Install a Cortex XSOAR engine.
When you install the engine, the d1.conf
is installed on the engine machine, which contains engine properties such as proxy, log level, log files, etc. If Docker/Podman is already installed, the python.engine.docker
and powershell.engine.docker
key is set to true
. If Docker or Podman is not available when the engine is installed, the key is set to false
. If so, you need to set the key to true
. Verify that python.engine.docker
and powershell.engine.docker
configuration key is present in the d1.conf
file.
For engines running on a Windows machine, add the following keys to the d1.conf
file:
The
python.runner.loop.script.path
configuration key with the path to the_script_docker_python_loop.py
file (located in the engine’s installation folder). The path to the_script_docker_python_loop.py
must be taken from WSL installed on the Windows machine (for example,/mnt/c/Users/<customer user>/Desktop/<customer engine folder>/_script_docker_python_loop.py
).The
powershell.runner.loop.script.path
configuration key with the WSL path to the_script_docker_powershell_loop.ps1
file (also located in engine’s installation folder).
After you install and deploy an engine, there are several ways that you can Manage Engines.
Before you begin:
If you are using DEB, RPM or Zip installation, install Docker or Podman. To run Docker dependent integrations and scripts on CentOS v7, install Mirantis Container Runtime.
Create an engine.
Select
→ → → → .In the Engine Name field, add a meaningful name for the engine.
Select one of the installer types from the dropdown list.
Shell
DEB
RPM
Zip
Configuration
Tip
For Linux systems it is recommended to use the Shell installer. If using CentOS 7.x, or Amazon Linux 2, use the Zip installer (see step 5).
(Optional) (Shell only) Select the checkbox to enable multiple engines to run on the same machine.
If you have an existing engine and did not select the checkbox and you want to install another engine on the same machine, you need to delete the existing engine.
(Optional) Add any required configuration in JSON format.
Click OK.
For Shell installation, do the following:
Move the
.sh
file to the engine machine using a tool like SSH or PuTTY.On the engine machine, grant execution permission by running the following command:
chmod +x <engine-file-path>
Install the engine by typing one of the following commands:
With tools:
sudo ./d1-<engine-name>-<XSOAR-version>-xxxxxxx.sh
Without tools:
sudo ./d1-<engine-name>-<XSOAR-version>-xxxxxxx.sh -- -tools=false
For example:
sudo ./d1-enginename-8.2-250000.sh -- -tools=false
For RPM/DEB installation, do the following:
Move the file to the required machine using a tool like SSH or PuTTY.
Type one of the following installation commands:
Machine Type
Install Command
RHEL (RPM)
sudo rpm -Uvh d1-2.5_15418-1.x86_64.rpm
Ubuntu (DEB)
sudo dpkg --install d1_xxx_amd64.deb
Start the engine by running one of the following commands:
Machine Type
Start Command
RHEL (RPM)
sudo systemctl start d1
Ubuntu (DEB)
sudo service d1 restart
For Zip file installation on Windows, do the following:
Move the d1
zip
file to the engine machine using a tool like WinSCP.Unzip the file and move it to any location you require.
Open the file and run the d1_windows_amd64.exe file.
Each time you want to connect to Cortex XSOAR you need to run the D1 Application file.
For Zip installation on CentOS 7.x or Amazon Linux 2, run the following commands:
Create the engine folder.
mkdir /usr/local/demisto
Unzip the engine files to the folder created in step 2.
unzip ./d1.zip -d /usr/local/demisto
Allow the process to bind to low numbered ports.
setcap CAP_NET_BIND_SERVICE=+eip /usr/local/demisto/d1_linux_amd64
Run the engine process.
/usr/local/demisto/d1_linux_amd64
Note
If the installer fails to start due to a permissions issue, even if running as root, add one of the following two arguments when running the installer:
--target <path>
- Extracts the installer files into the specified custom path.--keep
- Extracts the installer files into the current working directory (without cleaning at the end).
If using installer options such as -- -tools=false
, the option should come after the --target
or --keep
arguments. For example:
sudo ./d1-installer.sh --target /some/temp/dir -- -tools=false
To troubleshoot installation, upgrade, connectivity, or issues with integrations, see Troubleshoot Engines.