- Ensure that Python v2.7.x and Virtialenv are installed in your environment
Installing Virtualenv
If you haven't installed Virtualenv in your environment, follow these steps:
- Install Virtualenv:
$ pip install virtualenv
- In the root of the project directory, create a new Virtualenv
folder:
$ virtualenv -p /path/to/python2.7 venv
- Activate
Virtualenv
$ pip install -r requirements.txt
Installing project dependencies
Install the project dependencies in requirements.txt
$ pip install -r requirements.txt
Configuring the Utility Logger
Edit the dnsedge.yaml file, which is installed by default under /etc. At a minimum, the following items must be configured:
url: Replace placeholder text with the the fully qualified domain name of the customer's Edge portal. Note that it must contain "api-" as a prefix. token: Replace text with the customer's SIEM token, which sent in an email to the designated super admin.
Logger types
The Edge logger has two log streams - applog, used for application info or debug messages, and datalog, which is used for query logging.
Each log stream can be directed to a file, or can be sent to a syslog server in LEEF or CEF formats.
For file-based logging you must specify log_level, file_name, and logger_name configurations in the dnsedge.yaml file.
For LEEF or CEF-based syslog messages you must specify server, protocol, and port variables in the dnsedge.yaml file.
Running in a Python virtual environment
$ cd /path/to/dnsedge-poller $ source venv/bin/activate $ python dnsedge.py --file dnsedge.yaml