levis/help365
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
production
help365/platform/install-audit-service.html
koziavin 00717a92fb
All checks were successful
Deploy Static Site / deploy (push) Successful in 6m6s
Details
update
2025-05-29 16:42:45 +04:00

264 lines
24 KiB
HTML
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="en">
<head>
<title>Install Security Audit service</title>
<meta name="generator" content="Help+Manual" />
<meta name="keywords" content="" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="In BRIX, you can register and analyze events related to changes in user permissions and data." />
<meta name="picture" content="" />
<meta property="og:type" content="website" />
<meta property="og:title" content="Full documentation for BRIX365 platform. Low-code developer guide. User guide. Admin guide. Developer guide." />
<meta property="og:url" content="https://brix365.com/en/help" />
<meta property="og:image" content="" />
<link rel="icon" href="favicon.png" type="image/png" />
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap" rel="stylesheet" />
<link rel="stylesheet" href="./jquery-ui.min.css" />
<link rel="stylesheet" href="default.css" />
<link rel="stylesheet" href="./search-yandex.css" />
<link rel="stylesheet" href="./article.css" />
<link rel="stylesheet" href="./glossary.css" />
<link rel="stylesheet" href="./theme.css" />
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="helpman_settings.js"></script>
<script type="text/javascript" src="helpman_topicinit.js"></script>
<script type="text/javascript" src="highlight.js"></script>
<script type="text/javascript">
$(document).ready(function(){highlight();});
</script>
</head>
<body>
<script>!function(e,t,c,n,r,a,m){e.ym=e.ym||function(){(e.ym.a=e.ym.a||[]).push(arguments)},e.ym.l=1*new Date;for(var s=0;s<document.scripts.length;s++)if(document.scripts[s].src===n)return;a=t.createElement(c),m=t.getElementsByTagName(c)[0],a.async=1,a.src=n,m.parentNode.insertBefore(a,m)}(window,document,"script","https://mc.yandex.ru/metrika/tag.js"),ym(83179930,"init",{clickmap:!0,trackLinks:!0,accurateTrackBounce:!0,webvisor:!0})</script><noscript><div><img alt=""src=https://mc.yandex.ru/watch/83179930 style=position:absolute;left:-9999px></div></noscript>
<header class="header elma-365">
<div class="container">
<a class="header__logo" href="https://brix365.com/en/help">
<img src="./logo-en.svg" alt="header logo">
</a>
<!-- <div class="hero__search-form" id="search-panel">
<form class="search-form" onsubmit="ym(83180416,'reachGoal','poisk')">
<label class="search-form__label">
<span id="reset-search" class="search__icon"></span>
<input class="search-form__input" type="text">
</label>
<input class="search-form__submit" type="submit" value="Submit">
</form>
</div> -->
<div class="hero__search-form" id="search-panel"> <form class="search-form"> <label class="search-form__label"> <span id="reset-search" class="search__icon"></span> <input class="search-form__input" type="text"> </label> <input class="search-form__submit" type="submit" value="Submit"> </form> </div>
<div class="hero__search">
<a href="#" id="search-icon" class="hero__search-icon">
<img src="search-icon-white.svg" alt="search string">
</a>
<a href="#" id="side-menu-icon" class="hero__side-icon">
<img src="side_menu.svg" alt="side menu">
</a>
</div>
<div class="header__navi">
<ul class="header__list"><li><span class="solution-select"><span class="solution-select__selected"></span><svg width="7" height="4" viewBox="0 0 7 4" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M1 1L3.5 3.5L6 1" stroke="white" stroke-linecap="round" stroke-linejoin="round"/></svg><ul class="solution-select__list"><li><a class="project-link" href="https://brix365.com/en/help/platform/get-trial.html">Platform</a></li><li><a class="project-link" href="https://brix365.com/en/help/ecm/ecm-functions.html">ECM</a></li><li><a class="project-link" href="https://brix365.com/en/help/crm/crm_overview.html">CRM</a></li><li><a class="project-link" href="https://brix365.com/en/help/service/service-functions.html">Service</a></li><li><a class="project-link" href="https://brix365.com/en/help/projects/projects-functions.html">Projects</a></li><li><a class="project-link" href="https://brix365.com/en/help/business_solutions/-elma365-store.html">Business Solutions</a></li></ul></span></li><li><a href="https://api.brix365.com/en/" target="_blank">API</a></li><li><a href="https://tssdk.brix365.com/" target="_blank">SDK</a></li></ul>
