opt
wget https://dl.bintray.com/thehive-project/binary/thehive-latest.zip
wget https://download.thehive-project.org/thehive-latest.zip
unzip thehive-latest.zip
rm /opt/thehive && ln -s thehive-x.x.x thehive
chown -R thehive:thehive /opt/thehive /opt/thehive-x.x.x
Expand Down Expand Up @@ -469,12 +469,10 @@ Configure TheHive, read the [Configuration Guide](../admin/configuration.md). Fo
Edit `/etc/elasticsearch/elasticsearch.yml` and add the following lines:

```
network.host: 127.0.0.1
script.inline: true
http.host: 127.0.0.1
discovery.type: single-node
cluster.name: hive
thread_pool.index.queue_size: 100000
thread_pool.search.queue_size: 100000
thread_pool.bulk.queue_size: 1000
```

Start the service:
Expand Down Expand Up @@ -521,7 +519,7 @@ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-key D88E42B4
# wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
# Debian repository configuration
echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-5.x.list
echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list
# Install https support for apt
sudo apt install apt-transport-https
Expand All @@ -542,8 +540,8 @@ Create the file `elasticsearch.repo` in `/etc/yum/repos.d/` for RedHat and CentO

```
[elasticsearch-5.x]
name=Elasticsearch repository for 5.x packages
baseurl=https://artifacts.elastic.co/packages/5.x/yum
name=Elasticsearch repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
Expand Down Expand Up @@ -578,12 +576,9 @@ The cluster name must also be set (`hive` for example). Threadpool queue size mu
Edit `/etc/elasticsearch/elasticsearch.yml` and add the following lines:

```
network.host: 127.0.0.1
script.inline: true
http.host: 127.0.0.1
cluster.name: hive
thread_pool.index.queue_size: 100000
thread_pool.search.queue_size: 100000
thread_pool.bulk.queue_size: 100000
```

### Start the Service
Expand All @@ -610,15 +605,14 @@ docker run \
--hostname elasticsearch \
--rm \
--publish 127.0.0.1:9200:9200 \
--publish 127.0.0.1:9300:9300 \
--volume ***DATA_DIR***:/usr/share/elasticsearch/data \
--volume ***DATA_DIR***:/usr/share/elasticsearch/data \
-e "http.host=0.0.0.0" \
-e "transport.host=0.0.0.0" \
-e "discovery.type=single-node" \
-e "xpack.security.enabled=false" \
-e "cluster.name=hive" \
-e "script.inline=true" \
-e "thread_pool.index.queue_size=100000" \
-e "thread_pool.search.queue_size=100000" \
-e "thread_pool.bulk.queue_size=100000" \
docker.elastic.co/elasticsearch/elasticsearch:5.6.0
docker.elastic.co/elasticsearch/elasticsearch:7.9.1
```

0 comments on commit 6b806cf

Please sign in to comment.