Installation on Windows systems

This section describes the process of installing Kaspersky CyberTrace on Windows systems.

After installation, make sure that only users with administrator rights have access to the folder where Kaspersky CyberTrace is installed.

Installation of Kaspersky CyberTrace results in creating two services in the operating system:

• cybertrace-elasticsearch (service related to operation of the indicators database)
• cybertrace (product main service)

We also recommend that you install and run anti-virus software before installing Kaspersky CyberTrace.

Installation methods

On Windows systems, you can install Kaspersky CyberTrace by running an executable installer. During the installation process, the installer generates certificates for Kaspersky CyberTrace Web and configures the Elasticsearch indicator database.

To install Kaspersky CyberTrace by using an executable installer:

1. Make sure that the computer you plan to use for running Kaspersky CyberTrace Service meets the hardware and software requirements.
2. Make sure that the computer can send events to the computer on which a SIEM system is installed and can receive events from the SIEM computer.
3. Run the .exe file of the executable installer.

   You must run the executable installer from the Administrator account.

   As an option, you can specify the /accepteula parameter when you run the .exe file. In this case, the installer performs the installation without requiring any input. You can use this option only if you have read and accepted the End User License Agreement (EULA). A document with the End User License Agreement (EULA) is provided in the Distribution kit. We do not recommend installing Kaspersky CyberTrace by using this option.

4. Accept the End User License Agreement (EULA).

   If you continue the installation, Kaspersky CyberTrace is installed to C:\Program Files\Kaspersky Lab\Kaspersky CyberTrace. This folder is called %service_dir% in this document.

5. Kaspersky CyberTrace Web will be launched. The check box and the link to Kaspersky CyberTrace Web will be displayed:
   • By default, you will be directed to the Kaspersky CyberTrace Web page after installation. Clear this check box if you do not want to go to the web user interface.
   • Click the Kaspersky CyberTrace documentation link to find the credentials that are used to log in to Kaspersky CyberTrace Web.

To configure Kaspersky CyberTrace after it is installed:

1. Perform the post-installation configuration by using the Initial Setup Wizard.
2. Verify that everything is in working order. See subsection "Checking that the components of Kaspersky CyberTrace are running" below.

Checking that the components of Kaspersky CyberTrace are running

Ensure that the service is running using the Service Control Manager (SCM) and the following command:

sc query cybertrace

For details, see section "Managing Kaspersky CyberTrace Service using the SCM (Windows)".

Page top