NXLog Platform installation instructions

The steps below guide you to install your on-premises NXLog Platform instance on a physical or virtual machine, which you can fully manage and administer.

Install NXLog Platform

Follow these steps to install NXLog Platform:

  1. Log in to your NXLog Platform account, or sign up for NXLog Platform if you don’t have an account yet.

  2. Download the installer:

    1. In the left navigation menu, click Product Download.

    2. Select your OS and download the installer.

    3. Take note of the API key.

      NXLog Platform on-premises download and API key
  3. Copy the downloaded file to the NXLog Platform host machine.

  4. If necessary, create a dedicated service account to install and manage NXLog Platform.

  5. Run the following commands, replacing x.x.x with your version:

    $ tar -xvf nxp-x.x.x-onprem-amd64.tar.gz
    $ sudo ./nxp-x.x.x-onprem-amd64.sfx.sh

    This will extract the deployment file and install the nxp_manage.sh command-line interface for managing your NXLog Platform instance, along with any software requirements that are missing on your system.

  6. Edit the configuration file /etc/nxp.conf as root. For example:

    $ sudo nano /etc/nxp.conf

    Then, define or review the following variables and save the file:

    NXP_API_KEY

    Your NXLog Platform API key.

    NXP_DOMAIN

    Domain name for accessing your NXLog Platform instance, in the format subdomain.domain.tld.

    To avoid DNS conflicts with other services on your network, we highly recommend choosing a dedicated subdomain for NXLog Platform (such as nxlog.example.com if your organization’s domain name is example.com).

    NXP_SIZE

    NXLog Platform deployment size. The accepted values are small, medium, large, and xlarge. See the CPU and RAM requirements for each deployment size.

    The default is small.

    NXP_STORE_LOGS

    If you intend to use the built-in NXLog Platform log storage database, you must set this value to true. See the CPU and RAM requirements to understand how this setting affects the RAM allocation for NXLog Platform.

    The default is false.

    NXP_BACKUP_LOCATION

    Directory where NXLog Platform creates backup files.

    The default is /srv/nxp/backup.

    NXP_DATA_LOCATION

    Directory where NXLog Platform writes and stores all data. Ensure that the directory has sufficient disk space, as mentioned in the storage requirements.

    The default is /srv/nxp/data.

    NXP_MINDER_AGENT_PORT

    TCP port where NXLog Platform listens for incoming NXLog Agent connections. If you change this variable, you must follow these additional steps after finishing the NXLog Platform installation process.

    The default is 5515.

    http_proxy
    https_proxy

    If you use a proxy server, you must uncomment the lines and replace PROXY_ADDRESS and PORT with those of your proxy server. If your proxy does not use basic authentication, remove user:password@. Otherwise, replace them with your proxy credentials.

    Pay attention to using the correct quotes and escaping characters where necessary. If your proxy uses basic authentication, you must escape characters like $ in the password with three backslashes. See Proxy-related errors and Enable debug logging if you encounter a problem installing NXLog Platform when using a proxy.

    no_proxy

    If you use a proxy server, you must uncomment the line to exclude the internal NXLog Platform IP address range 10.89.0.0/24 from being routed through the proxy.

  7. Run the following commands to install NXLog Platform:

    $ sudo nxp_manage.sh wizard
    $ sudo nxp_manage.sh install

    The installation might take some time, depending on the available system resources. If the installation doesn’t complete successfully, check out the troubleshooting section.

You will have NXLog Platform installed and running at this stage, but you still have to configure DNS to be able to log in for the first time.

Post-installation steps

Although NXLog Platform is up and running at this stage, there are additional configuration steps that we advise to perform immediately after installation. Examples include tightening security and initiating important features.

Configure DNS

You need to configure the appropriate DNS records before you can access your NXLog Platform instance. You will likely need to do this on your corporate DNS server.

Create DNS A records for the following domain names and point them all to the IP address of the deployment machine, replacing nxlog.example.com with the actual domain you configured on /etc/nxp.conf while installing NXLog Platform.

  • platform.nxlog.example.com

  • auth.nxlog.example.com

  • agents.nxlog.example.com

  • relay.nxlog.example.com

  • grafana.nxlog.example.com

For testing purposes, you can add the following entries to the hosts file on your workstation and on any machine running NXLog Agent. Replace 192.168.1.123 with the IP address of your NXLog Platform host machine and nxlog.example.com with the domain you configured on /etc/nxp.conf while installing NXLog Platform:

# Your workstation must resolve the names for the services
# hosting the NXLog Platform UI
192.168.1.123 platform.nxlog.example.com auth.nxlog.example.com agents.nxlog.example.com grafana.nxlog.example.com

# The machines running agents must resolve the names for the services
# responsible for the NXLog Platform log collection and management
192.168.1.123 relay.nxlog.example.com agents.nxlog.example.com

Set up a custom TLS certificate

NXLog Platform generates a self-signed certificate and private key pair during the installation and uses it when serving NXLog Platform UI web pages and API requests to simplify the configuration for evaluation purposes. For production environments, we recommend that you use your own TLS certificate and private key generated by a local or public CA.

  1. Run the following command to start the certificate import wizard:

    $ sudo nxp_manage.sh import-cert
  2. Enter the path of the TLS certificate and private key when prompted. If the import is successful, you should see output similar to the following:

    [2024-08-26 16:47:08] [SUCCESS] Successfully copied cert.crt to /srv/nxp/data/nginx_certs/
    [2024-08-26 16:47:08] [SUCCESS] Successfully copied private.key to /srv/nxp/data/nginx_certs/
    [2024-08-26 16:47:08] [SUCCESS] Script execution completed successfully
    [2024-08-26 16:47:08] [SUCCESS] Files have been successfully copied to /srv/nxp/data/nginx_certs/
  3. Restart NXLog Platform:

    $ sudo nxp_manage.sh stop
    $ sudo nxp_manage.sh start

Log in for the first time

Before you can log in to NXLog Platform, you need to configure DNS.

After the DNS records are in place, open a web browser and navigate to your NXLog Platform URL:

https://platform.nxlog.example.com

Replace nxlog.example.com with your NXLog Platform domain.

Log in to NXLog Platform using the default administrator user created during the installation:

Username: admin@localhost.local
Password: NXLogPlatform_1

NXLog Platform portal login

Configure a mail server

NXLog Platform needs to connect to an SMTP server to be able to send emails such as user invites, password reset requests, and system alerts. Without configuring an SMTP server, those features will be unavailable.

Follow these steps to configure an SMTP server for outbound emails:

  1. Ensure that your organization has access to an SMTP server either locally or as a cloud service and that you have its connection details at hand.

  2. Log in to NXLog Platform and navigate to Administration > Tenant operations > Platform configuration.

  3. In the Mail server section, set the fields as described in Mail server.

  4. (Optional) Click Send test email to test out your settings.

    The test email will not arrive unless you change the default administrator account’s email address to point to a real mailbox.

  5. Click Save changes.

Harden the Administrator account

As the default admin account’s credentials are publicly available, we highly recommend changing them immediately after you log in for the first time. We also recommend enabling two-factor authentication (2FA) for the account.

The email address is also the account’s login name. We recommend changing it to an email address that you monitor regularly, as NXLog Platform sends important email notifications to it.

Ensure that you have configured a mail server before changing the email address.

  • To change the admin password, follow the steps in Change your password.

  • To change the admin email address, open the user account menu in the upper right-hand corner, navigate to View Account > General, and click Change email. See Update personal information for details.

    After completing the change, use the new email address as a login name for future logins.

  • To enable 2FA, follow the steps in Enable two-factor authentication.

Update the NXLog Agent listening port (optional)

If you changed NXP_MINDER_AGENT_PORT in /etc/nxp.conf when installing NXLog Platform, you must follow these additional steps:

  1. Open https://agents.nxlog.example.com/settings/agent-manager, replacing nxlog.example.com with your domain.

  2. Update the port of the default enrollment address and click Save.

    This ensures that NXLog Platform sends the correct port when enrolling new agents.

  3. Navigate to Agents > Configurations Overview, and delete all built-in templates by clicking the Actions menu and choosing Delete.

    NXLog Platform automatically recreates the built-in templates using the updated NXLog Agent listening port.

    Deleting the built-in agent configuration templates

See also