Enabling the Siren Investigate Gremlin Server
The Siren Investigate Gremlin Server is a backend component that is required by the Graph Browser visualization.
To enable the Gremlin Server, ensure that the investigate.yml
file contains
the following configuration:
investigate_core:
gremlin_server:
url: http://127.0.0.1:8061
path: gremlin_server/gremlin-es2-server.jar
To use the Gremlin Server with an authentication-enabled cluster, you must enable HTTPS. For more information, see Enabling HTTPS in Gremlin Server.
The Gremlin Server certificate is a node certificate in JKS format. If you are running Elasticsearch and security (SSL) on the same server as Siren Investigate, you can check the elasticsearch.yml
file to see which of the following parameters it contains:
searchguard.ssl.http.keystore_filepath
or
searchguard.ssl.http.pemcert_filepath
If it contains the first parameter (searchguard.ssl.http.keystore_filepath
), you can use the same JKS certificate as the certificate for gremlin server.
If it contains the second parameter (searchguard.ssl.http.pemcert_filepath
), you can generate your JKS certificate by running the following commands:
openssl pkcs12 -export -inkey YOUR_KEY.key -in YOUR_PEM.pem -name gremlin -out gremlin.p12keytool -importkeystore -srckeystore gremlin.p12 -srcstoretype pkcs12 -destkeystore gremlin.jks
In both cases, you must change the gremlin_server.url
parameter in investigate.yml
, to match the IP/name that is used in the certificate.
Log4J file configuration path
You can customize the logging output of Gremlin Server for troubleshooting purposes by setting investigate_core.gremlin_server.log_conf_path
in the investigate.yml
file to point to a Log4J2 properties file.
The following is a sample Log4J2 properties file that logs INFO-level messages to the console and the log/gremlin-server.log
file:
name=PropertiesConfig
appenders=console,file
appender.console.type=Console
appender.console.name=STDOUT
appender.console.layout.type=PatternLayout
appender.console.layout.pattern =[%-5level] %d{yyyy-MM-dd HH:mm:ss.SSS} [%t] %c{1} - %msg%n
appender.file.type=File
appender.file.name=LOGFILE
appender.file.fileName=log/gremlin-server.log
appender.file.layout.type=PatternLayout
appender.file.layout.pattern=[%-5level] %d{yyyy-MM-dd HH:mm:ss.SSS} [%t] %c{1} - %msg%n
rootLogger.level=INFO
rootLogger.appenderRefs=stdout,logfile
rootLogger.appenderRef.stdout.ref=STDOUT
rootLogger.appenderRef.logfile.ref=LOGFILE