This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Preparing the Environment

The following sub-sections explain how to install each of Teradata Data Warehouse Protector components, Log Forwarder, and the RPAgent individually. Installing components one by one ensures proper configuration and functionality.

1 - Extracting the Installation Package

Extract the installation package to access the scripts required to install the components and the protector.

To extract the files from the installation package:

  1. Login to the database server as the user with the required permissions.

  2. Navigate to the directory where the installation package is downloaded.
    For example, /opt/protegrity/.

  3. To extract the contents of the installation package, run the following command:

    tar -xvf DatabaseProtector_SLES-ALL-64_x86-64_Teradata-ALL-64_<DBP_version>.tgz

  4. Press ENTER.
    The commands extracts the signature files from the package.

    DatabaseProtector_SLES-ALL-64_x86-64_Teradata-ALL-64_<DBP_version>.tgz
signatures/DatabaseProtector_SLES-ALL-64_x86-64_Teradata-ALL-64_<DBP_version>.sig

    Note: For more information about the steps to verify the signed Teradata Data Warehouse protector build, refer to Verification of Signed Protector Build.

  5. To extract the contents of the installation package, run the following command:

    tar -xvf DatabaseProtector_SLES-ALL-64_x86-64_Teradata-ALL-64_<DBP_version>.tgz

  6. Press ENTER.
    The commands extracts the following files:

    LogforwarderSetup_Linux_x64_<DBP_version>.sh
RPAgentSetup_Linux_x64_<DBP_version>.sh
PepTeradataSetup_Linux_x64_<DBP_version>.sh
PepTeradata_UDTSetup_Linux_x64_<DBP_version>.sh
U.S.Patent.No.6,321,201.Legend.txt

2 - Installing the Log Forwarder

  1. Log in to the server as the user with the required permissions.

  2. Navigate to the directory where the installation files are extracted.

    For example, /opt/protegrity/.

  3. To install the Log Forwarder, run the following command:

    ./LogforwarderSetup_Linux_x64_<DBP_version>.sh

  4. Press ENTER. The prompt to enter the audit store endpoint appears.

    Enter the audit store endpoint (host), alternative (host:port) to use another port than the default port 9200 :

  5. Enter the IP address of the audit store.

  6. Press ENTER. The prompt to enter additional endpoint appears.

    Audit store endpoints: <Audit_store_IP_address>:9200
Do you want to add another audit store endpoint? [y/n]:

  7. To skip adding additional endpoints, type no.

  8. Press ENTER. The prompt to continue the installation appears.

    These audit store endpoints will be added:
<Audit_store_IP_address>:9200

Type 'y' to accept or 'n' to abort installation:

  9. To continue the installation, type yes.

  10. Press ENTER. The script extracts the files and installs the Log Forwarder.

    Unpacking...
Extracting files...
Protegrity Log Forwarder installed in /opt/protegrity/logforwarder.

  11. Navigate to the /opt/protegrity/logforwarder/bin/ directory.

  12. To start the Log Forwarder, run the following command:

    ./logforwarderctrl start

  13. Press ENTER.
    The command starts the Log Forwarder.

    [ info] switching to background mode (PID=8329)
Logforwarder started, PID (<process_ID>) written to PID file /opt/protegrity/logforwarder/
bin/fluent-bit.pid

3 - Installing the Resilient Package Agent

The Resilient Package (RP) Agent downloads the certificates. These certificates are further used to authenticate the login credentials, public or private keys, and certify the code reliability.

To install the RPAgent:

  1. Log in to the server as the user with the required permissions.

  2. Navigate to the directory where the installation files are extracted. For example, /opt/protegrity/.

  3. To install the RP Agent, run the following command:

    ./RPAgentSetup_Linux_x64_<DBP_version>.sh

  4. Press ENTER.
    The prompt to enter the host name or the IP address of the ESA appears.

    Please Enter ESA host name or IP address []:

  5. Enter the IP address of the ESA.

    Note: Failure to specify an IP address will abort the installation process.

  6. Press ENTER.
    The prompt to enter the username for downloading the certificate appears.

    Please enter the user name for downloading certificates[]:

  7. Enter the username to download the certificates.

  8. Press ENTER.
    The prompt to enter the password for downloading the certificate appears.

    Please enter the password for downloading certificates []:

  9. Enter the password to download the certificates.

  10. Press ENTER.
    The installer extracts the files and downloads the certificates.

    Unpacking...
Extracting files...
Obtaining token from x.x.x.x:25400...
Downloading certificates from x.x.x.x:25400...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 8704 100 8704 0 0 209k 0 --:--:-- --:--:-- --:--:-- 212k
Extracting certificates...
Certificates successfully downloaded and stored in /opt/protegrity/rpagent/data
Protegrity RPAgent installed in /opt/protegrity/rpagent.

    Note: If the JWT token is not specified while downloading the certificates, the RPAgent automatically retrieves the token from ESA.

  11. Navigate to the /opt/protegrity/rpagent/bin/ directory.

  12. To start the RPAgent, run the following command:

    ./rpagentctrl start

  13. Press ENTER.
    The command starts the RPAgent successfully and a confirmation message appears.

    Starting rpagent

  14. To verify the status of the RPAgent, run the following command:

    ./rpagentctrl status

  15. Press ENTER.
    The status of the RPAgent service appears.

    rpagent is running (pid=<process_ID>)