Installing SpectX Server¶

Note

After downloading the installation package decompress its contents and start the server process. Then open a web browser and navigate to the SpectX web graphic user interface (http://127.0.0.1:8388/ by default).

Advanced settings such as how to configure listening port, access to local filesystem, geoip databases, cache policies and logging are covered in configuration section.

Where to deploy SpectX

SpectX processing times are primarily determined by the bandwidth of the network connection to the data that it is querying. Generally speaking, users should deploy SpectX in the same environment as the data that they wish to query.

This means that for locally stored data SpectX should be deployed on the host server. For cloud-stored data, SpectX should be deployed in the cloud, so if the majority of an organization’s logs are stored in S3 then SpectX should be deployed in AWS.

When a significant part of the queried data is stored at in-premise servers then SpectX should be deployed in the network allowing the best bandwidth to those servers.

When querying data from multiple locations it is best to deploy SpectX as close to the largest data store possible. To mitigate some of the effects of network lag enable local caching for data stores with poor network connections.