Table of Contents
- Getting Started
- Agent-Based Management
- Data Providers
- Directory Services
- Event Log Archiving for JSIG and CMMC Compliance
- Auditing
- Hosts
- Templates
- Template Properties
- Batch Update Templates
- Assign Templates
- Log Management Templates
- SCAP Compliance Monitor
- Active Directory User Monitor Templates
- File and Directory Monitor Templates
- Windows Monitor Templates
- Account Lockout Monitor Template
- Logon Monitor Template
- CPU Monitor Template
- Memory Monitor Template
- Disk Space Monitor Template
- SMART Monitor Template
- Process Monitor Template
- Service Monitor Template
- Performance Counter Monitor Template
- PowerShell Template
- Registry Value Monitor Template
- System Security Monitor Template
- Task Scheduler Template
- Clock Synchronization Template
- Defragment NTFS Disks Template
- Windows Audit Policy Monitor Template
- Windows Logon As Monitor Template
- Windows Update Template
- WMI Query Template
- Network and Application Monitor Templates
- Database Monitor Template
- Directory Service Monitor Template
- DNS Blacklist Monitor Template
- DNS Monitor Template
- Domain Expiration Monitor Template
- Network Speed Monitor Template
- Ping Monitor Template
- Database Table Reseed
- SQL Server Shrink and Backup Template
- SSH Shell
- TCP Port Scan Monitor Template
- Website Monitor Template
- Wake On LAN Template
- SSL Certificate Monitor Templates
- Email Monitor Templates
- SNMP Monitor Templates
- Windows Accounts Templates
- Monitors
- Reports
- File and Permission Reports
- Summary Reports
- Auto-Configurators
- Filters
- Actions
- Database Actions
- Desktop Actions
- Email Actions
- Event Log Actions
- Executable Actions
- File Actions
- IIS IP Address Restriction Actions
- Microsoft Teams Actions
- PowerShell Actions
- Report Actions
- Service Actions
- SMS Actions
- SNMP Trap Actions
- Syslog Actions
- Template Actions
- IIS IP Address Restriction Actions
- Action Variables
- Schedules
- Environment Variables
- Options
- Account Lockout Monitoring and Reporting
- Merging Logs
- SNMP
- SSH Shell
- Syslog
- Exporting and Importing Configuration Objects
- Shared Views
- Active Directory User and Group Filters
- Assign Actions
- Assign Azure Audit Logs
- Assign Consolidated Logs
- Assign Directories
- Assign Disks
- Assign Event Logs
- Assign Files
- Assign Services
- Assign Shares
- Auto-Config Host Assignment Properties
- Define CSV and W3C Log Entry Columns
- Define Log Entry Columns
- Define Log Entry Columns with Regular Expressions
- Executable Status
- Executable Timeline
- Explicitly Assigned Logs
- File Explorer
- General Executable Properties
- Report Columns
- Report Date/Time Ranges
- Report Security Event Log Filters
- Select Folder or File
- Target Files and Sub-Directories
- Command Line Interface
- Server Configuration
- Agent Configuration
- Troubleshooting
- Terminology
Corner Bowl Server Manager
SIEM, IPS, Server Monitoring, Uptime Monitoring and Compliance Software
Linux Server Installation
In this Topic
Background
Server Manager can be installed on RHEL, CentOS, Ubuntu or any other Linux flavor that supports .Net 7 or higher.
Important
To configure the Management Server, you must remotely connect via the Windows Server Manager Management Console. If the target machine is stand-alone air gapped, create the configuration from a sandbox environment, backup the configuration, copy the zip file to the target machine, unzip the files, move the files to the /usr/bin/corner-bowl/server-manager directory, then lastly, restart the Daemon. Once started, the hostname that resides in configuration backup is automatically renamed to the target machines name.
System Requirements
The Linux Agent requires the Microsoft .Net 7 Runtime or higher to be installed.
How to Install the Microsoft .Net 7 Runtime
- From the target Linux host, open a command prompt.
Red Hat Enterprise Linux (RHEL)
- Type the following command:
sudo yum install dotnet-runtime-7.0 -y
Ubuntu:
- Type the following commands:
wget https://packages.microsoft.com/config/ubuntu/22.04/packages-microsoft-prod.deb sudo dpkg -i packages-microsoft-prod.deb sudo apt install apt-transport-https sudo apt update sudo apt install dotnet-sdk-7.0
How to Manually Install the Linux Server
- From an Internet Browser, goto https://www.CornerBowlSoftware.com/Download.
