1
00:00:00,120 --> 00:00:05,610
OK, so now we can look at the low key data source, the lucky data source is about rating locavores

2
00:00:05,670 --> 00:00:06,530
from your service.

3
00:00:06,540 --> 00:00:11,910
Many servers and applications will store log files in a file that you can often just read in a text

4
00:00:11,910 --> 00:00:13,920
editor such as Web servers will do it.

5
00:00:13,920 --> 00:00:19,230
Database servers capable of calls The Journal System Day on Linux is a good source of information that

6
00:00:19,230 --> 00:00:20,400
we can also read to use it.

7
00:00:20,400 --> 00:00:25,830
Lucky data source We can install two extra services that work together, both written by professional

8
00:00:25,830 --> 00:00:26,280
labs.

9
00:00:26,340 --> 00:00:30,010
The first one being the low key service is what we'll install in this video.

10
00:00:30,040 --> 00:00:34,890
Now, the lucky service, if I go to the final lucky GitHub page is a process that will run on your

11
00:00:34,890 --> 00:00:38,110
server, and it's responsible for storing logs and processing queries.

12
00:00:38,130 --> 00:00:40,990
So it's a bit like an Eskimo server, but for log files.

13
00:00:41,010 --> 00:00:46,830
So the Gryphon low key data source that will set up will connect to the low key process running on your

14
00:00:46,830 --> 00:00:47,200
server.

15
00:00:47,220 --> 00:00:51,990
Now, like it doesn't exist by itself, something needs to be pushing data into it and will use prompt

16
00:00:51,990 --> 00:00:54,090
mail for that, and we'll discuss that in the next video from.

17
00:00:54,510 --> 00:01:00,030
Will read log files that you've asked it to and then send them off to low key so that Loki can store

18
00:01:00,030 --> 00:01:03,320
them and organize them in such a way for querying by Carafano.

19
00:01:03,420 --> 00:01:09,450
Anyway, so in Gryffindor, if you go to data sources and you add a data source down here, there's

20
00:01:09,450 --> 00:01:12,930
the low key data source says it's like Prometheus, but for logs.

21
00:01:12,930 --> 00:01:15,690
We haven't done Prometheus yet in this course, but we will.

22
00:01:15,690 --> 00:01:20,730
Anyway, before we can use that data source, we need to set up a service that the Likee data source

23
00:01:20,730 --> 00:01:21,420
will connect to.

24
00:01:21,450 --> 00:01:23,850
Similar to what we did when we set up my school.

25
00:01:23,910 --> 00:01:29,370
OK, so back at this diagram, we're now going to install low key service locally on the Gravano server.

26
00:01:29,370 --> 00:01:34,980
So from the perspective of the Karana application, the Loki service will be at one 20 seven zero zero

27
00:01:34,980 --> 00:01:36,930
one, which is the same as local host.

28
00:01:37,020 --> 00:01:41,550
OK, so all my documentation down here we can install the Loki binary.

29
00:01:41,670 --> 00:01:43,480
We'll set that up and that's these instructions here.

30
00:01:43,500 --> 00:01:45,450
So log on to your profile and a server.

31
00:01:45,480 --> 00:01:51,540
I'm now a microphone, a server root at Safana there, and I'm going to change to a folder usr local

32
00:01:51,540 --> 00:01:51,840
bin.

33
00:01:51,840 --> 00:01:53,730
So that's where I'll install the Loki binary.

34
00:01:53,760 --> 00:01:56,820
So city use local bin, I'm down usr local bin folder.

35
00:01:56,820 --> 00:02:03,420
I'm now going to download using kernel a zip file containing the Loki binary and dirty version two point

36
00:02:03,420 --> 00:02:04,090
four point one.

37
00:02:04,110 --> 00:02:05,760
Now, Loki is like a Farner.

38
00:02:05,790 --> 00:02:10,470
It is updated regularly, but if you want to see what the latest version is, you can visit that link

39
00:02:10,470 --> 00:02:10,740
there.

40
00:02:10,770 --> 00:02:15,840
It takes you to the Crafar Loki repository, the releases page, and I can see two point four point

41
00:02:15,870 --> 00:02:18,930
one, so we will install that, so copy that whole line.

42
00:02:18,970 --> 00:02:19,900
I'm going to just copy that.

43
00:02:19,900 --> 00:02:21,450
The clipboard is net icon now.

44
00:02:21,450 --> 00:02:22,740
Right click Enter.

45
00:02:22,800 --> 00:02:29,660
OK, so it's just downloaded the Loki Linux AMD64 zip and saved it into the user local bin folder.

46
00:02:29,670 --> 00:02:33,420
OK, for this type, less will sit there, then we have to unzip it.

47
00:02:33,420 --> 00:02:36,320
So unzip Loki won't accept a 64.

48
00:02:36,330 --> 00:02:37,980
I don't have unzip on my computer.

49
00:02:37,980 --> 00:02:43,160
I can install that quickly just by highlighting that right clicking and into I could have just typed

50
00:02:43,470 --> 00:02:44,130
on the keyboard.

51
00:02:44,490 --> 00:02:46,140
It's run that unzip again.

52
00:02:46,140 --> 00:02:49,980
So I was pressing the up arrow because it shows me what I typed in previously.

53
00:02:49,980 --> 00:02:51,420
So unzip hey.

54
00:02:51,430 --> 00:02:52,750
Inflating lists.

55
00:02:52,770 --> 00:02:53,700
There are two files now.

56
00:02:53,730 --> 00:02:57,120
Loki likes AMD64 and Loki, Linus and 64.

57
00:02:57,420 --> 00:03:03,330
So if I do less l'hygiene, it shows me that that file there has executed permissions.

58
00:03:03,330 --> 00:03:04,400
So this is good.

59
00:03:04,440 --> 00:03:06,330
Sometimes they don't have X permissions.

60
00:03:06,330 --> 00:03:09,000
If they don't, you can just run C mode.

61
00:03:09,020 --> 00:03:13,140
A-plus takes the name of the file and it will show you file as being executable.

62
00:03:13,150 --> 00:03:15,800
It's important that the file was executable and it already is for us.

63
00:03:15,810 --> 00:03:18,450
So this is previously in all the versions of Loki.

64
00:03:18,450 --> 00:03:23,250
You would have to manually make that file executable and that's why I have that amount of documentation

65
00:03:23,250 --> 00:03:24,450
still just in case.

66
00:03:24,580 --> 00:03:27,860
OK, so before we can start Loki, we need to do several things.

67
00:03:27,870 --> 00:03:31,850
One of those is to create a config false, so it's quite a config file using nano.

68
00:03:31,860 --> 00:03:33,330
So I was going to copy that line there.

69
00:03:33,330 --> 00:03:35,280
Ciudadano config Loki.

70
00:03:35,280 --> 00:03:35,550
Why?

71
00:03:36,000 --> 00:03:40,470
OK, so then I opened up a blank page and it's already clear that fall for us, but there's nothing

72
00:03:40,470 --> 00:03:40,530
in.

73
00:03:40,620 --> 00:03:45,270
So let's put something in a copy this text below or just press that icon.

74
00:03:45,360 --> 00:03:49,410
And if I right click it pasted all into and then our editor there.

75
00:03:49,950 --> 00:03:52,860
Now this is a default Loki configuration.

76
00:03:52,860 --> 00:03:59,040
I'm using version two point for one, and I got that from this official Bafana Loki link here on GitHub

77
00:03:59,040 --> 00:04:01,410
for using a newer version and two point four point one.

78
00:04:01,440 --> 00:04:04,910
Be sure to check that link to see if there's anything different in the configuration file.

79
00:04:04,920 --> 00:04:06,150
That's if you have problems.

80
00:04:06,420 --> 00:04:07,090
So just in case.

81
00:04:07,140 --> 00:04:09,690
OK, so back to nano, it's saved that.

82
00:04:09,690 --> 00:04:12,700
So Control X saved modified by thought yes.

83
00:04:12,700 --> 00:04:14,610
So I'm pressing Y for yes presenter.

84
00:04:14,640 --> 00:04:15,090
Very good.

85
00:04:15,090 --> 00:04:17,519
If I press Ellis now, there are three false sets.

86
00:04:17,519 --> 00:04:21,519
The configuration is the Loki binary, which is executable and the zip file.

87
00:04:21,540 --> 00:04:25,440
We no longer need a zip file, but I'll just leave it there anyway so we can start Loki now.

88
00:04:25,440 --> 00:04:29,790
But it's not really a good idea because if we close our society session, the Loki service will stop.

89
00:04:29,910 --> 00:04:34,080
So what we should do is set it up to run as a service so that it continues to run in the background

90
00:04:34,110 --> 00:04:35,910
because we wanted to run 24 hours a day.

91
00:04:35,940 --> 00:04:38,970
So what I'm going to do is create a system user called Loki.

92
00:04:38,970 --> 00:04:43,170
So copy that and that will be the user that will run the Loki process.