</div>
</div>
</header>
<main class="main container">
<aside class="sidebar" id="sidebar">
<div class="sidebar__header">
<a class="header__logo" href="https://brix365.com/en/help">
<img src="./logo-light-en.svg">
</a>
<span class="sidebar__close elma-365-close" id="close"></span>
</div>
<div class="sidebar__wrapper" id="side-menu">
</div>
</aside>
<article class="article" id="article">
<div class="article-inner">
<div class="content">
<header class="article__header">
<div class="article__bread" style="display:flex; gap:10px;">
<span id="subcategory" class="search-res__item-category search-res__item-category_subcategory subcategory article__badge"></span>
<div class="topic__breadcrumbs">
<p><a href="elma365-on-premises.html">BRIX On-Premises</a> &gt; <a href="elma365-enterprise.html">BRIX On-Premises Enterprise</a> &gt; Install add-on components for BRIX / Install Security Audit service</p>
</div>
</div>
<div class="topic__title"><h1 class="p_Heading1"><span class="f_Heading1">Install Security Audit service</span></h1>
</div>
</header>
<section class="article__content">
<div class="scroll-top-inner">
<a href="#h1-article" class="scroll-top"></a>
</div>
<!-- Placeholder for topic body. -->
<p class="p_Normal">In BRIX, you can register and analyze events related to changes in user permissions and data.</p>
<p class="p_Normal">For this purpose, the <a href="audit_extension.html" class="topiclink">Security Audit</a> module is used, which records all events in the system, and a separate Security Audit service, whose database stores the information obtained from the module.</p>
<p class="p_Normal">Installation consists of four steps:</p>
<ol style="list-style-type:decimal">
<li value="1" class="p_Normal"><a href="install-audit-service.html#prepare-connection-string" class="topiclink">Prepare the connection string for the PostgreSQL database</a>.</li><li value="2" class="p_Normal"><a href="install-audit-service.html#download-helm-chart-and-config-file" class="topiclink">Download the Helm chart and configuration file</a>.</li><li value="3" class="p_Normal"><a href="install-audit-service.html#fill-config-file" class="topiclink">Fill out the configuration file</a>.</li><li value="4" class="p_Normal"><a href="install-audit-service.html#install-audit-chart" class="topiclink">Install the Audit chart using Helm in the Kubernetes cluster</a>.</li></ol>
<h2 class="p_Heading2"><a id="prepare-connection-string" class="hmanchor"></a><span class="f_Heading2">Step 1: Prepare the connection string for the PostgreSQL database</span></h2>
<p class="p_Normal">The Security Audit service uses the PostgreSQL DBMS to store data. It is assumed that the data will be stored in a separate database, which requires the installation of <span style="font-weight: bold;">uuid-ossp</span> and <span style="font-weight: bold;">pg_trgm</span> extensions. When the service is first connected, all tables necessary for the service's operation will be created in the database. The volume of disk storage is estimated by the customer independently or based on the analysis of the company's activity. Read more about the necessary PostgreSQL configuration and installation of <span style="font-weight: bold;">uuid-ossp</span> and <span style="font-weight: bold;">pg_trgm</span> extensions in the <a href="configure-postgresql.html" class="topiclink">Databases</a> section.</p>
<p class="p_Normal">Determine the name of the database for the Security Audit service. The default name is <code><b>audit</b></code>. &nbsp;</p>
<p class="p_Normal">Prepare the PostgreSQL connection string for write and read operations in the format <code><b>postgresql://user:password@hostname:port/databaseName?sslmode=disable</b></code>, where:</p>
<ul style="list-style-type:disc">
<li class="p_Normal"><code><b>user</b></code> is the username of PostgreSQL having rights to the database <code><b>databaseName</b></code>; </li><li class="p_Normal"><code><b>password</b></code> is the password for the PostgreSQL user; </li><li class="p_Normal"><code><b>hostname</b></code> is the IP or domain name of the PostgreSQL server; </li><li class="p_Normal"><code><b>port</b></code> is the port for connecting to PostgreSQL (the standard port is <code><b>5432</b></code>; </li><li class="p_Normal"><code><b>databaseName</b></code> is the name of the database (standard name is <code><b>audit</b></code>); </li><li class="p_Normal"><code><b>sslmode</b></code> is &nbsp;the use of a secure connection. </li></ul>
