| Home Prev |  Cloud Services Getting Started Guide (2024-03-26)
|
Next |
|---|
This chapter outlines the steps to configure Log Analytics in Clavister Cloud Services for detailed network monitoring and analysis.
Requirements
Clavister NetWall or NetShield with active subscription
Procedure
Log Into Your Cloud Services Instance
Access your account by logging into the Clavister Cloud Services platform.
Navigate to Add-ons
Once logged in, find and click on the "Add-ons" section from the menu options.
Select Log Ingestion
Within the Add-ons section, look for and click on "Log Ingestion" to begin setting up your analytics.
Activate Through Configuration Wizard
Follow the instructions provided by the configuration wizard to activate log ingestion.
Copy the Generated Secret
During the setup process, a secret key (also known as Pre-Shared-Key) will be generated. Ensure you copy and securely store this secret as it will be necessary for configuring your NetWall.
Wait for Activation or Return Later
After completing the activation steps, you have two options:
Wait for the Activation to Conclude
If you opt to wait, stay on the deployment screen until the activation process is fully completed. This approach not only confirms that you can move forward with configuring your NetWall but also ensures you receive the configuration script. This script significantly simplifies the setup by automating the integration process, eliminating the need for manual configuration.
It's important to note that this script is only available at the end of the deployment process and will not be offered if you navigate away and return to the page after deployment has finished.
Come back later
If you don't want to wait for activation, you can exit and go back to the Log Ingestion page any time you want. When you return, you can get the extra connection details needed to set up your NetWall.
![[Note]](images/note.png) |
Note: Drawback of leaving |
|---|---|
|
If you leave the page, you won't get the automatic setup script that makes things easier. This script is only given out right after activation finishes, so you'll have to set up your NetWall by hand. |
Configure Your NetWall
With the generated secret and connection information in hand, proceed to configure your NetWall. This can be done in two ways:
Manually
Enter the connection details into your NetWall configuration manually.
Using the Provided Script
If you stayed on the deployment screen until the deployment finished, a script would be offered. This script automates the configuration process, simplifying the integration of your NetWall with the log ingestion service.
Optional: Details About the Provided Script
The provided script performs the following operations in the cOS Core once loaded and activated.Creates a folder in the address book
Creates three objects in the address folder:
An FQDN object for the Remote Endpoint address of the IPsec tunnel. This object will be used by the IPSec tunnel to find the server to connect to.
A single host IP address for the Local Network of the IPsec tunnel. This IP address will also be used by the Log Receiver as the source IP when generating logs.
A single host IP address for the Remote Network of the IPsec tunnel. This IP address will also be used by the Log Receiver as the target IP to send generated logs to, see further down.
Creates a key-ring entry for the generated secret (Pre-Shared-Key).
Creates a new routing table.
Creates an IPsec tunnel that uses the above created objects and make the IPsec tunnel a member of the newly created routing table (for traffic inside the tunnel).
Creates a Log Receiver configured to send logs to Clavister Cloud Services using the IPsec tunnel. The logs will be sent to the IP address defined as the Remote Network prevously. The newly created routing table will be used.
|
Note: Using a different routing table. |
|---|---|
|
To make sure that NetWall uses the newly created IPsec tunnel and to avoid potential conflicts with any existing configuration objects and routes, a new routing table is created and used in the script. |
