As part of this hands-on lab, you will be required to configure HashiCorp logging, and set up log file syncing with a remote server.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Enable HashiCorp Vault Logs
- In the Vault Server, retrieve the vault keys.
- Unseal the vaults.
- Log in with the
Initial Root Token. - Enable logs.
- Access the logs.
- Enable Key-Based SSH Authentication to a Backup Server
- In the Vault Server, generate a new key.
- Copy the new
ssh-rsakey. - In the Client Server, add the key to the
authorized_keysfile. - Save the file.
- Open the
sshd_configfile. - Enable key-based authentication by uncommenting the
PubKeyAuthentication Yesline. - Save the file.
- Apply the changes.
- Use Rsync to Create Log Backups on the Vault Server
In the
Vault Server, make a new directory.Create a test file in the directory.
Populate the file with generic data.
Using
rsync, sync thetestfile between the two servers.In the
Vault Server, configure a trigger for file sync.Add the
cloud_userto theincron.allowfile.Save the file.
Create a directory on the
Clientserver to hold the logs.In the
Vault Server, update the log permissions.In the
Vault Server, create a new job.In the new file, paste the following.
In the
Vault Server, enable akvsecrets engine.In the
Clientserver, run the command to test the setup.Note: You can find the Vault Server domain by running
cat Domain.Generate a GET request and check if the logs have been synced.