<h2 class="p_Heading2"><a id="download-helm-chart-and-config-file" class="hmanchor"></a><span class="f_Heading2">Step 2: Fill out the configuration file</span></h2>
<p class="p_Normal">For installation via the internet, obtain the configuration file <code><b>values-audit.yaml</b></code> by executing the command:</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">helm&nbsp;repo&nbsp;add&nbsp;elma365&nbsp;</span><span class="f_CodeExample">https://charts.elma365.tech</span><br />
<span class="f_CodeExample">helm&nbsp;repo&nbsp;update</span><br />
<span class="f_CodeExample">helm&nbsp;show&nbsp;values&nbsp;elma365/audit&nbsp;&gt;&nbsp;values-audit.yaml</span></p>
<p class="p_Normal"><a class="dropdown-toggle" style="font-style: normal; font-weight: normal; color: #000000; background-color: transparent; text-decoration: none;" href="javascript:HMToggle('toggle','TOGGLE0186A1')">Getting the configuration file for installation in a closed-loop environment without internet acces</a></p>
<div id="TOGGLE0186A1" class="dropdown-toggle-body" style="text-align: left; text-indent: 0; line-height: 1.80; padding: 0 0 0 0; margin: 0 0 0 0;"><table style="border:none; border-spacing:0;">
<tr>
<td style="vertical-align:top; padding:0; border:none"><ol style="list-style-type:decimal">
<li value="1" class="p_Normal">On a computer with internet access, download the BRIX images and upload them to the local image registry by executing the following command:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">helm&nbsp;repo&nbsp;add&nbsp;elma365&nbsp;</span><span class="f_CodeExample">https://charts.elma365.tech</span><br />
<span class="f_CodeExample">helm&nbsp;repo&nbsp;update</span><br />
<span class="f_CodeExample">helm&nbsp;pull&nbsp;elma365/audit</span></p>
<p class="p_Normal">For more details, see <a href="downloadin-images-elma365.html" class="topiclink">Download BRIX images</a>.</p>
<ol style="list-style-type:decimal" start="2">
<li value="2" class="p_Normal">Copy the downloaded chart archive <code><b>audit-X.Y.Z.tgz</b></code> to the server where the installation will be performed.</li></ol>
<ol style="list-style-type:decimal" start="3">
<li value="3" class="p_Normal">Unpack this chart and copy the default configuration file <code><b>values.yaml</b></code> to <code><b>values-audit.yaml</b></code>: </li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">tar&nbsp;-xf&nbsp;audit-X.Y.Z.tgz</span><br />
<span class="f_CodeExample">cp&nbsp;audit/values.yaml&nbsp;values-audit.yaml</span></p>
</td>
</tr>
</table>
</div>
<h2 class="p_Heading2"><a id="fill-config-file" class="hmanchor"></a><span class="f_Heading2">Step 3: Fill out the configuration file</span></h2>
<p class="p_Normal">Fill out the configuration file <code><b>values-audit.yaml</b></code> for the installation of the Audit service.</p>
<p class="p_Normal">For the parameter <code><b>psql_url</b></code>, specify the PostgreSQL connection string obtained in Step 1. This article uses a connection string to PostgreSQL deployed in the Kubernetes cluster. </p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">#&nbsp;Audit&nbsp;settings</span><br />
<span class="f_CodeExample">audit:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;global:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;psql_url:&nbsp;&quot;postgresql://postgres:pgpassword@postgres.default.svc.cluster.local:5432/audit?sslmode=disable&quot;</span><br />
<span class="f_CodeExample">...</span></p>
<p class="p_Normal"><a class="dropdown-toggle" style="font-style: normal; font-weight: normal; color: #000000; background-color: transparent; text-decoration: none;" href="javascript:HMToggle('toggle','TOGGLE0186A2')">Filling in the connection parameters to the private registry for installation in a closed loop without internet access</a></p>
<div id="TOGGLE0186A2" class="dropdown-toggle-body" style="text-align: left; text-indent: 0; line-height: 1.80; padding: 0 0 0 0; margin: 0 0 0 0;"><table style="border:none; border-spacing:0;">
<tr>
<td style="vertical-align:top; padding:0; border:none"><p class="p_Normal">&nbsp;<br />
To connect to the private registry, you need to:</p>
<ol style="list-style-type:decimal">
<li value="1" class="p_Normal">Download the BRIX images and upload them to the local image registry. For more details, see <a href="downloadin-images-elma365.html" class="topiclink">Download BRIX images</a>.</li><li value="2" class="p_Normal">Set the address and path in the parameter <code><b>repository</b></code>. </li></ol>
