XpoLog 7 Log Management Platform – 

Configuration After Installation

CHAPTER 4

Installing XpoLog log management software is simple. If you missed the first installation guides click here.

There are several configuration steps necessary after XpoLog center 7 has been sucessfully installed.

The following sections cover these post-installation configurations.

XpoLog Log Management Software – Adding License Key

Without a valid license key, XpoLog Center 7 will display a message like this:

Adding License Key to XpoLog log management tool

Assuming you have not received a license key from XpoLog, follow these steps:

If XpoLog software is not running, start the process:

  • Go to the XpoLog Center 7 installation directory
  • Run the command: ./runXpoLog.sh start

Once the process starts, open a browser window and browse to the XpoLog log management center 7’s home page:

browse XpoLog center homepage

Browse to the XpoLog Manager by clicking on the gear icon near the top right corner of the screen.

XpoLog Manager interface

  • This is will show the XpoLog Manager interface. From the left navigation panel, choose “SETTINGS”, and then “License” from the submenu.

generating a server key

  • At the bottom of the screen, click on the “Server Key” section. This will generate a server key (this can be done once for a cluster set up as well).

Generate a server key

  • Copy the contents to a file and send to XpoLog technical support for receiving a license key.
  • If already a license key is available, click “Choose file” under UPDATE LICENSE” section and select the license file.

If a license key is available, click “Choose file” under UPDATE LICENSE” section and select the license file

  • Click Save. A message will be displayed: “License updated successfully, click DONE to restart server”. Click DONE on the message box to restart XpoLog Center 7.
  • Once the XpoLog Center 7 interface comes up, there should be no warning about license.

Adding and Configuring External Storage for Data (Linux)

XpoLog is a log management platform which can work with extremely large volumes of data from many different source systems.

It also needs disk space to analyze and index this data.

To ensure the system has enough disk space available for these operations, it is best to use separately mounted storage space for log data.

  • For Amazon EC2-hosted XpoLog installations, we recommend using an EFS (Elastic File Store) volume.
  • You can create a separate directory for XpoLog Center 7 and mount that directory on the EFS volume.

The code snippet below shows a custom directory for XpoLog (/xpolog7) mounted on an EFS volume:

The code snippet below shows a custom directory for XpoLog mounted on an EFS volume

To make use of this mounted volume:

  • Go back to the XpoLog web interface in the browser. From the left navigation panel, choose “SETTINGS” and then “System Settings” from the submenu.

Go back to the XpoLog web interface in the browser. From the left navigation panel, choose “SETTINGS” and then “System Settings” from the sub-menu.

  • Under “General Settings”, check on the box “Use external configuration directory” and provide the absolute path to the external storage location. Here, we have specified the directory mounted on the EFS volume:

Add / Configure External Storage

  • Leave all other settings to default values and click the Save button on the top right corner of the screen.
  • XpoLog will copy the necessary files to the new location:

Add / Configure External Storage

XpoLog Post Installation Configuration

  • Click OK. XpoLog will restart.
  • Once the site interface comes back, go back to XpoLog Manager again and open the Settings > System Settings > General Settings tab and you can confirm the new location was saved.
  • You can now log into the EC2 instance and list the contents of the external storage. This should show something like this:

Add / Configure External Storage

Configuring File Settings (Linux)

Swappiness

The next step is to configure XpoLog for optimal memory, swap space and open files.

Some of these changes will need to be made from Linux shell, others from XpoLog configuration file.

  • Log in to the XpoLog EC2 instance if not already there.
  • Switch to the root user or a user with root privileges.
  • Run the command: ./runXpoLog.sh stop
  • Once the process stops, check the swappiness settings.

The snippet below shows it’s set to 60% (default).

 check the swappiness settings

  • Open the /etc/sysctl.conf file in a text editor and add or change the vm.swappiness setting like this:

vm.swappiness=10

  • This setting will require a reboot.

