CySight Linux Installation Script

Comprehensive user manual for CySight Ai-Driven Network and Endpoint Detection and Response (NDR, EDR) Forensics and Application Performance Monitoring (APM)

CySight Linux Installation Script

Image

CySight Installation Instructions
For RedHat, AlmaLinux, Rocky, CentOS Stream, and Oracle Linux (7/8/9)

🛠️ Step-by-Step Installation:

1. 📦 Download Installer & MD5 Checksum:
https://cysight.ai/go/ty-download/

2. Create a dedicated install directory:

Code: Select all

mkdir 2.5.1.6 && cd 2.5.1.6
3. Extract the installer tarball:

Code: Select all

tar xvf CySight-v2.5.1.6-x86_64.tar
This will extract:
  • Release_notes.txt
  • Version.txt
  • digitoll_setup.tar
  • digitoll_setup_be.tar
  • digitoll_setup_fe.tar
  • digitoll_setup_java.tar
  • digitoll_setup_mysql.tar
  • digitoll_setup_nf7.tar
  • digitoll_setup_tomcat.tar
  • install.sh
  • check_env.sh
4. Run the installer:

Code: Select all

./install.sh
Follow the on-screen prompts. After installation:
  • Logout and log back in to finalize environment updates.
  • Open a browser and navigate to:

    Code: Select all

    https://<your-server-ip>:8443
  • Default login credentials: admin / admin
---

📋 System Prerequisites:
CySight includes all core service RPMs (MySQL, Java, Tomcat, backend engines), but your OS must have several system packages installed.

✅ Required System Components – Summary

These packages are checked and installed by check_env.sh to ensure the system is compatible with CySight — especially on minimal or hardened OS builds.
  • firewalld, iptables-nft, nftables
    Used to open necessary ports (e.g., UDP 2055, 6343) during setup.
    CySight does not manage firewalld directly, but check_env.sh ensures it is installed and enabled to allow flow traffic.
  • policycoreutils, policycoreutils-python-utils
    Required for managing SELinux modes and boolean flags (e.g., allowing MySQL services to run).
    Helps maintain secure SELinux enforcement while allowing CySight components to operate normally.
  • libaio, libaio-devel
    Libraries required by MySQL to support high-performance asynchronous I/O.
    Necessary for compatibility on hardened or minimal systems where these may be missing.
  • python3-firewall, python3-gobject, python3-gobject-base
    These support firewalld’s CLI tools on systems that rely on Python/DBus backends — even though CySight does not interact with DBus directly.
    Included to prevent CLI command failures on minimal systems where these are missing.
  • cairo, python3-cairo, glib2, gobject-introspection
    Transitive dependencies required by firewalld's Python utilities.
    Needed to ensure compatibility with `firewall-cmd` and other system tools during the environment check.
  • telnet
    Used by check_env.sh to confirm that flow sources can reach the server.
    Helps validate inbound network paths during installation.
  • perl and related modules
    Some legacy system utilities, logging tools, or pre-check scripts rely on Perl.
    Included to improve compatibility across varied EL9 minimal install profiles.
If your system is connected to the internet, these packages will be installed automatically using system repositories.
Note: In air-gapped environments, these packages must be pre-installed or made available via local repositories or RPMs.

---

⚠️ Java and MySQL Conflict Detection:
  • Existing Java or MySQL packages will be listed if detected.
  • No automatic removal is performed for safety reasons.
  • In interactive mode, you’ll be prompted to review and manually uninstall if needed.
  • Non-interactive shells will log a warning and continue installation.
---

🔑 Post-Install Configuration:
  • Apply your license key (emailed upon registration).
  • Refresh the browser UI to activate features.
  • Start sending NetFlow/IPFIX or enable cloud-based log ingestion.
  • Monitor live dashboards as data flows in.
❓ Need Help?
Reach out to the CySight team at: [email protected]

---

📄 License & Support Documentation: