End-of-Life (EoL)
Install Cortex XSOAR for a Single Server Deployment
These installation instructions are intended for standard
Cortex XSOAR deployments.
In a standard Cortex XSOAR deployment, the
app server and database server are installed on the same machine.
If
you are deploying a signed installer:
- You need to import the public key to the operating system. The public key is valid for six months.
- If you are using engines or hosts in a multi-tenant environment, you need to installmakeself.
Installation
File Structure
This is the file and folder structure in
a standard Cortex XSOAR installation.
By default, Cortex XSOAR
is installed in the
/root
folder, but you can change the default
folder, if necessary.Asset | Path |
|---|---|
Binaries | /usr/local/demisto |
Data | /var/lib/demisto |
Logs | /var/log/demisto |
Configuration | /etc/demisto.conf (will
not be created if defaults are selected during installation) |
Reports | /tmp/demisto_install.log |
Install Log | /tmp/demisto_install.log |
If you want to create different mounts for the
/var/lib/demisto
, /var/lib/docker
, and /tmp
partitions,
it is recommended to allocate the following space to each partition
(dependent on the expected amount of data, and the size of your
incidents and indicators).- /var/lib/demisto: 200 GB (development) 1000 GB (production)
- /var/lib/docker: 70 GB (development) 150 GB (production)
- /tmp: 10 GB (development and production)
Prerequisites
Verify
the following information and requirements before you install Cortex XSOAR.
- Your deployment meets the minimum system requirements.
- You have root access.
- If installing on Oracle Linux you need to manually Install Docker.
- For CentOS 8.x, you must install thetarpackage using the following command:sudo yum install -y tar
Cortex
XSOAR requires Docker or Podman for container management. Cortex XSOAR
installs either Docker or Podman automatically, based on your operating system.
- Download Cortex XSOAR from the link that you received from Cortex XSOAR Support by running the following command.wget -O demisto.sh “<downloadLink>”For example,wget -O demisto.sh “https://download.demisto.com/download-params?token=xabcedef&email=user@paloaltonetworks.com&eula=accept”
- (Optional)If you are deploying Cortex XSOAR using a signed installer (GPG), you need to import the GPG public key that was provided with the signed installer.For example, you can use therpm --import public.keycommand to import the public key into the local GPG keyring. Note that each operating system has specific requirements.
- (Optional)If you are deploying Cortex XSOAR using a signed installer (GPG) you might need to manually install themakeselfpackage by running theyum install makeselfcommand.
- Run thechmod +x demisto.shcommand to convert the.shfile to an executable file.
- Execute the.shfile by running the following command.sudo ./demisto.sh
- Accept the EULA and add the information when prompted.
- The Server HTTPS port (default is 443)
- Type the name of the Admin user (default is admin).
- Type the password (default is admin).
- (Optional)After the installation has completed, do the following:
- Confirm that the Cortex XSOAR server status is active, by running thesystemctl status demistocommand.If the server is not active, run thesystemctl start demistocommand to start the server.
- Confirm that the Docker service status is active, by running thesystemctl status dockercommand.
- In a web browser, go to thehttps://to verify that Cortex XSOAR was successfully installed.serverURL:portWhen you open Cortex XSOAR for the first time you need to add the license.
Recommended For You
Recommended Videos
Recommended videos not found.
