GUIDE 3 – XPLG on Windows Server
PortX/XpoLog on Windows Server 2019 Installation
In this chapter, you will learn how to install PortX/XpoLog on a standalone, bare-metal Windows Server 2019 instance.
The steps described here are generally applicable for other versions of Windows Server between 2008 R2 and 2016.
* Learn more about PortX’s Parsing, Collection, and Forwarding.
* Learn more about XpoLog’s Windows analysis app.
* Learn more about XpoLog log management tool.
For simplicity, the setup assumes PortX/XpoLog will be installed on a single EC2 instance, running in a single public subnet in a non-default VPC.
The instance will be publicly accessible and have an associated elastic IP.
The instance type is m4.2xlarge, which has 8 vCPUs and 32 GB RAM.
The optimal memory size for a PortX/XpoLog machine depends on the ingested log volume per day and retention period.
Generally, a memory size not less than 8 GB and no more than 64 GB is recommended. Standard PortX/XpoLog machines utilize 4 to 8 CPU cores.
Increasing the root volume size to 500 GB will ensure the configuration is suitable for moderate workloads.
The security group attached to the instance should allow incoming traffic on ports 3389 (RDP), 30303 (XpoLog web access), and 30443 (XpoLog secured web access).
It also allows HTTP/S access.
Other ports like 25 (needed for SMTP server access), 162 (needed for SNMP traps) or DB ports have not been added to the security group because those features are not going to be used here.
A production PortX/XpoLog environment will be quite different from this setup. In a typical production setup, a PortX/XpoLog instance:
- May reside in a private subnet or the network edge.
- May be accessible from the corporate network as well as the outside world. In the first case, network traffic rules would allow traffic from one or more internal IP address ranges. In the second scenario, users will need to log in with two-factor authentication or similar security features.
- May use a larger storage volume.
The simplified setup is for demonstration purposes only.
Downloading PortX/XpoLog | XPLG
You can download the PortX/XpoLog binary to a local directory from this URL: https://www.XPLG.com/download/.
For Windows Server 2019:
- Choose Windows 64 from the drop-down list.
- Provide your business e-mail address, name and select the checkbox to accept XPLG terms and conditions.
- Click the “DOWNLOAD FREE” button.
Installing PortX/XpoLog | XPLG
The PortX/XpoLog installer binary has already Java embedded in it, and so the installation process will automatically set up the runtime.
However, it is also possible to manually install and configure Java before installing PortX/XpoLog.
This is typically the case for customers who need to use a specific Java distribution as part of an organization-wide configuration standard.
PortX/XpoLog comes with a generic installer without built-in JVM.
During setup, the installer will prompt for the Java location which then has to be provided.
Please note that PortX/XpoLog supports Java version 1.8 or later.
- Once downloaded, double click on the installer (XpoLogCenterSetup-64.exe)
- The installer will uncompress
- Next, the InstallAnywhere wizard will show a message that it will guide through the installation of PortX/XpoLog – Click Next.
- In the next screen, the wizard asks to specify the install location. The default path is C:Program FilesXpoLogCenter7. In this exercise, accept the default path and click Next.
- The next screen asks where the installer should create product icons. Accept the default (a new Program Group named XpoLogCenter7):
- The next screen prompts for the XpoLog Center 7 Windows service name. Accept the default name and select the checkbox to start XpoLog after the installation:
- The wizard now shows the pre-installation summary. Click Install:
- The installation progress is shown:
- An installation complete message is shown when the process successfully completes. Click Done to exit the installer:
Once the installer completes, the main PortX/XpoLog interface opens in a browser window:
Configuring Windows Firewall for PortX/XpoLog | XPLG
If Windows Defender Firewall is running in the server, PortX/XpoLog user interface will not be accessible from the browser.
To address this, add two rules to Windows Firewall to allow traffic through ports 30303 and 30443.
The images below show the configuration of a new rule for port 30303:
Accessing PortX/XpoLog After Installation
To see if PortX/XpoLog is running, open a browser window and navigate to this address:
The main PortX/XpoLog interface will come up:
As you can see, installing PortX/XpoLog on Windows is very simple.
As an administrator, your next task will be performing a number of post-install configurations.
You might also like: