I recently had a requirement to install Cortex XSOAR Community edition in AWS.
First thing I suggest you do is idenfify the requirements of the host server. This is well-documented by Palo Alto Networks here.
For my installation, I provisioned an instance in AWS with the following details:
- AMI: ami-09f6caae59175ba13 (Ireland region)
- Instance type: m4.2xlarge
- vCPU: 8
- 500GB SSD
The installer was provided to me by Palo Alto Networks after signing up to request the Community Edition. This installer was a file called demistoserver-6.11-300044.sh.
With my EC2 instance now provisioned, I needed to upload the file provided to my EC2 instance. To do this, I installed gdown. This is a useful tool for downloading files from Google drive. Install gdown on an AWS Linux EC2 instance is simple. Just run sudo pip install gdown.
I used gdown as it provided an easy way for me to download a file from Google drive without worrying about setting up an FTP/SCP server or alternative option. To download the file, I ran the below command on the EC2 instance:
gdown https://drive.google.com/uc?id<file_id_of_google_drive_document>Next run chmod +x demisto.sh to convert the .sh file to an executable.
Execute the .sh file by running the following command: sudo ./demistoserver-6.11-300044.sh .
After running through the installation, I verified the server was running using the command: systemctl status demisto
Once I confirmed the service was running, I was able to access Cortex XSOAR using the server IP address on port 443 as shown below:
