The following procedure describes how to install Chronicle SOAR in scale mode (multi-node deployment):

  1. Decide on your preferred deployment type:
    1. 2 Node Deployment – All-in-one node (with database on it) + DPU node
    2. 3 Node Deployment – All-in-one node + DPU node + DB node (external database)
  2. Prepare the machines required for the deployment following this guide.
  3. Copy the installer file to all the machines you prepared
  4. Prepare a dedicated shared folder (address, username, password)
  5. Follow the provided deployment steps:

Node Deployment

  1. Install the AIO node on the dedicated machine by executing the following commands:
    sudo chmod +x siemplify_installer.sh
    sudo bash siemplify_installer.sh -m dpu -ii [app_ip] -di [db_ip] -su [username] -sp [password] -cid [customer_id]
  2. Wait for the installation to complete
  3. Copy your customer ID from: /opt/siemplify/siemplify_server/bin/Siemplify.customer
  4. Now install the DPU node on the dedicated machine by executing the following commands:
    sudo chmod +x siemplify_installer.sh
    sudo bash siemplify_installer.sh -m app -di [db_ip] -su [username] -sp [password]
  5. Wait for the installation to complete and access Chronicle SOAR to start working

Node Deployment

  1. Install the DB node on the dedicated machine by executing the following commands:
    sudo chmod +x siemplify_installer.sh
    sudo bash siemplify_installer.sh -m db
  2. Wait for the installation to complete
  3. Install the APP node on the dedicated machine by executing the following commands:
    sudo chmod +x siemplify_installer.sh
    sudo bash siemplify_installer.sh -m app -di [db_ip] -su [username] -sp [password]
  4. Wait for the installation to complete
  5. Copy your customer ID from: /opt/siemplify/siemplify_server/bin/Siemplify.customer
  6. Now install the DPU node on the dedicated machine by executing the following commands:
    sudo chmod +x siemplify_installer.sh
    sudo bash siemplify_installer.sh -m app -di [db_ip] -su [username] -sp [password]
  7. Wait for the installation to complete and access Chronicle SOAR to start working.