The collector is a virtual appliance based on the Linux operating system, and is responsible for performing certain tasks of SGBox, such as collecting logs from local data sources and sending them to SGBox, via HTTPS (port 443) by establishing an encrypted channel. In addition the collector offers caching capabilities if the communication between the collector and SGBox should interrupt during the sending of data from the sources.

Requirements:

• A collector must be deployed in your virtual infrastructure.
  • HDD 50 GB
  • RAM 4 GB
  • CPU 2 Core
  • The ports utilized by collector can be seen here Network Requirements

Notes: minimum requirements given above indicates what the appliance image will take automatically when deploying in virtualization environment, the hardware resources should be resized according to the tasks the collector will have to perform, for example, If the collector is used to run vulnerability scan you need to increase the resources: We suggest to set the minimum to 4CPU and 8GB of RAM (preferred 8CPU and 16GB of RAM).

Collector network configuration

You can configure the Collector network configuration using the cli tool present on the collector. Connect via ssh (using a program like Putty, or, virtualization console) to Collector specifying the User and Password.

Choose Network configuration

Select Configure Collector interfaces

This option allows you to configure all the parameters (IP, Gateway, DNS and Domain) by

following the wizard

Select the interface you want to configure.

Select static option from the menu

Configure all the parameters

Configure all mandatory parameters (IP, Gateway, DNS and Domain). Note: If you want to add more than one DNS, you must use the character “,” to distinguish the first DNS from the second, e.g. 1.2.3.254,8.8.8.8.

Click on Submit to finish the configuration and choose when to apply it.

Establishing a connection with SGBox

This article explains how to configure the communication between collector and SGBox. It’ll be used to download collector updates and to send logs received by the local devices to SGBox.

This communication is also useful to configure NVS checks made by the collector.

Requirements:

• A collector must be deployed in your virtual infrastructure.
• The configuration of the collector network must be finished.

Configure and register collector for SGBox Multi tenant

Connect via ssh (using a program like Putty, or, virtualization console) to Collector specifying the User and Password.

Tenant configuration

Choose Tenant configuration

Configure all the parameters by entering the SGBox IP address and Tenant UID.

Click on Submit to finish the configuration.

SGBox IP address: it depends on where SGBox is located you can insert a hostname, public IP or private IP.

TenantUID: is the code that identifies the tenant. You can find it in SGMaster on section SCM > Multi tenant > Manager then select TENANTS and identify the code in column ID

Register the collector

Choose Collector

Select Register collector

Enter Key Probe for Connection: the password you have configured during tenant creation activities.

 If you can’t remember the password, you always have an option to reset it and get a new one from SGMaster on section SCM > Multi tenant > Manager and then click the “Reset” button under the Connection key column. After that follow the section on this page below to restart process.

SGBox Cloud

If your tenant is on SGBox Cloud, customers are asked to open a ticket to SGBox support via the ticket platform (https://sgboxportal.sgbox.it) by entering “collector registration for cloud tenant” in the subject of the ticket. 

External Cloud

Contact the person/company who manages SGBox for more guidance on how to obtain the key to register the collector and connect it to your tenant.

Configure a collector for SGBox Single tenant

Connect via ssh (using a program like Putty, or, virtualization console) to Collector specifying the User and Password.

Choose Tenant configuration

Configure all the parameters by entering the SGBox IP address.

Note: Configuring the TenantUID field is not necessary so you can leave it blank.

Click on Submit to finish the configuration.

Go to back to main menu and select Configuration

Select  Collector configuration editor

Change collector_legacy from 0 to 1

Click on Save to finish the configuration.

To Restart Process: 

After configured, go on System’s option:

Go on Process Handling

go on Services Management

For example if we want to restart a service we proceed to click on:

We want in this case to restart sgbox-transfer so we click on our choice

Now we click on stop service and after on start service

Configure a collector as a probe

This section explains how to configure a collector as a probe in SGBox in order to launch a Vulnerability Scan check.

Requirements:

Connect to the SGBox web interface inside the Tenant.

