Set Up High Availability - Administrator Guide - EoL - 6.6 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Cortex XSOAR
Creation date
Last date published
Administrator Guide
End of Life > EoL
  1. Review the High Availability Overview and Elasticsearch Best Practices.

  2. Set up and configure the Elasticsearch cluster and ensure network connectivity between application servers and Elasticsearch.

  3. Verify the Elasticsearch cluster meets the minimum sizing requirements for Cortex XSOAR.

  4. Create a user or API key for Cortex XSOAR to authenticate with the appropriate permissions.

  5. Provision the Cortex XSOAR application servers, ensuring each application server meets the minimum system requirements.

  6. Create and mount the shared file system for the Cortex XSOAR application servers. Verify the shared file system meets the minimum requirements.

  7. Verify that latency between the application servers, Elasticsearch cluster, and shared file system is 100 ms or below. For optimal performance, 10 ms or below is recommended.

  8. Follow instructions for Single Server Elasticsearch installation.

  9. Migrate the shared directory if it is not mounted at /var/lib/demisto.

  10. (Recommended) - Install a load balancer.

    Set the following server configurations to the URL of the load balancer under SettingsAboutTroubleshooting

    • Base URL

    • External Hostname

  11. Install Additional App Servers.

  12. Validate Additional App Servers.

  13. Perform the Server Post-Installation Health Check.