default credentials, script options, and sample configuration files

This section has the default credentials, script options and example configuration files.

Default credentials

The default credentials on a new installation of are:

SSH accounts for virtual machine image (.OVA), unprivileged installations

Username: phantom
Password: password

Web Interface

Username: admin
Password: password

The default credentials of a new AMI installation of are:

SSH accounts:

Username: phantom
Password: None. You must use the SSH key created when deploying the AMI version of .

Web Interface

Username: admin
Password: <full AWS instance ID>

You should change the default passwords immediately after the installation is complete.

Installation or configuration scripts

This section lists various installation scripts and their command line options.

phantom_tar_install.sh options

Use these arguments to control the phantom_tar_install.sh script. Only use this to install as an unprivileged user.

Option	Argument	Description
install	--https-port=HTTPS_PORT	Set the custom HTTPS port for .
	--no-prompt	Run the script without a confirmation prompt.
	--without-apps	Do not install any of the apps that ship with . Apps can be installed later using the GUI.
	--no-space-check	Do not check for available space in /tmp before attempting to install.
upgrade	--no-prompt	Run the script without a confirmation prompt.
	--without-apps	Do not install any of the apps that ship with . Apps can be installed later using the GUI.
	--no-space-check	Do not check for available space in /tmp before attempting to install.

Below is an example command that will install without installing any of the apps that ship with :

phantom_tar_install.sh install --without-apps

phantom_setup.sh options

Use these arguments to control the phantom_setup.sh script.

Option	Argument	Description
install	--no-prompt	Run the script without a confirmation prompt.
	--without-apps	Do not install any of the apps that ship with . Apps can be installed later using the GUI.
	--no-space-check	Do not check for available space in /tmp before attempting to install.
	--non-root	Run the watchdog daemon with reduced privileges.
	--yumopts="..."	Additional parameters to pass to yum.
	--mingit	Installs a minimal Git package without the Perl Git module.
	--rhsc-psql	Installs PostgreSQL from Red Hat Source Collections.
	--version	Specify which version of to install.
upgrade	--no-prompt	Run the script without a confirmation prompt.
	--without-apps	Do not install any of the apps that ship with . Apps can be installed later using the GUI.
	--no-space-check	Do not check for available space in /tmp before attempting to install.
	--non-root	Run the watchdog daemon with reduced privileges.
	--yumopts="..."	Additional parameters to pass to yum.
	--version	Specify which version of to install.

make_server_node.pyc options

Use these options to control the make_server_node.pyc command.

Argument	Description
--version	Displays the program's version number.
--help	Display a list and description of arguments.
--no-prompt	Run the program. Do not display the warning prompt.

Convert an OVA install of into a server node for a cluster. A server node provides one or more of the services a cluster requires, such as proxy, database, file share, or search endpoint.

Argument	Description
all	This is the default option. Install HAProxy, PostgreSQL, GlusterFS, and Splunk on this node. This option creates a best effort version of `mcn_responses.json` to be used with `make_cluster_node.pyc`.
fs	Create and configure a single node GlusterFS file share on this node for . The directory tree starts with `/opt/phantom/shared`.
db	Create the PostgreSQL database on this node to act as an external database.
proxy	Install HAProxy to act as a load balancer for the cluster.
splunk	Install Splunk Enterprise to act as remote search endpoint for the cluster.

make_cluster_node.pyc options

Convert an OVA install of into a cluster node for a cluster. A cluster node is a single instance of supported by one or more server nodes.

Argument	Description
--responses	Send prepared responses from `mcn_responses.json` or `responses.json` to the script.
--record	Create to a `responses.json` file to use when running this script on another node. This version of the file does contain passwords.
--record-no-secret	Create to a `responses.json` file to use when running this script on another node. This version of the file does not contain passwords.
--record-location	Set the location to record the `responses.json` file. The default is `/opt/phantom/bin/response.json`.
--delete-responses-file	Delete the responses file used from the machine with the script completes.
--version	Show the program version number and exit.

Some versions of the responses.json file contain passwords. The mcn_responses.json file contains secrets such as usernames and passwords in plain text. Store it in a secure location or delete it after the cluster configuration is complete.

Configuration files

This section contains example configuration files. Use these as a guide when configuring items for use in your deployment.

HAProxy Configuration

    ##--------------------------------------------------------------------
    ## HAPROXY 1.8.7 CONFIGURATION FILE
    ##--------------------------------------------------------------------
    #---------------------------------------------------------------------
    # global settings
    #---------------------------------------------------------------------
    global
        tune.ssl.default-dh-param 2048
        log 127.0.0.1:514 local0
    
    #---------------------------------------------------------------------
    # common defaults
    #---------------------------------------------------------------------
    defaults
        mode http
        timeout connect 0ms
        timeout client 0ms
        timeout server 0ms
        log global
    
    #---------------------------------------------------------------------
    # SSL w/ redirect to HTTPS
    #---------------------------------------------------------------------
    frontend localhost
        bind *:80
        bind *:443 ssl crt /etc/haproxy/certificates no-sslv3 no-tlsv10 ciphers <ciphers go here>
    # for unprivileged installs, add another declaration
    #   bind *:<your https port> ssl crt /etc/haproxy/certificates no-sslv3
    # no-tlsv10 ciphers <ciphers go here>
        redirect scheme https if !{ ssl_fc }
        mode http
        default_backend nodes
    
    #---------------------------------------------------------------------
    # backend (output)
    #---------------------------------------------------------------------
    backend nodes
        mode http
        balance roundrobin
        option http-keep-alive
        option forwardfor
        cookie SRVNAME insert
        option httpchk GET /check HTTP/1.1\r\nHost:\ www.example.com
        http-check expect status 200
        default-server fastinter 1s downinter 5s
        server <phantom node UUID> <IP Address>:443 cookie <phantom node UUID> check ssl verify none
        http-request set-header X-Forwarded-Port %[dst_port]
        http-request add-header X-Forwarded-Proto https if { ssl_fc }