/
Sealights Collector - Setup

Sealights Collector - Setup

Downloading and Installing the Collector

Following are the pre-requisites for Https Collector:

  1. TLS settings should be enabled.

  2. The server should be accessible by Fully Qualified Domain Name (FQDN).

  3. TLS certificate for FQDN of the server where the collector is installed must be provided in config.yaml (See below)

Download the Sealights Collector Image

The Sealights Collector can be found at the following DockerHub link: https://hub.docker.com/r/sealights/on-prem-collector

docker pull sealights/on-prem-collector

Create your own Collector Image

  1. Download the Collector Binaries and Unzip :

    wget -nv https://agents.sealights.co/collector/0.42.0/collector.zip unzip -oq collector.zip #curl tool can also be used #curl -L "https://agents.sealights.co/collector/0.42.0/collector.zip" --output collector.zip

If you have a limitation accessing the endpoint agents.sealights.co and are limited to your specific server DNS, then you can also get the agent from https://{company}.sealights.co/collector/{version}/collector.zip
Replace {company} with your company DNS prefix and {version} with the specific version you want to use.

  1. Create a Dockerfile:

    FROM alpine:latest WORKDIR /collector COPY collector collector CMD ["./collector","serve"]
  2. Build the Image :

    docker build -t sealights/on-prem-collector .

Setting up the HTTPS Collector

The following is a sample configuration that can be used to run the HTTPS Collector using Docker:

  1. Create a file called config.yaml with the following content

tls: enabled: true certFile: "/collector/<certFileName>" keyFile: "/collector/<certKeyFileName>" collectors: - name: collector type: http properties: port: 16500 serverUrl: https://<customerId>.sealights.co proxyUrl: <httpsProxyUrl> logLevel: debug insecureSkipVerify: true target: name: http type: http properties: token: <sealightsAgentToken> serverUrl: https://<customerId>.sealights.co/api proxyUrl: <httpsProxyUrl> logLevel: debug insecureSkipVerify: true
  1. Run the Collector using Docker:

docker run -it --rm -v $(pwd)/config.yaml:/collector/config.yaml -v $(pwd)/<certFileName>:/collector/<certFileName> -v $(pwd)/<certKeyFileName>:/collector/<certKeyFileName> -p 80:80 -p 8080:8080 -p 16500:16500 sealights/on-prem-collector:latest
  • Open https://<ServerFQDN>:16500 in your browser and if everything worked as expected you should be redirected to your Sealights Dashboard.

  • You should see the Collector entry in the Cockpit > Live Agents Monitor

Enabling Proxy functionality (Optional)

When the collector needs to serve other agents' functionalities like config and scan commands (besides coverage collection), you must enable its proxy service according to the additional settings below.
Please notice the port must be different from the collector service. For example below, port 16501 for proxy versus port 16500 for collector.

tls: [...] collectors: [...] proxy: port: 16501 logLevel: info

 

Configuration File Reference

# Collector Configuration collector: # Required Configurations # 1. serverUrl: The URL of Sealights Backend. (e.g. https://your-name.sealights.co) # Environment Variables: SL_SERVER serverUrl: <Server Host> # 2. token: The Sealights Authentication token. # Environment Variables: SL_TOKEN token: <Token> # Optional Configurations # 3. host: The host name of the collector. Default is 0.0.0.0 # Environment Variables: SL_HOST host: "0.0.0.0" # 4. port: The port number of the collector. Default is 16500 # Environment Variables: SL_PORT port: 16500 # 5. proxyUrl: The URL of the proxy server (for both http and https). Default is empty # Environment Variables: SL_PROXY proxyUrl: "" # 6. prefix: The prefix of the collector path. Default is empty # Environment Variables: SL_PREFIX prefix: "" # 7. logLevel: The log level of the collector. Default is info, # Available options: debug, info, warn, error # Environment Variables: SL_LOG_LEVEL logLevel: info # 8. InsecureSkipVerify: Skip SSL certificate verification. Default is false # Environment Variables: SL_INSECURE insecureSkipVerify: true # 9. enableNYCCollector: Enable the NYC collector. Default is false # Environment Variables: SL_NYC_COLLECTOR enableNYCCollector: false # 10. nycCollectorUploadInterval: The interval in seconds to upload the NYC data. Default is 60 # Environment Variables: SL_NYC_COLLECTOR_UPLOAD_INTERVAL nycCollectorUploadInterval: 5 # 11. disableTokenValidation: Disable the auth token validation. Default is false # Environment Variables: SL_DISABLE_TOKEN_VALIDATION disableTokenValidation: false # TLS Configuration tls: # 1. enable: Enable the TLS configuration. Default is false # Environment Variables: SL_TLS_ENABLE enabled: false # Note: If the TLS is enabled, the following configurations are required. # 2. cert: the cert data. Default is empty # Environment Variables: SL_TLS_CERT cert: "" # 3. or, certFile: the cert file path. Default is empty # Environment Variables: SL_TLS_CERT_FILE certFile: "" # 4. key: the key data. Default is empty # Environment Variables: SL_TLS_KEY key: "" # 5. or, keyFile: the key file path. Default is empty # Environment Variables: SL_TLS_KEY_FILE keyFile: "" # 6. ca: the ca data. Default is empty # Environment Variables: SL_TLS_CA_CERT caCert: "" # 7. or, caCertFile: the ca file path. Default is empty # Environment Variables: SL_TLS_CA_CERT_FILE caCertFile: "" # 8. p12File: the p12 file. Default is empty # Environment Variables: SL_TLS_P12_FILE p12File: "" # 9. p12Password: the p12 password. Default is empty # Environment Variables: SL_TLS_P12_PASSWORD p12Password: "" # Web Interface Configuration web: # 1. disable: Disable the web interface. Default is false disable: false # 2. maxCalls: The maximum number of calls to store in the memory. Default is 1000 maxCalls: 0 # 3. maxCallSize: The maximum size of the call to store in the memory. Default is 200000 maxCallSize: -1 #4. web prefix: The prefix of the web interface. Default is empty prefix: "" # Proxy Configuration (Optional) proxy: # 1. host: The host name of the proxy server. Default is empty # Environment Variables: SL_PROXY_HOST host: "" # 2. port: The port number of the proxy server. Default is 8080 # Environment Variables: SL_PROXY_PORT port: 16501 # 3. logLevel: The log level of the proxy server. Default is info # Available options: debug, info, warn, error # Environment Variables: SL_PROXY_LOG_LEVEL logLevel: info # 4. prefix: The prefix of the proxy server path. Default is empty # Environment Variables: SL_PROXY_PREFIX prefix: ""

 

Related content