Maximum Allowed Open Files and Number of Processes

  • Check the maximum allowed number of open files for the user running the XpoLog process.
  • If this value is less than 10,000, it needs to be changed to 10,000.

In the snippet below, it’s showing a default value of 1024.

Check the maximum allowed number of open files for the current user

  • Check the maximum allowed number of processes for the current user.
  • This should be set to at least 20,000.

In the snippet below, it turns out to be 128537:

Check the maximum allowed number of processes for the current user

  • Change the maximum number of open files and allowed processes by editing the /etc/security/limits.conf file.
  • In the following snippet, the values for the root user are changed. You can change the user name to the account that’s running XpoLog:

Change the maximum number of open files and allowed processes

Allocating Extra Memory to XpoLog (Linux and Windows)

The recommended value for memory assigned to XpoLog is 75% of total RAM.

The EC2 instance running XpoLog Center 7 has 32 GB of RAM.

You will, therefore, assign 24 GB (75% of 32 GB) RAM to the XpoLog process.

To do this:

  • Open the XpoLog Center 7 configuration file (XpoLog.sh.lax) from the installation directory in a text editor.
  • Replace the following line:

    lax.nl.java.option.additional=-Djava.library.path=bin/ -Djava.awt.headless=true Xmx1024m -Djava.net.preferIPv4Stack=true -Dfile.encoding=UTF-8

    With this:

    lax.nl.java.option.additional=-Djava.library.path=bin/ -Djava.awt.headless=true -Xmx24576m -Djava.net.preferIPv4Stack=true -Dfile.encoding=UTF-8
  • Save and close the file.
  • Once the changes are made, reboot the EC2 instance.

Changing Service Account

By default, XpoLog Center service in Windows runs under the Local System account, which gives it full access to the local machine, but no access to the network.

Change the service’s property to run it under a domain account with sufficient network privileges.

Change the service’s property to run it under a domain account with sufficient network privileges.

Configuring Security

Ideally, XpoLog Center 7 should be available to authorized users only.

There are a few different ways to configure this:

  • Using XpoLog’s own security model. Here, each user logs in with their username and password and the credentials are managed by XpoLog internally
  • Using Active Directory accounts
  • Using Single Sign-on with CA SiteMinder or IBM WebSEAL.

You will now enable XpoLog-based security and create an admin user for accessing the console.

  • Browse to the XpoLog Manager by clicking on the gear icon on the top right corner of the screen.
  • From the left navigation menu, choose Settings > System Settings and then  click on the “Security” tab:

Ideally, XpoLog Center 7 should be available to authorized users only.

  • Select the “Activate Security” checkbox and ensure that only “XpoLog Realm” is selected in the “Selected items” column of the Authentication table.

Select the “Activate Security” checkbox and ensure that only “XpoLog Realm” is selected in the “Selected items” column of the Authentication table.

  • A message will be displayed saying security is being configured. After the process completes, XpoLog Center 7 reloads in browser window prompting for username and password.

A message will be displayed saying security is being configured. After the process completes, XpoLog Center 7 reloads in browser window prompting for username and password.

  • The default username and password are admin and admin.
  • Once logged in with these credentials, the username is displayed on the top right corner of the page:

Once logged in with these credentials, the username is displayed on the top right corner of the page

  • With security enabled, a new menu item named “Security” is added to the XpoLog Manager navigation menu. Click on that menu and then select “User General Settings”:

With security enabled, a new menu item named “Security” is added to the XpoLog Manager navigation menu. Click on that menu and then select “User General Settings”

  • From the next screen, change the admin user’s password:

change the admin user’s password

Conclusion

We have now learned how to make a number of configuration changes to XpoLog Center 7 after it’s installed.

The changes we have made here are strongly recommended for single and multi-instance XpoLog setups.

All chapters: 

Read more about:

How to secure Amazon S3 buckets
View how raw data from the Champions League easily turn into insights
Troubleshoot your Windows task scheduler in 5 minutes! XPLG automated log analyzer and problem detection