Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Tip

Step - by - step guide on how to Install Insights Enterprise - Business logicAdvanced Features - Audit related features 


Ensure that the
Expand
titleStep1: INSIGHTS_HOME environment variable
Prerequisite
  • Environment variable INSIGHTS_HOME
environment variable is set. If not, set it using the following commands(for Linux)
Code Block
languagebash
themeConfluence
export INSIGHTS_HOME=/usr/INSIGHTS_HOME
Warning

change the directory accordingly

or

Code Block
languagebash
themeConfluence
vi /etc/environment

Add the line: 

Div

INSIGHTS_HOME=/usr/INSIGHTS_HOME

Warning

change the directory accordingly

Save the file  and run the command:

Code Block
languagebash
themeConfluence
source /etc/environment
Expand
titleStep2: Configuration
Copy the blockchainConfig.json from PlatformAuditing/src/main/resources/  into
  • and server-config.json. 
    • Windows: Server 2 - SetEnvVariables.bat
    • Linux: insights_first.sh
  • Java
  • Apache-Tomcat

Refer here for installation steps if required.

Assumption:

FABRIC_HOME will be used to refer to the directory where all the network related files are extracted


Expand
titleStep1: Configuration

Create the file  blockchainConfig.json in $INSIGHTS_HOME/.InSights/ and make the necessary changes.

SampleblockchainConfig.json

  • "cogdevops" is a sample domain name used in the configuration which has to be replaced with the actual domain name
  • The CA, peer, and user should be from the same org
  • The Eventhub is not available as a separate container but obtained by using the peer instance and so it can use the peer url
  • The user private key (ends with "_sk") can be found in FABRIC_HOME/ledger/ca/msp/keystore
  • The public key (pem) can be found in FABRIC_HOME/ledger/ca/msp/signcerts
  • Copy the user private key (ends with "_sk") and public key (pem) into any suitable directory

    (when moving between different machines/servers ensure these files are not corrupted)

    and provide their path

    Info

    SFTP should be used to move the private key and public key files between different machines as FTP corrupts them.

    Reference: click here


  • The USER_SER_PATH is a path for storing the serialized format of the user context which is generated from the user private key (ends with "_sk") and public key (pem)
  • If TLS_ENABLED is false, then the values for the corresponding TLS files USER_CA_TLSCERT, PEER_ORG_TLSPEM, PEER_CLIENT_TLSCERT, PEER_CLIENT_TLSKEY, and ORDERER_TLS_PEM can be empty ("N/A").
  • All TLS files can be located in the corresponding path as specified in the sample blockchainConfig.json
  • Place the datamodel.json and Process.json files in any directory suitable and provide the path in blockchainConfig.json



Download the PlatformAuditEngine jar from (Nexus link here
Expand
titleStep3Step2: Run PlatformAuditEngine
  • Set flag as true for AuditEngine in "server-config.json" as mentioned below:


Info

"enableAuditEngine" : true

}


          (The above link is nexus enterprise repository which is restricted with user credentials. Use authorized credentials or contact DevOpsPlatformSupport@cognizant.com )

  • Run the downloaded jar using the command:
Code Block
languagebash
themeConfluence
java -jar PlatformAuditEngine-0PlatformEngine-<version>.jar

Example: java -jar PlatformEngine-6.1.jar

  • If you want to run the jar as a background service instead, use the below command:
Code Block
languagebash
themeConfluence
nohup java -jar PlatformEngine-<version>.jar PlatformAuditEngine-0&

Example: nohup java -jar PlatformEngine-6.1.jar

&

&

  • To specify the interval at which data is read from neo4j, the time interval in seconds can be specified as arguments. First argument is to read data from all tools except ALM and second argument is to read data from ALM.

Example: nohup java -jar PlatformEngine-<version>.jar & 400 350

  • The logs will be available at $INSIGHTS_HOME/logs/PlatformAuditEnginePlatformEngine
Note
titleNote

The server running PlatformAuditEngine must have the blockchainConfig.json file with the dependency files (datamodel.json, Process.json, private and public keys) in appropriate locations



Expand
titleStep4Step3: Run PlatformAuditService

           Example: https://infra.cogdevops.com/repository/InsightsEnterpriseRelease/com/cognizant/devops/PlatformService/6.1/PlatformService-6.1.war

          (The above link is nexus enterprise repository which is restricted with user credentials. Use authorized credentials or contact DevOpsPlatformSupport@cognizant.com )

Info

PlatformService Enterprise has PlatformAuditService bundled inside the PlarformService war

  • Create a folder named Audit-report under $INSIGHTS_HOME/.Insights/ and provide write privilege. This is required for placing the uploaded files.
  • Provide the Mail server configuration in server-config.json file present in $INSIGHTS_HOME/.InSights/ as below.

    "emailConfiguration": 
    {
             "smtpHostServer": "",
             "smtpPort": "",
             "smtpUserName": "",
             "smtpPassword": "",
             "mailFrom": ""
    }

  • Make sure Reports folder is generated by default in  ${INSIGHTS_HOME}/logs/PlatformAuditService/ . If not create a folder named Reports under PlatformAuditService and provide write access to collect log for each report
  • Copy folders keystore, sign and static available under from Insights/PlatformAuditService/src/main/resources/ into  (cloned in the first step) into $INSIGHTS_HOME/.InSights/ Pdf/Download
  • Move the PlatformService war from (Nexus link here)Move the war into webapps directory of apache-tomcat and restart tomcat
    • Use the following commands inside the apache-tomcat directory to restart
    • ./bin/shutdown.sh
    • ./bin/startup.sh
Note
titleNote

The server running Apache Tomcat must have the blockchainConfig.json file with the dependency files (datamodel.json, Process.json, private and public keys) in appropriate locations



...