Dropzone Connector Installation

Enabling the Private Network Connector Client

Running the Private Network Connector Client requires a machine that meets the following requirements:

  • System

    • has Docker Engine (Docker CE) installed

    • capable of running x86_64 Linux docker containers

    • has at least 1 GB of available memory

    • has at least 1 GB of available disk space

  • Network

    • can reach the resources (e.g. splunk) you want available for Dropzone integrations

    • can connect to your tenant (e.g. https://mycompany.dropzone.app ) on port 8080 via TCP

    • has access to DNS that can look up your tenant DNS name and internal resources

  • Availability

    • is up 24x7

This may be a machine dedicated to this container, or a multi-use resource that meets your security policy.

Henceforth we will call this machine the connector-client-host.

To install the Private Network Connector Client, do the following:

  • Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.app

  • Click System > Connectors

System > Connectors Dropdown
  • On the "Main" connector tile, click "Configure"

"Main" Connector Tile
  • The configuration drawer will slide out from the right hand side

"Main" Connector Configuration
  • Download the Private Network Connector Client docker image by clicking on the link

  • Upload the Private Network connector Docker image to the connector-client-host, e.g. via scp

  • Load the docker image on the connector-client-host

    connector-client-host$ sudo docker load -i connector.tar.gz
    
    # Or, if sudo is not needed
    connector-client-host$ docker load -i connector.tar.gz
  • Copy the command in the Dropzone UI and run it on the connector-client-host:

    connector-client-host$ sudo docker run --detach --name connector --env OPTIONS='--auth ...
    
    # Or if sudo is not needed
    connector-client-host$ docker run --detach --name connector --env OPTIONS='--auth ...
  • Verify the connector is running by using docker ps

    connector-client-host$ docker ps
    CONTAINER ID IMAGE     COMMAND      CREATED         STATUS       NAMES
    1c92972436d9 connector "/app/init"  3 seconds ago   Up 2 seconds dropzone-connector-client
  • Click Close

  • Refresh the page and you should see that Main is now in "Connected" state:

Main Now Connected

When enabling Data and Alert sources that need on-prem access, be sure to specify this Private Network Connector Client.

Troubleshooting

The following troubleshooting steps may be useful in conjunction with your Dropzone support team.

Restarting the Private Network Connector Container

It is always safe to delete and relaunch the connector, for example if it does not come back properly after a reboot or system failure

$ docker stop connector
$ docker rm connector
$ docker run ....    <-- command you got from the Dropzone interface

Testing Network Path

If the connector fails to connect there could be a network issue or an IPS device that is preventing it from establishing the websocket connection. Running the following from the host where the connector runs can help identify this situation:

# the first part of your tenant hostname, e.g. "mycompany"
# if your tenant is https://mycompany.dropzone.app
$ tenant=mytenant

$ curl --http1.1 -i -N \
    -H "Connection: Upgrade" \
    -H "Upgrade: websocket" \
    -H "Host: $tenant-connector.dropzone.app:443" \
    -H "Sec-WebSocket-Key: AAAAAAAAAAAAAAAAAAAAAA==" \
    -H "Sec-WebSocket-Protocol: chisel-v3" \
    -H "Sec-WebSocket-Version: 13" \
    "https://$tenant-connector.dropzone.app:443"

When successful, you should see an HTTP handshake and websocket upgrade like this:

HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: ICX+Yqv66kxgM0FcWaLWlFLwTAI=

SSH-chisel-v3-server

Any device along the path that is interfering will likely provide feedback when this command is run.

Upgrading the Private Network Connector Client

Dropzone updates the connector client infrequently to improve reliability, performance, or security.

Follow these steps to upgrade.

  • Identify the machine where you are currently running the connector (henceforth called "connector-client-host")

  • Follow the steps in Enabling the Private Network Connector Client above to but not including running the new container

    • Download the connector docker image

    • Copy the image to your connector-client-host

    • Load the docker image (but do not run it yet)

  • Log into the connector-client-host (e.g. via ssh)

  • Permanently stop the old Dropzone connector container

    • If you followed the default docker run instructions then it will be named dropzone-connector-client, but you may have named it differently

# Verify it not running
$ docker ps | grep dropzone
CONTAINER ID  IMAGE                COMMAND          NAMES
44726f707a6f  dropzone-connector   "/app/main.py"   dropzone-connector-client

# Stop and remove it
$ docker stop dropzone-connector-client
$ docker rm dropzone-connector-client

# Verify it is not running
$ docker ps | grep dropzone
CONTAINER ID  IMAGE                COMMAND          NAMES

If you have any errors engage your Dropzone AI support representative.

Last updated

Was this helpful?