93
00:04:43,500 --> 00:04:45,840
Sudo add system Loki.

94
00:04:45,930 --> 00:04:53,430
And so I'm now going to create a file called Loki Service Copy that using nano again ciudadano ATC System

95
00:04:53,430 --> 00:04:57,330
D System Loki Service Press Enter.

96
00:04:57,420 --> 00:04:59,730
OK, so send, you know, empty file.

97
00:05:00,010 --> 00:05:02,830
Is full force and in that paste this text.

98
00:05:03,930 --> 00:05:10,050
This allows our low key Linux aimed big fall that we just created to run as a background service on

99
00:05:10,050 --> 00:05:10,530
our server.

100
00:05:10,560 --> 00:05:17,070
And that's the configuration file that is using usr local bin config Loki or just move the cursor along

101
00:05:17,070 --> 00:05:20,060
there will see that it's config Loki dot.

102
00:05:20,070 --> 00:05:20,720
Why email?

103
00:05:21,090 --> 00:05:21,600
Excellent.

104
00:05:21,690 --> 00:05:24,240
Or so you'll see that it's using a user.

105
00:05:24,250 --> 00:05:26,220
Loki we discovered that user control.

106
00:05:26,790 --> 00:05:27,420
Yes.

107
00:05:27,640 --> 00:05:31,470
And so we can now start stop Loki using these commands.

108
00:05:31,470 --> 00:05:34,350
So sudo service Loki start.

109
00:05:34,920 --> 00:05:38,880
OK, we can check its status and its active running.

110
00:05:38,880 --> 00:05:39,620
So to go.

111
00:05:39,630 --> 00:05:42,960
Loki is now running as a service on my Crafar server.

112
00:05:43,500 --> 00:05:45,210
I could always stop it if I wanted to.

113
00:05:45,600 --> 00:05:47,880
I'm not going to do that, but you can if you need to.

114
00:05:47,970 --> 00:05:52,230
Now, since we have Loki running, we cannot connect to that using Gafah.

115
00:05:52,290 --> 00:05:55,200
I'm already on the data source configuration page.

116
00:05:55,470 --> 00:05:57,480
I'm going to select Loki.

117
00:05:58,020 --> 00:05:59,520
Let me get the name Loki.

118
00:05:59,520 --> 00:06:00,630
That's a good name.

119
00:06:00,660 --> 00:06:07,780
We're going to connect to local host 3100, or you could even use one 20 seven zero zero one three one

120
00:06:07,790 --> 00:06:09,510
two and it's takes TTP.

121
00:06:10,350 --> 00:06:12,600
And that's from the perspective of our phone replication.

122
00:06:12,600 --> 00:06:16,410
So it's just another service running on the same server, listening on Port 3100.

123
00:06:16,890 --> 00:06:20,260
OK, so save and test data source connected and Labor's found.

124
00:06:20,310 --> 00:06:20,760
Excellent.

125
00:06:21,870 --> 00:06:25,860
We don't have any data inside Loki yet because we haven't set up pronto.

126
00:06:25,890 --> 00:06:31,650
We'll do that in the next video, but for now, we can at least go into the Explore tab and we can select

127
00:06:31,650 --> 00:06:32,430
it from the top down.

128
00:06:32,430 --> 00:06:34,620
Then Loki no logs found.

129
00:06:34,710 --> 00:06:35,340
It doesn't matter.

130
00:06:35,370 --> 00:06:36,560
We'll get on to that now.

131
00:06:36,570 --> 00:06:42,060
One thing to note there I'm using the digitalisation service, so I don't have a default firewall locking

132
00:06:42,060 --> 00:06:46,860
ports so I can actually access that Loki service across the internet.

133
00:06:46,860 --> 00:06:49,710
And that address is HTP.

134
00:06:49,830 --> 00:06:52,080
Fernando Espaco Dot Net Calling 3-1-1.

135
00:06:52,380 --> 00:06:57,420
Loki is listening on Port 100, but it's also accessible across the internet for me, so that would

136
00:06:57,420 --> 00:07:01,760
be your domain name if you use a domain name or your Cortana service IP address.

137
00:07:01,770 --> 00:07:02,520
That is my one.

138
00:07:02,520 --> 00:07:07,020
So if I press that I can see that there is actually a web server running there because this would turn

139
00:07:07,020 --> 00:07:08,640
to for if that's what web servers do.

140
00:07:08,640 --> 00:07:16,500
But if you just type splash metrics, it would turn this data, which are statistics about the Loki

141
00:07:16,500 --> 00:07:17,010
service.

142
00:07:17,040 --> 00:07:21,570
Now you probably don't want that to be exposed on the internet like that.

143
00:07:21,660 --> 00:07:25,940
If you're using it was security group won't have 3100 open already.

144
00:07:25,950 --> 00:07:30,570
But since I'm using an unrestricted Ubuntu server and I don't have a dedicated firewall, I'm going

145
00:07:30,570 --> 00:07:33,300
to block Port 3100 using IP tables.

146
00:07:33,960 --> 00:07:35,570
So that's down here.

147
00:07:35,580 --> 00:07:36,690
IP tables.

148
00:07:36,750 --> 00:07:43,410
I'm going to accept 3100 on local host only because the Raphinha's service needs to still query the

149
00:07:43,410 --> 00:07:44,300
Loki service.

150
00:07:44,310 --> 00:07:51,150
So about Mega-fauna server doesn't matter what forum and IP tables in port TCP local host destination

151
00:07:51,150 --> 00:07:57,180
Port 3100 Except until now, I'm going to drop everything else, so no other IP address will be able

152
00:07:57,180 --> 00:08:03,780
to connect to port three 100 IP tables in Port TCP, IP or 100 drop, and that line means drop everything

153
00:08:03,780 --> 00:08:04,140
else.

154
00:08:04,260 --> 00:08:09,200
I can verify that IP tables often now and they are my rules.

155
00:08:09,220 --> 00:08:12,710
Okay, so accepting local hosts three 100 dropping everything else.

156
00:08:12,720 --> 00:08:13,740
Okay, so excellent.

157
00:08:13,740 --> 00:08:16,030
We have the Loki service running on our server.

158
00:08:16,050 --> 00:08:19,390
Another thing it's also exposing Port nine zero nine six.

159
00:08:19,410 --> 00:08:23,010
It uses that for your PC communications for internal management.

160
00:08:23,070 --> 00:08:26,570
OK, so that port is also going to be accessible across the internet.

161
00:08:26,580 --> 00:08:32,070
If you're using a similar set up to me, for example, I'm on my windows machine and I have a program

162
00:08:32,070 --> 00:08:37,830
called Telnet installed and I can tell it to father daughter speak code dot net.

163
00:08:38,740 --> 00:08:41,500
Port, nine hour, nine, six.

164
00:08:42,510 --> 00:08:46,560
And we can see that it's actually connected, so I'm going to close that port as well.

165
00:08:46,770 --> 00:08:52,970
It's great that by closing it, so in my documentation, I've read the rules here to allow nine nine

166
00:08:52,980 --> 00:08:54,780
six on local host.

167
00:08:55,400 --> 00:09:02,880
So I'm accepting source local host destination port nine and on six, that's OK, but dropping everything

168
00:09:02,880 --> 00:09:04,680
else, and I'll just verify that.

169
00:09:06,000 --> 00:09:11,700
So I would go so excepting 1996 from local hosts and dropping everywhere else.

170
00:09:11,820 --> 00:09:18,600
OK, so another tool that you can use to check what Porter service is using is the SS Command on Ubuntu

171
00:09:18,600 --> 00:09:20,620
twenty one, zero four and above.

172
00:09:20,640 --> 00:09:22,620
It's very similar to the old netstat command.

173
00:09:22,740 --> 00:09:27,810
Here I'm going to return results with the word Lokey in them, so enter that here.

174
00:09:27,840 --> 00:09:33,540
It's word wraps, so it's quite hard to say, but you can see that the low key Linux I am d is using

175
00:09:33,540 --> 00:09:36,390
Port 99, six and three 100.

176
00:09:36,570 --> 00:09:40,470
OK, so if you're going to have these services running on your servers, you will need to ensure that

177
00:09:40,470 --> 00:09:42,690
they're not exposing information accidentally.

178
00:09:42,730 --> 00:09:43,650
OK, excellent.

179
00:09:43,710 --> 00:09:49,160
And also, be sure to read my information on keeping rules persistent if you're using IP tables.

180
00:09:49,230 --> 00:09:52,620
I'm going to create a backup of my IP tables rules now.

181
00:09:52,650 --> 00:09:56,490
I'm only using IP version four, so I need to run that one.

182
00:09:56,580 --> 00:09:57,000
Excellent.

183
00:09:57,030 --> 00:10:00,870
So the next video will set up the prompt health service to read log falls.

184
00:10:01,110 --> 00:10:01,590
Excellent.