You must prepare your Linux environment before installing EAS. For example, you must update the kernel SHMMAX parameter to enable PostgreSQL and enable your firewall if you want to forward the syslog file.
To ensure that the Linux system properly returns the hostname, complete the following steps:
In a text editor, open the /etc/hosts file.
In the /etc/hosts file, add the fully qualified domain name (FQDN) of your Linux system to the 127.0.0.1 entry.
For example, if your Linux system’s FQDN is hostname.example.com, the /etc/hosts file should look similar to this:
# IP-Address Full-Qualified-Hostname Short-Hostname 127.0.0.1 hostname.example.com hostname # special IPv6 addresses ::1 localhost ipv6-localhost ipv6-loopback fe00::0 ipv6-localnet ff00::0 ipv6-mcastprefix ff02::1 ipv6-allnodes ff02::2 ipv6-allrouters ff02::3 ipv6-allhosts 10.10.10.10 hostname.example.com hostname
To verify if the hostname is resolved, execute the hostname -f command.
This command should return the FQDN of your Linux system.
To enable the PostgreSQL database to run on the server, complete the following steps:
In a text editor, open the /etc/sysctl.conf file.
Change the minimum value for the kernel SHMMAX parameter to enable the database.
For example, on a RHEL 6.x system, enter the following text at the end of the file:
# for Sentinel Postgresql kernel.shmmax=1073741824
NOTE:Your system might require more memory that this minimum value. For more information, see “Managing Kernel Resources” in the PostgreSQL documentation.
To set the parameter, execute the following commands:
cd /proc/sys/kernel echo new_val_to_set > shmmax
To forward the syslog file for auditing, complete one of the following steps:
When installing EAS, enable the option to configure the firewall for syslog port forwarding.
Execute the following command:
iptables -t nat -A PREROUTING -p udp --destination-port 514 -j REDIRECT --to-ports 1514
NOTE:If you change the firewall or reboot the server, the entries in the iptables do not persist. To persist the entries in the iptables, consult with your Linux administrator.