Installing Arkime
Download the Arkime installation scripts from here
Copy the tar to the Arkime server and extract using the below command
aviz@npbsrv01:~/OPB_Arkime$ tar -zxvf OPB_Analyzer.tar.gz
OPB_Analyzer/
OPB_Analyzer/stop.sh
OPB_Analyzer/elasticsearch.tar
OPB_Analyzer/start.sh
OPB_Analyzer/arkime.tar
aviz@npbsrv01:~/OPB_Arkime$ Move to the extracted folder
aviz@npbsrv01:~/OPB_Arkime$ cd OPB_Analyzer/
aviz@npbsrv01:~/OPB_Arkime/OPB_Analyzer$ ls -l
total 1208660
-rw------- 1 aviz aviz 620387328 Dec 23 04:15 arkime.tar
-rw------- 1 aviz aviz 617262080 Dec 23 04:16 elasticsearch.tar
-rwxrwxr-x 1 aviz aviz 1403 Dec 23 05:21 start.sh
-rwxrwxr-x 1 aviz aviz 160 Dec 23 04:43 stop.sh
aviz@npbsrv01:~/OPB_Arkime/OPB_Analyzer$ Add permission to execute ‘start.sh’ and ‘stop.sh’ scripts
aviz@npbsrv01:~/OPB_Arkime/OPB_Analyzer$ sudo chmod +x start.sh
[sudo] password for aviz:
aviz@npbsrv01:~/OPB_Arkime/OPB_Analyzer$ sudo chmod +x stop.sh
aviz@npbsrv01:~/OPB_Arkime/OPB_Analyzer$Execute the ‘start.sh’ script, the script will perform the following actions
Start Local ES storage node on port 9200
Setup directories for PCAP and Log capture
Ask the user for Interfaces to capture data on
Start the Arkime container
aviz@npbsrv01:~/OPB_Arkime/OPB_Analyzer$ sudo ./start.sh
Loading docker images...
Loaded image: avizdock/docker-arkime:latest
Loaded image: docker.elastic.co/elasticsearch/elasticsearch:7.17.3
Enter Semicolon ";" separated list of interfaces to listen for live traffic: enp130s0f1
vm.max_map_count = 262144
f07938f9e08183c763791733cda1bd19664675b44269fa7bc7e8d800001156b8
18f93340d929695b81915bebf8ed4a275439a25c4542a33944f093115facc17c
Access Arkime Viewer at:
http://<host>:8005
username: admin
password: admin
waiting for initialization...
aviz@npbsrv01:~/OPB_Arkime/OPB_Analyzer$Open URL http://<arkime-server-ip>:8005/ from your favourite browser and enter the below credentials
User: admin
Password: admin
Last updated
Was this helpful?