- If you are not logged into the website, login.
- Once logged into the website, download the Linux Service Zip then unzip the contents to a temporary directory.
- Modify the tcpserver.json file if necessary. For more information see: Server Configuration.
- Create the following directories, for example:
sudo mkdir /usr/bin/corner-bowl sudo mkdir /usr/bin/corner-bowl/server-manager sudo mkdir /usr/bin/corner-bowl/server-manager/runtimes sudo mkdir /usr/bin/corner-bowl/server-manager/runtimes/linux-x64 sudo mkdir /usr/bin/corner-bowl/server-manager/runtimes/linux-x64/native sudo mkdir /usr/bin/corner-bowl/server-manager/htmltemplates sudo mkdir /usr/bin/corner-bowl/server-manager/htmlimages sudo mkdir /usr/share/corner-bowl sudo mkdir /usr/share/corner-bowl/server-manager
- Copy the files to the appropreiate destination directories, for example:
sudo cp ./*.dll /usr/bin/corner-bowl/server-manager sudo cp ./runtimes/linux-x64/native/*.dll /usr/bin/corner-bowl/server-manager/runtimes/linux-x64/native sudo cp ./htmltemplates/* /usr/bin/corner-bowl/server-manager/htmltemplates sudo cp ./htmlimages/* /usr/bin/corner-bowl/server-manager/htmlimages sudo cp ./*.json /usr/bin/corner-bowl/server-manager sudo cp ./cbsmsrv.service /etc/systemd/system/cbsmsrv.service sudo cp ./tcpserver.json /usr/share/corner-bowl/server-manager/tcpserver.json
- Load the Daemon into systemctl, configure the Daemon to start when the server boots, then start the Daemon, for example:
sudo systemctl daemon-reload sudo systemctl enable cbsmsrv sudo systemctl start cbsmsrv
- Verify the service has started, for example:
cat /var/log/corner-bowl/server.log
How to Upgrade the Linux Server
Auto-update is currently under development. To update:
- Stop the Daemon, for example:
sudo systemctl stop cbsmsrv
- Repeat the installation steps above.
How to Configure TLS 1.2
- Use openssl to create and install your certificate, for example on RHEL:
yum install openssl mkdir /etc/pki/CA mkdir /etc/pki/CA/private cd /etc/pki/CA/private openssl req -new -x509 -newkey rsa:2048 -keyout cakey.pem -out ../cacert.pem chmod 600 cakey.pem openssl rsa -in cakey.pem -noout -text openssl genrsa -out serverkey.pem -aes128 2048 -days 3650 openssl rsa -in serverkey.pem -out serverkey.pem openssl req -new -key serverkey.pem -out req.pem -nodes cd /etc/pki/CA echo 01 > serial touch index.txt cd /etc/pki/CA/private openssl ca -in req.pem -notext -out servercert.pem openssl pkcs12 -export -out servercert.pfx -inkey serverkey.pem -in servercert.pem
- Once installed, add the certificate to your .Net Certificate Store using the Server Manager Command-Line Interface, for example:
cd /usr/bin/corner-bowl/server-manager /usr/bin/dotnet cbsmcli.dll -ic -f /etc/pki/CA/private/servercert.pfx
- Using a text editor, open the /usr/share/corner-bowl/server-manager/tcpserver.json file.
- Find TlsConfiguration | Enabled then set the value to true.
- Find TlsConfiguration | Certificate then set the value to one of the following values found in the Windows Certificate Manager:
Attribute | Sample Value | Search Order |
---|---|---|
Distinguished Name | LocalhostName | 1 |
- Save your changes.
- From a command-prompt, restart the Daemon, for example:
sudo systemctl stop cbsmsrv sudo systemctl start cbsmsrv
Configuration File Reference
{ "Host": "0.0.0.0", "Port": 21843, "IdleTimeout": 300, "ReceiveTimeout": 120, "SendTimeout": 120, "TlsConfiguration": { "Enabled": true, "Certificate": "yourhostname", "RequireRemoteCertificate": false, "AllowSelfSignedCertificate": true, "CheckCertificateRevocation": false, "AllowCertificateChainErrors": true } }
For more information see: Server Configuration
Troubleshooting
If the Server does not appear to be running or accepting connections from a Windows Server Manager Management Console, view the Daemon's verbose output log for detailed information. The log file is located in the following directory:
/var/log/corner-bowl/server.log
- Open a command-prompt, then type the following command to tail the log file:
tail -f /var/log/corner-bowl/server.log