This is a Quick Install guide for the Environment Variables and Updating the Bash_Profile for Linux
Linux
VERSION DISCLAIMER: <DLPversion> = 15.8 or 16.0 or 16.0.1 |
Profile to Modify:
~/.bash_profile - Use this profile to modify the user specific profile
- To modify this profile, simply open the file in the editor of your choice (nano ~/.bash_profile).
nano ~/.bash_profile
Note: If you are setting up this profile on an Oracle Server or Enforce Server, this profile should be setup under the Service User Account ("Protect" is the default Service User Account).
First I recommend setting up some basic OS commands which will make opening and reloading the profile easier. If you prefer vi, feel free to use that in your command instead of nano as seen below.
# OS Commands
alias editprofile='nano ~/.bash_profile'
alias reloadprofile='source ~/.bash_profile'
After saving the profile the first time you will need to manually reload the profile using "source ~/.bash_profile". Next time you wish to edit the profile you can now simply enter "editprofile" in the command line and it will automatically pull up the file. I show "nano" as the editor in the above command, but you can use any text editor such as "vi" if preferred. After any changes are made to the profile, you need to reload the profile before they take effect. With these commands setup you can now simply enter "reloadprofile" and it will reload the profile for you and your commands are now immediately ready to be executed (Note that the first time "source ~/.bash_profile" will need to be run manually).
Next, we recommend exporting your environment variables as seen below...
# Oracle Environment Variables
export ORACLE_HOME=/opt/oracle/product/<ORACLEversion>/db_1
export PATH=$ORACLE_HOME/bin:$PATH
export ORACLE_SID=protect
# Enforce Environment Variables
export JAVA_HOME=/opt/AdoptOpenJRE/<JREversion>
export ORACLE_HOME=/opt/oracle/product/<ORACLEversion>/client_1
export ORACLE_SID=protect
export LD_LIBRARY_PATH=$ORACLE_HOME/lib
export PATH=$JAVA_HOME/bin:$ORACLE_HOME/bin:$PATH:$HOME/bin
# Detection Environment Variables
export JAVA_HOME=/opt/AdoptOpenJRE/<JREversion>
export PATH=$JAVA_HOME/bin:$PATH:$HOME/bin
ORACLE_HOME: Required for Enforce
ORACLE_SID: Optional for Enforce
LD_LIBRARY_PATH: Optional for Enforce
JAVA_HOME: Not required, but recommended for both Enforce and Detection
PATH: Required for both Enforce and Detection
The next series of items are specifically related to DLP, and may need to be adjusted for the version you are on. Please note that the below information is using default pathing. If you used '--relocate' on your installation for custom pathing, these paths will need to be updated to reflect the custom pathing that you used.
# DLP Enforce Paths
alias dlpinstallers='cd /DLPInstallers'
alias dlphome='cd /opt/Symantec/DataLossPrevention/EnforceServer/<DLPversion>/Protect'
alias dlpconfig='cd /opt/Symantec/DataLossPrevention/EnforceServer/<DLPversion>/Protect/config'
alias dlptomcat='cd /opt/Symantec/DataLossPrevention/EnforceServer/<DLPversion>/Protect/tomcat'
alias dlplogs='cd /var/log/Symantec/DataLossPrevention/EnforceServer/<DLPversion>'
alias dlpincidents='cd /var/Symantec/DataLossPrevention/ServerPlatformCommon/<DLPversion>/incidents'
alias dlpkeystore='cd /var/Symantec/DataLossPrevention/EnforceServer/<DLPversion>/keystore'
alias dlplicense='cd /var/Symantec/DataLossPrevention/EnforceServer/<DLPversion>/license'
# DLP Detection Paths
alias dlpinstallers='cd /DLPInstallers'
alias dlphome='cd /opt/Symantec/DataLossPrevention/DetectionServer/<DLPversion>/Protect'
alias dlpconfig='cd /opt/Symantec/DataLossPrevention/DetectionServer/<DLPversion>/Protect/config'
alias dlplogs='cd /var/log/Symantec/DataLossPrevention/DetectionServer/<DLPversion>'
alias dlpincidents='cd /var/Symantec/DataLossPrevention/ServerPlatformCommon/<DLPversion>/incidents'
alias dlpkeystore='cd /var/Symantec/DataLossPrevention/DetectionServer/<DLPversion>/keystore'
alias dlpdrop='cd /var/spool/Symantec/DataLossPrevention/DetectionServer/<DLPversion>/drop'
These are commonly accessed locations, that you can now simply call by keyword instead of having to remember specific paths. 'dlpinstallers' is the temporary location where I downloaded all of the installer packages when preparing to install or upgrade my environment. This helps make the installation and upgrade process a little easier. Entering 'dlphome' will take you to the protect directory, or you can use 'dlpconfig' to take you straight to the config directory, etc... As you can see many of these paths are version specific, after an upgrade, simply update these paths as necessary so they are pointing to the correct version. Feel free to add, remove, or modify these to fit you and your environment.
Here we can see that a simple key command will send us to completely different locations, making it much easier to navigate where you need within DLP.
The next set of alias's are for the services, to make checking, stopping, starting, and restarting the services much easier to work with. No need to manually stop/start services, or to run a script, simply call the necessary command...
# Enforce Service Commands
alias dlpservices='service --status-all | grep Symantec\ DLP'
alias dlpstop='service SymantecDLPDetectionServerControllerService stop;service SymantecDLPIncidentPersisterService stop;service SymantecDLPManagerService stop;service SymantecDLPNotifierService stop'
alias dlpstart='service SymantecDLPNotifierService start;service SymantecDLPManagerService start;service SymantecDLPIncidentPersisterService start;service SymantecDLPDetectionServerControllerService start'
alias dlprestart='service SymantecDLPNotifierService restart;service SymantecDLPManagerService restart;service SymantecDLPIncidentPersisterService restart;service SymantecDLPDetectionServerControllerService restart'
# Detection Service Commands
alias dlpservices='service --status-all | grep Symantec\ DLP'
alias dlprestart='service SymantecDLPDetectionServerService restart'
alias dlpstop='service SymantecDLPDetectionServerService stop'
alias dlpstart='service SymantecDLPDetectionServerService start'
The first thing to note is that these commands should work for any version 15.5 and later.
'dlpservices' will show you the current status of the DLP Services...
'dlpstop' will obviously stop all of the services in the correct order...
'dlpstart' will start all services in the correct order...
'dlprestart' will restart all of the services...
Below is a screenshot of the ~/.bash_profile from one of my labs to show you an example of what this might look like...