Dropzone Connector Installation
Before proceeding, see the Dropzone Connector Overview for more information about when you would require the Dropzone Connector in your environment.
Enabling the Private Network Connector Client
Running the Private Network Connector Client requires a machine that meets the following requirements:
System
has Docker Engine (Docker CE) installed
capable of running x86_64 Linux docker containers
has at least 1 GB of available memory
has at least 1 GB of available disk space
Network
can reach the resources (e.g. splunk) you want available for Dropzone integrations
can connect to your tenant (e.g. https://mycompany.dropzone.app ) on port 8080 via TCP
has access to DNS that can look up your tenant DNS name and internal resources
Availability
is up 24x7
This may be a machine dedicated to this container, or a multi-use resource that meets your security policy.
Henceforth we will call this machine the connector-client-host.
To install the Private Network Connector Client, do the following:
Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.app
Click System > Connectors
On the "Main" connector tile, click "Configure"
The configuration drawer will slide out from the right hand side
Download the Private Network Connector Client docker image by clicking on the link
Upload the Private Network connector Docker image to the connector-client-host, e.g. via
scpLoad the docker image on the connector-client-host
connector-client-host$ sudo docker load -i connector.tar.gz # Or, if sudo is not needed connector-client-host$ docker load -i connector.tar.gzCopy the command in the Dropzone UI and run it on the connector-client-host:
connector-client-host$ sudo docker run --detach --name connector --env OPTIONS='--auth ... # Or if sudo is not needed connector-client-host$ docker run --detach --name connector --env OPTIONS='--auth ...Verify the connector is running by using
docker psconnector-client-host$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS NAMES 1c92972436d9 connector "/app/init" 3 seconds ago Up 2 seconds dropzone-connector-clientClick Close
Refresh the page and you should see that
Mainis now in "Connected" state:
When enabling Data and Alert sources that need on-prem access, be sure to specify this Private Network Connector Client.
Troubleshooting
The following troubleshooting steps may be useful in conjunction with your Dropzone support team.
Restarting the Private Network Connector Container
It is always safe to delete and relaunch the connector, for example if it does not come back properly after a reboot or system failure
$ docker stop connector
$ docker rm connector
$ docker run .... <-- command you got from the Dropzone interfaceTesting Network Path
If the connector fails to connect there could be a network issue or an IPS device that is preventing it from establishing the websocket connection. Running the following from the host where the connector runs can help identify this situation:
# the first part of your tenant hostname, e.g. "mycompany"
# if your tenant is https://mycompany.dropzone.app
$ tenant=mytenant
$ curl --http1.1 -i -N \
-A "Go-http-client/1.1" \
-H "Connection: Upgrade" \
-H "Upgrade: websocket" \
-H "Host: $tenant-connector.dropzone.app:443" \
-H "Sec-WebSocket-Key: AAAAAAAAAAAAAAAAAAAAAA==" \
-H "Sec-WebSocket-Protocol: chisel-v3" \
-H "Sec-WebSocket-Version: 13" \
"https://$tenant-connector.dropzone.app:443"When successful, you should see an HTTP handshake and websocket upgrade like this:
HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: ICX+Yqv66kxgM0FcWaLWlFLwTAI=
SSH-chisel-v3-serverAny device along the path that is interfering will likely provide feedback when this command is run.
Upgrading the Private Network Connector Client
Dropzone updates the connector client infrequently to improve reliability, performance, or security.
Follow these steps to upgrade.
Identify the machine where you are currently running the connector (henceforth called "connector-client-host")
Follow the steps in Enabling the Private Network Connector Client above to but not including running the new container
Download the connector docker image
Copy the image to your connector-client-host
Load the docker image (but do not run it yet)
Log into the connector-client-host (e.g. via
ssh)Permanently stop the old Dropzone connector container
If you followed the default
docker runinstructions then it will be nameddropzone-connector-client, but you may have named it differently
# Verify it not running
$ docker ps | grep dropzone
CONTAINER ID IMAGE COMMAND NAMES
44726f707a6f dropzone-connector "/app/main.py" dropzone-connector-client
# Stop and remove it
$ docker stop dropzone-connector-client
$ docker rm dropzone-connector-client
# Verify it is not running
$ docker ps | grep dropzone
CONTAINER ID IMAGE COMMAND NAMESStart the new connector container by copy/pasting the command from your Dropzone UI
This is described above in Enabling the Private Network Connector Client
If you have any errors engage your Dropzone AI support representative.
Last updated
Was this helpful?