Versions Compared

Old Version 5

changes.mady.by.user Customer Success & Engineering

Saved on

compared with

New Version 6

changes.mady.by.user Customer Success & Engineering

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. NSG flow log data is written to an Azure Storage account. To create an Azure Storage account, select + Create a resource at the top, left corner of the portal.

  2. Select Storage, then select Storage account - blob, file, table, queue.

  3. Enter, or select the following information, accept the remaining defaults, and then select Create.


    SettingValue
    Name(Azure storage account name- Please make a note of it , it will be required while configuring the CCE )3-24 characters in length, can only contain lowercase letters and numbers, and must be unique across all Azure Storage accounts.
    LocationSelect East US
    Resource groupSelect Use existing, and then select myResourceGroup


    The storage account may take around minute to create. Don't continue with remaining steps until the storage account is created. If you use an existing storage account instead of creating one, ensure you select a storage account that has All networks (default) selected for Firewalls and virtual networks, under the SETTINGS for the storage account.

     Note

    While Microsoft.Insight and Microsoft.Network providers are currently supported as trusted Microsoft Services for Azure Storage, NSG Flow logs is still not fully onboarded. To enable NSG Flow logging, All Networks must still be selected until this feature is fully onboarded. 

  4. In the top, left corner of portal, select All services. In the Filter box, type Network Watcher. When Network Watcher appears in the search results, select it.

  5. Under LOGS, select NSG flow logs, as shown in the following picture:

    NSGs

  6. From the list of NSGs, select the NSG named myVm-nsg.

  7. Under Flow logs settings, select On.

  8. Select the flow logging version. Version 2 contains flow-session statistics (Bytes and Packets)

    Select flow Logs version

  9. Select the storage account that you created in step 3.

  10. Set Retention (days) to 5, and then select Save.

...

  1. Login to the CCE as "seceon" user.
  2. Get into the CCE package folder.
  3. Run the given  command, and follow the wizard: ./setup.sh -nsg

Answer the questions asked during the install, as mentioned below:

...

Enter azure storage account name and key in the following format

[ storage_name_1,storage_key_1<space>storage_name_2,storage_key_2 ....]

name_1,key_1 name_1,key_2 name3,key3

Azure Storage Account names are - 'name_1', 'name_2', 'name3'

Azure Storage Access keys are - 'key_1', 'key2' , 'key3'

Are you sure you wish to continue? (y/n) y

Provisioning Seceon CCE...

Please wait while install/upgrade is in progress...

1% [ ............................................................................................ ]

Image Added

Image Added

Provisioning of CCE application complete.


Info
titlePlease note

In this process, we have assumed that the base CCE installation is properly done, before implementing the instructions given in step 4.