Versions Compared

Old Version 3

changes.mady.by.user Kostas Stamos

Saved on

compared with

New Version 4

changes.mady.by.user Kostas Stamos

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

By inserting this entry to the users table, you will be able to login as ADMIN with the following credentials (this account can be later deleted from the WiFiMon GUI; however, an ADMIN account should always be present in order to access the GUI and manage the WiFiMon Users, Access Points and Subnets):

Email: admin@test.com

Password: admin1

We suggest that you change your password from the WiFiMon GUI when the installation is complete (Section 5).

...

sudo apt update
sudo apt install apt-transport-https ca-certificates wget dirmngr gnupg software-properties-common
wget -qO - https://adoptopenjdk.jfrog.io/adoptopenjdk/api/gpg/key/public | sudo apt-key add -
sudo add-apt-repository --yes https://adoptopenjdk.jfrog.io/adoptopenjdk/deb/
sudo apt update
sudo apt install adoptopenjdk-8-hotspot

...

In the configuration file of Elasticsearch (/etc/elasticsearch/elasticsearch.yml), insert/change the following lines. Note that, bold parts must be adjusted to your particular configuration. In the following, we configure Elasticsearch to be accessible from the outside of the WiFiMon Analysis Station

cluster.name: elasticsearch
node.name: ${HOSTNAME}
node.master: true
node.voting_only: false
node.data: true
node.ingest: true
node.ml: false
cluster.remote.connect: false
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: INSERT the Fully Qualified Domain Name (WAS_FQDN) to which the server listens
discovery.seed_hosts: [“INSERT the WAS_FQDN to which the server listens”]
cluster.initial_master_nodes: INSERT the HOSTNAME (not WAS_FQDN) of the server
xpack.ml.enabled: false
xpack.security.enabled: false

You may start the Elasticsearch cluster with: service elasticsearch restart

...

After the installation some configurations are required. Open the Kibana configuration file (/etc/kibana/kibana.yml) and make the following changes in the corresponding sections/fields of the configuration file. Note that, bold parts must be adjusted to your particular configuration.

server.port: 5601
server.host: “INSERT the Fully Qualified Domain Name (WAS_FQDN) to which the server listens
server.name: “wifimon-kibana”
elasticsearch.hosts: [“http://WAS_FQDN:9200”]
server.ssl.enabled: false

You may start Kibana with: service kibana restart

...

Insert the red lines as below:

<li th:class="${classActiveSettingsSubnets}" class="dropdown"><a class="dropdown-toggle" data-toggle="dropdown" href="#">Subnets<span class="caret"></span></a>

<ul class="dropdown-menu">

<li><a href="#" th:href="@{/secure/Subnets/147_102_13_0_24}">147.102.13.0/24</a></li>

<li><a href="#" th:href="@{/secure/Subnets/a_b_c_d_xx}">a.b.c.d/xx</a></li>

</ul></li>

Copy the template file /usr/lib/wifimon/subnets/elasticsearchSubnets_a_b_c_d_xx.html to /agent/wifimon-ui/src/main/resources/templates/secure/ and substitute a, b, c, d, xx according to the details of the monitored subnet. Inside this file, you should also substitute a, b, c, d, xx according to your setup. In the following, we provide the head of elasticsearchSubnets_147_102_13_0_24 that corresponds to the monitored subnet 147.102.13.0/24:

<head>

<title>Subnets 147.102.13.0/24</title>

<meta name="viewport" content="width=device-width, initial-scale=1"/>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<script src="//code.jquery.com/jquery-1.12.0.min.js"></

script>

script>

<link rel="stylesheet" href="//netdna.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.css"/>

<link href="../../static/css/styling.css" rel="stylesheet" />

<script src="//netdna.bootstrapcdn.com/bootstrap/3.0.0/js/bootstrap.min.js"></

script>

script>

</head>

In /usr/lib/wifimon/subnets, you are given a template MeasurementsController_subnets.txt. You have to include this code extract in /agent/wifimon-ui/src/main/java/net/geant/wifimon/agent/controller/MeasurementsController.java and (a) change a, b, c, d and xx according to your setup and (b) enter the link from the Kibana Dashboard where it is requested.

@RequestMapping(value = "/secure/Subnets/a_b_c_d_xx")

public String elasticsearchSubnets_a_b_c_d_xx(Model model, HttpSession session, HttpServletRequest request) {

UrlParameters urlParameters = createUrlParameters(request);

String elasticsearchURL;

elasticsearchURL = environment.getProperty(KIBANA_PROTOCOL) + "://" + environment.getProperty(SERVER_HOST_NAME) + ":" + environment.getProperty(KIBANA_PORT) +

"ENTER_KIBANA_VISUALIZATION_LINK_HERE";

model.addAttribute("classActiveSettingsSubnets", "active");

model.addAttribute("elasticsearchURL", elasticsearchURL);

return "secure/elasticsearchSubnets_a_b_c_d_xx";

}


Anchor
configure_probes
configure_probes
8. Configuring New Entries in the HW Probes Tab

...

