ELMA365 On-Premises > ELMA365 Enterprise > Install add-on components for ELMA365 / Install Security Audit service

Install Security Audit service

In ELMA365, you can register and analyze events related to changes in user permissions and data.

For this purpose, the Security Audit module is used, which records all events in the system, and a separate Security Audit service, whose database stores the information obtained from the module.

Installation consists of four steps:

  1. Prepare the connection string for the PostgreSQL database.
  2. Download the Helm chart and configuration file.
  3. Fill out the configuration file.
  4. Install the Audit chart using Helm in the Kubernetes cluster.

Step 1: Prepare the connection string for the PostgreSQL database

The Security Audit service uses the PostgreSQL DBMS to store data. It is assumed that the data will be stored in a separate database, which requires the installation of uuid-ossp and pg_trgm extensions. When the service is first connected, all tables necessary for the service's operation will be created in the database. The volume of disk storage is estimated by the customer independently or based on the analysis of the company's activity. Read more about the necessary PostgreSQL configuration and installation of uuid-ossp and pg_trgm extensions in the Databases section.

Determine the name of the database for the Security Audit service. The default name is audit.  

Prepare the PostgreSQL connection string for write and read operations in the format postgresql://user:password@hostname:port/databaseName?sslmode=disable, where:

  • user is the username of PostgreSQL having rights to the database databaseName;
  • password is the password for the PostgreSQL user;
  • hostname is the IP or domain name of the PostgreSQL server;
  • port is the port for connecting to PostgreSQL (the standard port is 5432;
  • databaseName is the name of the database (standard name is audit);
  • sslmode is  the use of a secure connection.

Step 2: Fill out the configuration file

For installation via the internet, obtain the configuration file values-audit.yaml by executing the command:

helm repo add elma365 https://charts.elma365.tech
helm repo update
helm show values elma365/audit > values-audit.yaml

Getting the configuration file for installation in a closed-loop environment without internet acces

Step 3: Fill out the configuration file

Fill out the configuration file values-audit.yaml for the installation of the Audit service.

For the parameter psql_url, specify the PostgreSQL connection string obtained in Step 1. This article uses a connection string to PostgreSQL deployed in the Kubernetes cluster.

## Audit settings
    psql_url: "postgresql://postgres:pgpassword@postgres.default.svc.cluster.local:5432/audit?sslmode=disable"

Filling in the connection parameters to the private registry for installation in a closed loop without internet access

Step 4: Install the Audit chart using Helm in the Kubernetes cluster

Install the audit chart in the namespace specified in Step 3 in the configuration file values-audit.yaml. The namespace will be created during installation if it was not previously created.

For internet installation:

helm upgrade --install elma365-audit elma365/audit -f values-audit.yaml -n audit --create-namespace 

For offline installation without internet access:

helm upgrade --install elma365-audit ./audit -f values-audit.yaml -n audit --create-namespace

Начало внимание

Installing the Security Audit service component does not automatically include or install the Security Audit module on the ELMA365 application side.

Read more about installing the module and working with it in Security Audit module.

Конец внимание

Delete the Audit chart using helm in the Kubernetes cluster

Начало внимание

Before removing the Security Audit component, disable the use of the Secutiry Audit module on the ELMA365 application side.

Конец внимание

To delete the elma365-audit chart in namespace audit, execute the command:

helm uninstall elma365-audit -n audit

Found a typo? Highlight the text, press ctrl + enter and notify us