ExtraHop Integration

InsightFinder can source the metrics from ExtraHop and correlate it with other available data to generate anomalies and root causes, while also generating live predictions to prevent incidents and outages. Below is the documentation on how to install and configure the Extrahop integration with InsightFinder.

Extrahop Logo@2x

Prerequisite

Information and Items needed:

  • Extrahop server url
  • API Key for Extrahop
  • List of server IPs to be monitored
    • Optional: Device ID for servers as well, if wanting exact match with device ID and avoid issues with layers
  • Python 3.6.8 and Pip3 
  • Freetds library
  • InsightFinder Extrahop Agent

Project Creation

  1. Go to “Settings” -> “System Settings”. Click on “Add New Project”. (See Figure 1)
  2. Select “Metric Monitoring” and then “Extrahop” from the list. (See Figure 2)
  3. All the fields are pre-populated and can be left as default.
  4. Set “Project Name” to the desired project name and enter the “System Name” for the System that should host the project, and click “Finish”. (See Figure 3)
  5. Once a project is successfully created, you will be redirected to the settings page for the project, and should be good to use the project now

Agent Installation

  1. Required Dependencies:
    1. Python == 3.6.8
    2. Pip3
    3. Freetds library
  2. Install the freetds
    1. osx: brew install freetds
    2. linux: yum install freetds
  3. Download the extrahop.tar.gz from this link (link: https://github.com/insightfinder/InsightAgent/tree/master/extrahop)
  4. Copy and extract the agent package to the machine that will be running the agent
  5. Navigate to extracted location and folder, and configure venv and python dependencies
    1. ./setup/configure_python.sh
    2. The configure_python.sh script will generate a config.ini file; however, if need to create a new one, simply copy the config.ini.template file over the config.ini file to start over, or update the new generated config.ini file in ./conf.d folder

Agent Setup

  1. Requirements:
    1. Extrahop server url
    2. API Key for Extrahop
    3. List of server IPs to be monitored
      1. Optional: Device ID for servers as well, if wanting exact match with device ID and avoid issues with layers
  2. Enter the extrahop details (See Figure 4)
  3. Enter the user and project details (See Figure 5)
  4. Test the Agent:
    1. ./setup/test_agent.sh
  5. Once the setup is complete, run the agent using th command:
    1. nohup venv/bin/python3 cron.py &

 

More Information about the agent and setup can be found at https://github.com/insightfinder/InsightAgent/tree/master/extrahop

Figures

Click on an image to expand.