FortiSIEM Installation and Configuration of AccelOps Visual Analytics

Leave a reply
Installation and Configuration of AccelOps Visual Analytics

Installation and configuration of AccelOps Visual Analytics involves setting up AccelOps Report Server, and then integrating it with Tableau Server and Desktop from Tableau Software. Topics in this section contain setup and configuration instructions for Report Server. For information on setting up and configuring Tableau Server and Desktop, see the online Tableau Software documentation.

Requirements for Visual Analytics Report Server

Setting Up Visual Analytics

Hypervisor Installations for Report Server

Syncing with the Report Server

 

Requirements for Visual Analytics Report Server

You install Visual Analytics Report Server as an AccelOps node, and these requirements assume that you have already set up and installed AccelOps. If you are working with a fresh install of AccelOps that includes Report Server, see the topics under Installation for complete requirements and installation instructions for the AccelOps Virtual Appliance.

Hardware Requirements for Report Server Nodes

Component Quantity Host

SW

 Processor Memory OS/App Storage Reports Data Storage (1 year)
Report

Server

 1 ESX 8 Core 3

GHz, 64 bit

 16 GB 200GB (80GB OS/App, 60GB

CMDB, 60GB SVN)

 See recommendations under Hardware Requirements for

Supervisor and Worker nodes

 

 

Setting Up Visual Analytics

There are three components to Accelops Visual Analytics:

  1. Accelops Report Server
  2. Tableau Server
  3. Tableau Desktop

Setting up Visual Analytics involves setting up each of those components in order, and establishing the relationship between them.

  1. You must first install Report Server as described in Installing and Registering AccelOps Report Server in VMware ESX.
  2. After installing Tableau Server on a Windows server, and installing Tableau Desktop on a Windows or Mac OS X device, you then connect the two systems as described in the Tableau Software product documentation.
  3. When this connection is established, it automatically triggers the remote registration and configuration of the AccelOps Report Server, including replication of the CMDB and EventDB data from the AccelOps Cluster to the AccelOps Report Server, as well as the user account required for access to the original databases.

Registration of the Report Server and replication of the AccelOps database data may take some time depending on the size of the original CMDB. Registration is complete when the replication process catches up with the latest data in the system. From that point on, replication from the CMDB to Accelops Report Server takes place in near real time, letting you run Visual Analytics queries against CMDB data that has been replicated to the Report Server’s phoenixdb.

You can find full information about setting up all components of AccelOps Visual Analytics in the section Installation and Configuration of

AccelOps Visual Analytics


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

This entry was posted in Administration Guides, FortiSIEM on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.