The Panopta OnSight AMI allows you to deploy and run an OnSight from an AWS instance. The following sections list the resource requirements and deployment steps.
1. Log in to your AWS account and switch to the EC2 console by selecting EC2 from the splash screen or from under the Services navigation menu.
2. Switch to the AWS Marketplace by clicking Launch Instance, and then selecting the AWS Marketplace tab.
3. Search for Panopta then select Panopta OnSight for AWS.
4. Review and accept the subscription terms. The configuration page will open.
5. Click Continue to Launch. The following page will allow you to review your configuration and choose how you wish to launch the software.
6. Select your instance size - a t3.medium is sufficient to start out.
As your monitoring expands, we recommend 1 core + 1 GB Ram per 1,000 checks.
7. Under Security Group Setttings, click Create New Based on Seller Settings.
The only ports that need to be open are SSH, HTTPS and port 8443/TCP.
This IP range should be limited to only clients where you will be SSHing to the OnSight from, such as a Jump Server.
Custom TCP Rule
This IP range should be limited to the other servers that will be using the OnSight to proxy agent data through (if any).
8. Select your key pair from the dropdown, launch the instance, and then wait for it to boot.
Once booted, you can SSH into the appliance via the user ubuntu and get the appliance key from the MOTD as shown below.
If your appliance shows no OnSight Key or lists it as Unknown, you may need to log out and log back in to generate the key. This only occurs on the first login.
9. Once you have the appliance key, log in to Panopta.
10. Click Add.
11. Click OnSight vCollector.
12. From the OnSight installation page, select AWS.
13. Enter the OnSight key then click Sync. The OnSight will begin syncing immediately after deployment.