Go to SGBOX > SCM > Network > Probe 

Click on ➕ Add New Probe button and specify:

• Collector IP Address
• Collector Name
• Network or networks that belong to this collector

The collector is a virtual appliance based on the Linux operating system, and is responsible for performing certain tasks of SGBox, such as collecting logs from local data sources and sending them to SGBox, via HTTPS (port 443) by establishing an encrypted channel. In addition the collector offers caching capabilities if the communication between the collector and SGBox should interrupt during the sending of data from the sources. The collector is used in order to make  Network Vulnerability Scanner available (NVS kb).

Requirements:

• A collector must be deployed in your virtual infrastructure.
  • HDD 50 GB
  • RAM 4 GB
  • CPU 2 Core
  • The ports utilized by collector can be seen here Network Requirements

Notes: minimum requirements given above indicates what the appliance image will take automatically when deploying in virtualization environment, the hardware resources should be resized according to the tasks the collector will have to perform, for example, If the collector is used to run vulnerability scan you need to increase the resources: We suggest to set the minimum to 4CPU and 8GB of RAM (preferred 8CPU and 16GB of RAM).

Collector network configuration

You can configure the Collector network configuration using the cli tool present on the collector. Connect via ssh (using a program like Putty, or, virtualization console) to Collector specifying the User and Password.

Choose Network configuration

Select Configure Collector interfaces

This option allows you to configure all the parameters (IP, Gateway, DNS and Domain) by

following the wizard

Select the interface you want to configure.

Select static option from the menu

Configure all the parameters

Configure all mandatory parameters (IP, Gateway, DNS and Domain). Note: If you want to add more than one DNS, you must use the character “,” to distinguish the first DNS from the second, e.g. 1.2.3.254,8.8.8.8.

Click on Submit to finish the configuration and choose when to apply it.

Establishing a connection with SGBox

This article explains how to configure the communication between collector and SGBox. It’ll be used to download collector updates and to send logs received by the local devices to SGBox.

This communication is also useful to configure NVS checks made by the collector.

Requirements:

• A collector must be deployed in your virtual infrastructure.
• The configuration of the collector network must be finished.

Configure and register collector for SGBox Multi tenant

Connect via ssh (using a program like Putty, or, virtualization console) to Collector specifying the User and Password.

Username: sgbox
Password: sgbox

Tenant configuration

Choose Tenant configuration

Configure all the parameters by entering the SGBox IP address and Tenant UID.

Click on Submit to finish the configuration.

SGBox IP address: it depends on where SGBox is located you can insert a hostname, public IP or private IP.

TenantUID: is the code that identifies the tenant. You can find it in SGMaster on section SCM > Multi tenant > Manager then select TENANTS and identify the code in column ID

Register the collector

Choose Collector

Select Register collector

Enter Key Probe for Connection: the password you have configured during tenant creation activities.

 If you can’t remember the password, you always have an option to reset it and get a new one from SGMaster on section SCM > Multi tenant > Manager and then click the “Reset” button under the Connection key column.

Restart processes

After configured, go on Process & stats and click on Restart processes

Cloud consideration

SGBox Cloud

If your tenant is on SGBox Cloud, customers are asked to open a ticket to SGBox support via the ticket platform (https://sgboxportal.sgbox.it) by entering “collector registration for cloud tenant” in the subject of the ticket. 

External Cloud

Contact the person/company who manages SGBox for more guidance on how to obtain the key to register the collector and connect it to your tenant.

Configure a collector for SGBox Single tenant

Connect via ssh (using a program like Putty, or, virtualization console) to Collector specifying the User and Password.

Username: sgbox
Password: sgbox

Choose Tenant configuration

Configure all the parameters by entering the SGBox IP address.

Note: Configuring the TenantUID field is not necessary so you can leave it blank.

Click on Submit to finish the configuration.

Go to back to main menu and select Configuration

Select  Collector configuration editor

Change collector_legacy from 0 to 1

Click on Save to finish the configuration.

After configured, go on Process & stats and click on Restart processes

Configure a collector as a probe

This section explains how to configure a collector as a probe in SGBox in order to launch a Vulnerability Scan check.

Requirements:

• A collector must be deployed in your virtual infrastructure. (link)
• The configuration of the collector network must be finished. (link)
• Configure and register the collector (link)

Connect to the SGBox web interface inside the Tenant.

Go to SGBOX > SCM > Network > Probe 

Click on ➕ Add New Probe button and specify:

• Collector IP Address
• Collector Name
• Network or networks that belong to this collector

Click on OK to finish the configuration.