Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Setting up a JSA Silent Installation

JSA Console only Install IBM JSA "silently," or perform an unattended installation.

  • You must have the JSA ISO for the release that you want to install.

  • Modify the SELINUX value in the /etc/sysconfig/selinux file to SELINUX=disabled, and restart the system.

  • You must install Red Hat Enterprise Linux (RHEL) on the system where you want to install JSA. For more information, see Installing RHEL on your own appliance. The following table describes the version of Red Hat Enterprise Linux used with the JSA version.

Table 1: Red Hat version

JSA Version

Red Hat Enterprise Linux Version

JSA 7.5.0 GA to JSA 7.5.0 Update Package 7

Red Hat Enterprise Linux V7.9 64-bit

JSA 7.5.0 Update Package 8

Red Hat Enterprise Linux V8.8 64-bit

  1. As the root user, use SSH to log on to the host where you want to install JSA.

  2. In the root directory of the host where you want to install JSA, create a file that is named AUTO_INSTALL_INSTRUCTIONS and contains the following content:

    Table 2: Silent Install File parameters. Parameters that are listed as "Optional" are required in the AUTO_INSTALL_INSTRUCTIONS file, but can have no value.

    Parameter

    Value

    Required?

    Description

    Permitted values

    force

    Required

    Forces the installation of the appliance despite any hardware issues.

    true or false

    api_auth_token Optional An authorization token. For more information about managing authorized services, see the Juniper Secure Analytics Administration Guide Authorization token
    appliance_number Optional The identifier for the appliance 0, 3105, 1201, and so on.
    appliance_oem Required Identifies the appliance provider. JSA and so on
    appliance_filter Required The appliance name or identifier. vmware, na
    bonding enabled Required Specifies whether you are using bonded interfaces. true or false
    bonding_interface If using bonded interfaces, then required. The MAC addresses for the interfaces that you are bonding, separated by commas. <interface_name =mac_address><secondary_interface_name=mac_address>
    bonding_interface_name If using bonded interfaces, then required. Identifies the bonding interface. bond0
    bonding_options If using bonded interfaces, then required. The Linux options for bonded interfaces. Example: miimon=100 mode=4 lacp_rate=1
    ha_cluster_virtual_ip Optional Specifies the IP address for the HA cluster ip_address
    hostname Required The fully qualified host name for JSA system  
    ip_protocol Required The IP protocol for this host. ipv4, ipv6
    ip_dns_primary If ip_protocol is set to IPv4, then required The primary DNS server. A valid IPv4 address
    ip_dns_secondary If ip_protocol is set to IPv4, then required The secondary DNS server. A valid IPv4 address
    ip_management_interface Required The interface name, and the MAC address of the management interface. You can use either, or both separated by "=".  
    ipv4_address If ip_protocol is set to IPv4, then required The IP address of the host that you are installing the software on. A valid IPv4 address
    ipv4_address_public If ip_protocol is set to IPv4, and NATed, then required The public IP address of the host that you are installing the software on. A valid IPv4 address
    ipv4_gateway If ip_protocol is set to IPv4, then required The network gateway for this host A valid IPv4 address
    ipv4_network_mask If ip_protocol is set to IPv4, then required The netmask for this host  
    ip_v6_address If ip_protocol is set to IPv6, then required The IPv6 address of the JSA installation if required. A valid IPv6 address
    ip_v6_address_public If ip_protocol is set to IPv6, and NATed, then required The public IP address of the host that you are installing the software on. A valid IPv6 address
    ip_v6_autoconf Required Specifies whether IPv6 is autoconfigured. true or false
    ip_v6_gateway Not Required Leave empty.  
    is_console Required Specifies whether this host is the console within the deployment

    true - This host is the

    console in the deployment false - This is not the console and is another type of managed host (Event or Flow Processor, and so on)
    is_console_standby Required Specifies whether this host is an HA console standby true or false
    admin_password Optional The password for the administrator account. You can encrypt the password if required. If you leave this parameter blank, the password is not updated.

    <password>

    Important: Your

    company's security policies can prevent you from entering a password in a static file on theappliance.

    Defined, or leaving the value empty to use a previously entered password on an upgrade.

    root_password Required The password for the root account. You can encrypt the password, if required. If you leave this parameter blank, the password is not updated.

    <password>

    Important: Your

    company's security policies can prevent you from entering a password in a static file on the appliance.

    Defined, or leaving

    the value empty uses a previously entered password on an upgrade.
    security_template If isconsole is set to Y, then required

    The security template

    This value must be consistent with the value entered in appliance_number.

    Enterprise - for all

    SIEM-based hosts

    Logger - for Log Manager

    time_current_date Required

    The current date for this host.

    Use the following format:

    YYYY/MM/DD format

     
    time_current_time Required

    The time for the host in the 24 hour

    format HH:MM:SS.

     
    time_ntp_server Optional The FQHN or IP address of the network time protocol (NTP) server.  
    timezone Required The time zone from the TZ database.

    Europe/London

    GMT

    America/Montreal

    America/New_York

    America/Los_Angeles

    Asia/Tokyo, and so on.

    type_of_setup Required Specifies the type of installation for this host

    normal- A standard JSA managed host or console deployment.

    recovery - A High Availability (HA) recovery installation on this host.

    Example:

    Replace the configuration settings in the file with ones that are suitable for your environment.

    Note:

    Ensure that the AUTO_INSTALL_INSTRUCTIONS file has no extension, such as .txt, or .doc. The installation does not succeed if the file has an extension.

  3. Using an SFTP program copy the JSA ISO to the host where you want to install JSA.

  4. On the host where you are installing, create a /media/cdrom directory on the host by using the command:

    mkdir /media/cdrom
  5. Mount the JSA ISO by using the command:

    mount -o loop <qradar.iso> /media/cdrom
  6. Run the JSA setup by using the command:

    /media/cdrom/setup
  7. Open the End User License Agreement (EULA) at /media/cdrom/EULA.txt and review.

  8. To agree to the EULA, add --accept-eula to the /media/cdrom/setup command.

    When you add --accept-eula, you bypass the EULA prompt.