Automatically Configure VMware Log Insight

Automatically Configure VMware Log Insight

One of the things that I recently needed to do was be able to script the configuration of Log Insight so that an admin no longer needed to go through the web UI to do the initial installation. The below script works but has a limitation: You need to know what your AD password hash and and the admin password hash and salt are. The way that I did this is by using the values from my original Log Insight server. You can be more clever if you are so inclined.

The script is designed to use the lower level Linux commands which can obviously be replaced with simple file copies but for what it’s worth here you go.

   1: #Change the default NTP Servers

   2: sed -i 's/server 0.us.pool.ntp.org/time.domain.com/' /etc/ntp.conf

   3: sed -i 's/server 1.us.pool.ntp.org/time1.domain.com/' /etc/ntp.conf

   4: sed -i 's/server 2.us.pool.ntp.org//' /etc/ntp.conf

   5: sed -i 's/server 3.us.pool.ntp.org//' /etc/ntp.conf

   7: cp /etc/ntp.conf /etc/ntp.target.conf

   8: chkconfig ntp --level 35 on

   9: service ntp restart

  10: #License LI

  11: echo "XXXXX-XXXXX-XXXXX-XXXXX" >> /usr/lib/loginsight/application/etc/license/loginsight_license.txt

  12: #Configure LI. I wanted this as low level as possible, nothing stops you from just copying the file instead of creating it line by line.

  13: mkdir /storage/core/loginsight/config

  14: echo "<config>" >> /storage/core/loginsight/config/loginsight-config.xml#9

  15: echo "     <version>" >> /storage/core/loginsight/config/loginsight-config.xml#9

  16: echo "         <strata-version value="1.5.0-1435442" release-name="1.5 GA" />" >> /storage/core/loginsight/config/loginsight-config.xml#9

  17: echo "     </version>" >> /storage/core/loginsight/config/loginsight-config.xml#9

  18: echo "     <alerts>" >> /storage/core/loginsight/config/loginsight-config.xml#9

  19: echo "         <admin-alert-receivers value="alert-notify-email@domain.com" />" >> /storage/core/loginsight/config/loginsight-config.xml#9

  20: echo "     </alerts>" >> /storage/core/loginsight/config/loginsight-config.xml#9

  21: echo "     <ntp>" >> /storage/core/loginsight/config/loginsight-config.xml#9

  22: echo "         <ntp-servers value="time.domain.com, time1.domain.com" />" >> /storage/core/loginsight/config/loginsight-config.xml#9

  23: echo "     </ntp>" >> /storage/core/loginsight/config/loginsight-config.xml#9

  24: echo "     <authentication>" >> /storage/core/loginsight/config/loginsight-config.xml#9

  25: echo "         <auth-method value="active-directory" />" >> /storage/core/loginsight/config/loginsight-config.xml#9

  26: echo "         <ad-domain value="domain.com" />" >> /storage/core/loginsight/config/loginsight-config.xml#9

  27: echo "         <ad-username value="username" />" >> /storage/core/loginsight/config/loginsight-config.xml#9

  28: echo "         <ad-password value="XXXXXXXXXXXXXXXXX" />" >> /storage/core/loginsight/config/loginsight-config.xml#9

  29: echo "     </authentication>" >> /storage/core/loginsight/config/loginsight-config.xml#9

  30: echo "     <smtp>" >> /storage/core/loginsight/config/loginsight-config.xml#9

  31: echo "         <server value="smtp.domain.com" />" >> /storage/core/loginsight/config/loginsight-config.xml#9

  32: echo "         <default-sender value="log-insight-server1@domain.com" />" >> /storage/core/loginsight/config/loginsight-config.xml#9

  33: echo "     </smtp>" >> /storage/core/loginsight/config/loginsight-config.xml#9

  34: echo "</config>" >> /storage/core/loginsight/config/loginsight-config.xml#9

  35: #Add Content Packs

  36: mkdir /usr/lib/loginsight/application/etc/content-packs/vCD

  37: #copy Content Pack contents to /usr/lib/loginsight/application/etc/content-packs/vCD/content.json

  38: #Update the admin email address and password

  39: /usr/lib/loginsight/application/lib/pgsql/bin/psql logdb -p 12543 -U liuser -c "UPDATE li_user SET email = 'admin-email@domain.com', password = 'XXXXXXXXXXXXXXXXXXX', salt = 'XXXXXXXX' WHERE name = 'admin';"

  40: #First start

  41: service loginsight restart

  42: #Add AD group to be a LI admin group.

  43: /usr/lib/loginsight/application/lib/pgsql/bin/psql logdb -p 12543 -U liuser -c "INSERT INTO li_group (group_id, domain, name, role_id) VALUES (5, 'domain.com','log_insight_admins',1);"

Now you are ready to login using either your new admin password or via your Active Directory account.

 

One thought on “Automatically Configure VMware Log Insight

Leave a Reply

Your email address will not be published. Required fields are marked *