<ol style="list-style-type:decimal" start="3">
<li value="3" class="p_Normal">Indicate the name of the secret with access rights to the private registry in the parameter <code><b>pullSecret</b></code>. The secret must be created manually and encrypted in Base6.</li></ol>
<p class="p_CodeExample" style="white-space: normal; page-break-inside: avoid;"><span class="f_CodeExample"># Audit settings</span><br />
<span class="f_CodeExample">audit:</span><br />
<span class="f_CodeExample">...</span><br />
<span class="f_CodeExample">  # address and secret for the private registry</span><br />
<span class="f_CodeExample">  image:</span><br />
<span class="f_CodeExample">  &nbsp; repository: registry.example.com</span><br />
<span class="f_CodeExample">  &nbsp; # The secret with access rights to the private registry must be created manually, encrypted in Base64</span><br />
<span class="f_CodeExample">  &nbsp; pullSecret:</span><br />
<span class="f_CodeExample">  &nbsp; &nbsp; - name: myRegistryKeySecretName</span></p>
</td>
</tr>
</table>
</div>
<h2 class="p_Heading2"><a id="install-audit-chart" class="hmanchor"></a><span class="f_Heading2">Step 4: Install the Audit chart using Helm in the Kubernetes cluster</span></h2>
<p class="p_Normal">Install the audit chart in the <code><b>namespace</b></code> specified in Step 3 in the configuration file <code><b>values-audit.yaml</b></code>. The namespace will be created during installation if it was not previously created.</p>
<p class="p_Normal">For internet installation:</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">helm&nbsp;upgrade&nbsp;--install&nbsp;elma365-audit&nbsp;elma365/audit&nbsp;-f&nbsp;values-audit.yaml&nbsp;-n&nbsp;audit&nbsp;--create-namespace&nbsp;</span></p>
<p class="p_Normal">For offline installation without internet access:</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">helm&nbsp;upgrade&nbsp;--install&nbsp;elma365-audit&nbsp;./audit&nbsp;-f&nbsp;values-audit.yaml&nbsp;-n&nbsp;audit&nbsp;--create-namespace</span></p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">Начало&nbsp;внимание</span></p>
<p class="p_Normal">Installing the Security Audit service does not automatically include or install the Security Audit module on the BRIX application side.</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">Конец&nbsp;внимание</span></p>
<p class="p_Normal">Read more about installing the module and working with it in <a href="audit_extension.html" class="topiclink">Security Audit module</a>.</p>
<h2 class="p_Heading2"><span class="f_Heading2">Delete the Audit chart using helm in the Kubernetes cluster</span></h2>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">Начало&nbsp;внимание</span></p>
<p class="p_Normal">Before removing the Security Audit component, disable the use of the <a href="audit_extension.html" class="topiclink">Secutiry Audit module</a> on the BRIX application side.</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">Конец&nbsp;внимание</span></p>
<p class="p_Normal">To delete the elma365-audit chart in <code><b>namespace audit</b></code>, execute the command:</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">helm&nbsp;uninstall&nbsp;elma365-audit&nbsp;-n&nbsp;audit</span></p>
<div class="bottom-nav">
<a id="prev-link" class="topic__navi_prev" href="install-nodelocal-dns-cache.html">
<span class="bottom-nav__arrow bottom-nav__arrow--prev"></span> <span
class="bottom-nav__link">install-nodelocal-dns-cache.html</span>
</a>
<a id="next-link" class="topic__navi_next" href="install-monitoring-tools.html">
<span class="bottom-nav__link">install-monitoring-tools.html</span> <span
class="bottom-nav__arrow bottom-nav__arrow--next"></span>
</a>
</div>
<!-- добавляет на страницу строку блок Была ли статья полезной? -->
<div class="feedback" id="feedback"><div class="feedback-help"><span><b>Was this helpful?</b></span><form action="" method="POST" class="feedback-form" id="feedback-form"><div class="feedback__popup feedback__popup-response" id="feedback__popup_thx" style="display: none;">Thanks for your feedback!</div><div class="feedback__popup" id="feedback__popup_why" style="display: none;"><div class="feedback__popup-header">Please specify why:</div><input type="radio" name="category" id="bad_recommendation" value="bad_recommendation"><label for="bad_recommendation">Recommendations did not help me</label><input type="radio" name="category" id="difficult_text" value="difficult_text"><label for="difficult_text">Article is hard to understand</label><input type="radio" name="category" id="no_answer" value="no_answer"><label for="no_answer">Didn`t answer my question</label><input type="radio" name="category" id="bad_header" value="bad_header"><label for="bad_header">Content does not match the topic</label><input type="radio" name="category" id="other_reason" value="other_reason"><label for="other_reason">Other</label></div><div class="feedback__popup" id="feedback__popup-other" style="display: none;"><div class="feedback__popup-header">How we can improve it?</div><textarea class="feedback__textarea" name="other" id=""></textarea><input type="submit" class="feedback__other-btn" value="Submit"></div><div class="feedback-form__btn-group"><input type="radio" name="useful" id="feedback__useful_yes" value="true"><label for="feedback__useful_yes"><img src="like.svg" class="small-img" alt="like"><spanclass="feedback-form__btn-group_yes-btn">Yes</spanclass="feedback-form__btn-group_yes-btn"></label><input type="radio" name="useful" id="feedback__useful_no" value="false"><label for="feedback__useful_no"><img src="dislike.svg" class="small-img" alt="dislike"><spanclass="feedback-form__btn-group_no-btn">No</spanclass="feedback-form__btn-group_no-btn"></label></div><select name="category"><option disabled="">Please specify why</option><option value="bad_recommendation" selected="">Recommendations did not help me</option><option value="difficult_text">Article is hard to understand</option><option value="no_answer">Didn`t answer my question</option><option value="bad_header">Content does not match the topic</option><option value="other_reason">Other</option></select><input type="submit"></form></div><div class="found_typo"><p style="margin: 0px; margin-top: 16px !important;"><span><b>Found a typo?</b></span> Select it and press <i>Ctrl+Enter</i> to send us feedback</p></div></div>
</section>
</div>
<aside class="article__sidebar" style="display:none">
<input type="checkbox" />
<div class="article__arrow"></div>
<div class="table-of-contents elma365-right" id="toc2Content">
<h3 class="h3-toc">In this topic</h3>
<nav id="toc2"></nav>
</div>
</aside>
</div>
</article>
</main>
<footer class="footer">
<div class="footer-container">
<div class="footer-mobile">
<ul class="footer-mobile__list"><li><a href="https://brix365.com/en/" target="_blank">BRIX</a></li><li><a href="https://tssdk.brix365.com/en/latest/" target="_blank">SDK</a></li><li><a href="https://api.brix365.com/en/" target="_blank">API</a></li></ul><ul class="footer-mobile__list"><li><a href="https://brix365.com/en/help/platform/get-trial.html">Platform</a></li><li><a href="https://brix365.com/en/help/ecm/ecm-functions.html">ECM</a></li><li><a href="https://brix365.com/en/help/service/service-functions.html">Service</a></li><li><a href="https://brix365.com/en/help/projects/projects-functions.html">Projects</a></li></ul>
</div>
<div class="footer-wrap">
<div><span class="mobile-question-popup">Send feedback</span><form method="POST" action class="question__popup question-xs" id="question__popup"><div class="question-wrap"><span class="close"></span><span class="title">Ask a question</span><label for="help_question" style="display: none;"></label><textarea name="help_question" id="help_question"></textarea><input type="submit" value="Send"></div></form><div class="hidden fade-in question-success-xs">Sent</div></div>
<div class="footer-flex-b">
<span class="footer-copy">&copy; 2025 BRIX</span>
<ul class="footer-list">
<li class="footer-item">
<a href="#" class="arrow-top" style="display: block;"></a>
</li>
</ul>
</div>
</div>
</div>
</footer>
<iframe name="hmnavigation" style="display:none!important"></iframe>
<script src="./jquery-ui.js"></script>
<!--script src="//cdn.jsdelivr.net/npm/featherlight@1.7.14/release/featherlight.min.js" type="text/javascript" charset="utf-8"></script-->
<script src="./jquery.tocify.min.js"></script>
<script src="./TypoReporter.min.js"></script>
<script src="./google-search.js"></script>
<script src="./main.js"></script>
<script type="text/javascript">
HMInitToggle('TOGGLE0186A1','hm.type','dropdown','hm.state','0');
HMInitToggle('TOGGLE0186A2','hm.type','dropdown','hm.state','0');
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink