Configuration Cnode


  • Open the solution web start page by typing https://hostname or IP address of the Cnode in a browser. Via the page, you can get access to Alertflex management console and admin UI for ActiveMQ, MISP.

For login to Alertflex management console use default user admin and password, that was set in file.

  • In the management console, please select “Settings/Project/Edit/Scope” (the panel must be open automatically) and accept “Licence Agreement” and enable “Alerts Management” by enabling the checkbox and press the button ``save`.

  • Download SSL certificate for Alertlex collector (altprobe).

  • Copy value of parameter Project-ref, it also will be required during the installation of Alertflex collector.

  • If you plan to collect statistics for collector nodes and Suricata IDS, change time intervals for these types of statistics. In case parameters equal 0, statistics will not be saved (Note: only for node and net).

  • For enabling of MISP feeds, login to MISP admin console via solution start web page (default user admin@admin.test, password admin).

  • In Alertflex management console open “Settings/Integrations/CTI” panel and select checkbox “Enable IOC check”

  • Reboot Linux system or restart Payara server (see paragraph “Troubleshooting” below how to restart Payara AS)

  • Now, Central node should be ready for service and you can start the installation of collectors (altprobe)

Increase AS Payara JVM heap size

By default, Payara Application server uses 512 MB of memory for JVM heap. This size of memory isn’t enough for the deployment of Alertflex, therefore the install script changes a JVM heap to 3 Gb memory. If your computer/virtual machine has more than 8 Gb memory, you can change JVM heap size by next commands:

sudo $GLASSFISH_PATH/bin/asadmin delete-jvm-options '-Xms512m'
sudo $GLASSFISH_PATH/bin/asadmin delete-jvm-options '-Xmx512m'
sudo $GLASSFISH_PATH/bin/asadmin create-jvm-options '-Xms3g'
sudo $GLASSFISH_PATH/bin/asadmin create-jvm-options '-Xmx3g'


  • Open ActiveMQ console https://hostname or IP address of cnode/admin (default user admin, password was set in file).

  • Check messages in Queues panel, the amount of Messages Enqueued should be equal to the amount Messages Dequeued.

  • Restart Payara server if required

sudo /etc/init.d/payara_domain1 restart
  • Check Payara server logs

/opt/payara5/glassfish/domains/domain1/logs$ tail -f server.log