I was reading the Top 47 Log Management Tools from ProfitBricks’ blog. During quick scanning the key features and cost, I decided to give LOG Storm a try. This post is the recording steps for installation and basic configuration of this product.
- In-depth threat analysis
- Flexible deployment options
- Intuitive graphical user interface
- Incident response, forensics, and discovery
- Built-in support for 1,000+ devices
- Simple device integration tool
- Reporting packs for major regulatory compliance standards
- Master console for centralized log management
- MetaRules Correlation
- LOG Storm Virtual SIEM Appliance: FREE
- Other deployment options and advanced solutions: Contact for a quote
1. Download
Click the image file the downloading will automatically started. You will get a 1.39G LOG_Storm_4.5.0.20_Eval_VA.ova file.
2. Import OVA into VM lab environment
Double click the downloaded ova file, VM Workstation will import it into your default Virtual Machine folder.
Default vm setting for LOG Storm is using 6GB memory. I changed it to 4GB and it is still working fine in my lab environment.
3. Start your VM
Default user name/password is htadmin/htadmin
You will have to accept the agreement, change the htadmin password, do basic network and information configuration. Then wait at most 5 minutes to let virtual appliance to configure itself based on your input.
4. First SSH Log in
After virtual appliance rebooted, use SSH log into system with htadmin username.
After logged into system, it will ask you to enter valid license you got from the email.
Linux logstorm 2.6.32-5-amd64 #1 SMP Tue May 13 16:34:35 UTC 2014 x86_64
Last login: Tue Jan 6 11:02:13 2015
Do you need to change your configuration before entering your license? ([Y]es, [N]o, Enter = , ‘?’ for help) : N
Please enter your LOG Storm appliance license (what you enter will NOT be echoed back to you): (‘help’ for help) :
License is valid
Activating LOG Storm services
From the main menu, you will need to select 2. Password Management to set Admin Account Password which will be used to log into WebUI
5. WebUI Log in
Click ‘Launch Client’
Enter Admin username and password
Now it is the dashboard for your SIEM Virtual Appliance.
6. Reference
- Step 1: Download the FREE LOG Storm Virtual SIEM Appliance
- Step 2: View the LOG Storm Virtual SIEM Appliance Data Sheet
- Step 3: View the LOG Storm Installation and Activation Video
- Step 4: View the Getting Started Demonstrations
Additional Demonstrations: