Quick Installation
Before starting the installation, please make sure that your target system meets the Technical Requirements and the installation is performed by a person with basic Linux skills (mainly with Ubuntu experience).
Please walk through the following steps. If you encounter any issues during installation, refer to our Troubleshooting Guide.
Step #1 - Create a new user that will own all the release files and run the appliance
sudo adduser filescanioStep #2 - Download and unpack the release archive to a folder, e.g.: your home folder
Install 7zip:
sudo apt-get updatesudo apt-get install p7zip-full -yDownload the release archive from https://my.opswat.com/portal/products
Note that the release archive is password protected and needs to be unpacked.
Please use the password that you received from your OPSWAT Sales Representative! Please adjust the x.y.z version numbers to match the downloaded filename!
7z x -p"PASSWORD" OPSWAT_Filescan_vx.y.z-Standalone.zip7z x fsBootstrap.zip -ofsBootstraprm fsBootstrap.zipStep #3 - Ensure that the embedded installation scripts are executable and have the unix format:
cd fsBootstrapchmod +x *.shsudo apt-get install dos2unix -ydos2unix *Step #4 - Edit bootstrap.cfg to enable optional features (e.g. S3 bucket storage, E-Mail).
Note: Default settings work fine for standard deploys and all features can be configured post installation.
Step #5 - Move the FileScanIO.zip archive into the current folder (fsBootstrap)
mv ../FileScanIO.zip .Step #6 - Run the bootstrap shell script
Note that this operation can take up to 20-30 minutes (depending on available network bandwidth).
sudo ./bootstrap.shThe first step of the installation process is accepting the product EULA, you need to press Y to start the installation.
Step #7 - Optimize your transform and broker components if needed. More information: Sandbox Engine Options.
Step #8 - Access the web server (localhost, port 443) and setup the initial admin user
Step #9 - Add your Activation Key
The system will not be able to generate reports yet (and eventually gracefully exit), as a valid Activation Key is required.
Please use the Activation Key that you received from your OPSWAT Sales Representative, and follow the instructions on the License Activation page.
If you use the default installation location, then you can create and copy thelicence.ymlfile like this:
echo "ACTIVATION_KEY" > ~/license.ymlsudo cp ~/license.yml /home/filescanio/FileScanIO/fsTransform/license/Step #10 - Optional: start the transform and/or broker services, if not running already
sudo service fsio startsudo service fsiobroker startStep #11 - Check the application logs to ensure that the initialization succeeded
To initialize the newly created bash aliases please run this command:
exec bashAfter this, the following command aliases will be available to the filescanio user (see bootstrap.cfg) and the user who performed the installation:
fsiologfsiologbrokerNote: please refer to the API top level menu at the webservice to learn how files may be sent to the system for automated processing. For custom integrations (e.g.: email), please reach out to support.
Important notes for air-gapped systems
- The installation process requires an Internet connection (moving the system into a DMZ is recommended)
- Air-gapped systems will only receive updated features (like YARA) when installed and upgraded with an active internet connection. We recommend moving the system into a DMZ during these windows.
- All third-party integrations (e.g. Reputation API, geolocation/WHOIS lookup) require an Internet connection.
- The "File download" feature is not available in air-gapped environments.
To run Filescan in an offline environment without any errors, the following settings must be changed (after completing the installation process in an online environment).
Please open /home/filescanio/FileScanIO/fsTransform/conf/transform.properties.custom using a text editor and add the following lines:
downloadLatestPeStudioForDataEnrichment=falserunDomainResolver=falserunFileDownloaders=falserunIPStackLookupOnExectractedHosts=falserunIPStackOnDomainResolvedIPs=falserunHexillionOnExtractedDomains=falserunWhoisRecordLookups=falsentpServer=127.0.0.1ntpServerTimeout=1ntpServerRefreshRateInSeconds=31536000runSystemUpdateEvery=31536000runYaraUpdateOnStartup=falserunPatchesOnStartup=falserunOSINTLookups=falseAlso open /home/filescanio/FileScanIO/fsTransform/conf/reputation.properties.custom using a text editor and add the following line:
refreshReputationSources=falsePlease remember to save both configuration files and restart the fsio service:
sudo service fsio restart