Insert the red lines as below:

<li th:class="${classActiveSettingsHWProbes}" class="dropdown"><a class="dropdown-toggle" data-toggle="dropdown" href="#">HWProbes<span class="caret"></span></a>

<ul class="dropdown-menu">

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe1}">HWProbe1</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe2}">HWProbe2</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe3}">HWProbe3</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe4}">HWProbe4</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe5}">HWProbe5</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe6}">HWProbe6</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe7}">HWProbe7</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe8}">HWProbe8</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe9}">HWProbe9</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe10}">HWProbe10</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbex}">HWProbex</a></li>

</ul>

</li>

Copy the template file /usr/lib/wifimon/probes/elasticsearchHWProbesx.html to /agent/wifimon-ui/src/main/resources/templates/secure/ and substitute x according to your setup. Inside this file, you should also substitute x according to your setup. In the following, we provide the head of elasticsearchHWProbes10 that corresponds to the HW Probe with testtool number 10:

<head>

<title>Metrics for HW Probe 10</title>

<meta name="viewport" content="width=device-width, initial-scale=1"/>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<script src="//code.jquery.com/jquery-1.12.0.min.js"></

script>

script>

<link rel="stylesheet" href="//netdna.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.css"/>

<link href="../../static/css/styling.css" rel="stylesheet" />

<script src="//netdna.bootstrapcdn.com/bootstrap/3.0.0/js/bootstrap.min.js"></

script>

script>

</head>

In /usr/lib/wifimon/probes, you are given a template MeasurementsController_probes.txt. You have to include this code extract in /agent/wifimon-ui/src/main/java/net/geant/wifimon/agent/controller/MeasurementsController.java and (a) change x according to your setup and (b) enter the link from the Kibana Dashboard where it is requested.

@RequestMapping(value = "/secure/HWProbes/HWProbex")

public String elasticsearchHWProbe1(Model model, HttpSession session, HttpServletRequest request) {

UrlParameters urlParameters = createUrlParameters(request);

String elasticsearchURL;

elasticsearchURL = environment.getProperty(KIBANA_PROTOCOL) + "://" + environment.getProperty(SERVER_HOST_NAME) + ":" + environment.getProperty(KIBANA_PORT) +

"INSERT_KIBANA_DASHBOARD_LINK_HERE";

model.addAttribute("classActiveSettingsHWProbes", "active");

model.addAttribute("elasticsearchURL", elasticsearchURL);

return "secure/elasticsearchHWProbesx";

}


Anchor
subnet_dashboard
subnet_dashboard
9. Creating a New Dashboard for a Subnet

...

Next, we will insert generated certificates/keys in the Apache configuration files. Edit file /etc/apache2/sites-available/default-ssl.conf and change the following lines:

SSLCertificateFile /etc/letsencrypt/live/WAS_FQDN/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/WAS_FQDN/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/WAS_FQDN/chain.pem

Apply changes and enable SSL:

...

In /usr/lib/wifimon/config/secure-processor.properties, make the following changes:

server.port=8443
server.ssl.key-store=./keystore/wifimon.jks
server.ssl.key-store-password=[PASSWORD_keystore]
server.ssl.key-password=[PASSWORD_key]

In /usr/lib/wifimon/config/ui.properties, make the following changes:

server.ssl.key-store=./keystore/wifimon.jks
server.ssl.key-store-password=[PASSWORD_keystore]
server.ssl.key-password=[PASSWORD_key]
kibana.protocol=https

Furthermore, change the following parameters of the file /etc/kibana/kibana.yml:

server.ssl.enabled: true
server.ssl.certificate: /usr/lib/wifimon/keystore/cert.pem
server.ssl.key: /usr/lib/wifimon/keystore/privkey.pem

Moreover, in your WiFiMon Test Server, change the agentPort from 9000 to 8443 in every testtool HTML page as well as http to https. Moreover, do not forget to change http to https in /var/www/html/wifimon/js/nettest/nettest-swfobject.js.

...

In /etc/elasticsearch/elasticsearch.yml add the following and restart the Εlasticsearch cluster:

xpack.security.enabled: true   (you have previously set this value to false)
xpack.security.http.ssl.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: full
xpack.security.http.ssl.key: /etc/elasticsearch/certs/elasticsearch.key
xpack.security.http.ssl.certificate: /etc/elasticsearch/certs/elasticsearch.crt
xpack.security.http.ssl.certificate_authorities: /etc/elasticsearch/certs/ca.crt
xpack.security.transport.ssl.key: /etc/elasticsearch/certs/elasticsearch.key
xpack.security.transport.ssl.certificate: /etc/elasticsearch/certs/elasticsearch.crt
xpack.security.transport.ssl.certificate_authorities: /etc/elasticsearch/certs/ca.crt

Generate passwords for the built-in users. Note the passwords as they are not provided again. Inside directory /usr/share/elasticsearch/bin/, use the following command:

./elasticsearch-setup-passwords auto -u "https://WAS_FQDN:9200"

Configure Kibana keystore using the following command:

...

In /etc/kibana/kibana.yml, add the following and restart Kibana:

elasticsearch.hosts: [“https://WAS_FQDN:9200”]
elasticsearch.ssl.certificateAuthorities: [ “/etc/kibana/certs/ca.crt” ]
elasticsearch.ssl.verificationMode: full

Make sure that certificates and keys in /etc/elasticsearch/certs/, /etc/kibana/certs/ and /usr/lib/wifimon/keystore/ are accessible by both Εlasticsearch and Kibana.

...

Edit /usr/lib/wifimon/config/secure-processor.properties and add the following lines:

xpack.security.enabled=true
ssl.certificate.type=keystore
ssl.http.user.username=elastic
ssl.http.user.password=[elastic built-in user password]
ssl.http.keystore.filepath=/usr/lib/wifimon/keystore/keystore.jks
ssl.http.keystore.password=[keystore.jks password]
ssl.http.truststore.filepath=/usr/lib/wifimon/keystore/truststore.jks
ssl.http.truststore.password=[truststore password]
ssl.http.key.password=[elasticsearch.key password]


Anchor
links
links
13. Links to Installed Software

...

Credentials to login as ADMIN (see paragraph 1.1):

Email: admin@test.com

Password: admin1


Once you login, you will be able to see the following tabs at the top of the WiFiMon GUI:

...