Autopsy User Documentation  4.19.1
Graphical digital forensics platform for The Sleuth Kit and other tools.
Install and Configure ActiveMQ

Overview

ActiveMQ is a messaging service that allows the Autopsy clients to communicate with each other. This allows each client to get real-time updates. This service has minimal storage requirements.

Prerequisites

You will need:

Installation

JRE Installation

Install the Java JRE if needed. You can test this by running where java from the command line. If you see output similar to the results below, you have a JRE.

wherejava.PNG



If you need the JRE, install it with the default settings.

ActiveMQ Installation

  1. Extract the contents of the ActiveMQ archive to a location of your choice, bearing in mind that the files should be in a location where the running process has write permissions. A typical folder choice would be similar to C:\Program Files\apache-activemq-5.13.3. The system may ask for administrator permission to move the folder. Allow it if required.

  2. Open the conf\activemq.xml file in the extracted folder in a text editor and make the following changes:

    • Add "schedulePeriodForDestinationPurge="10000"" to the broker tag then add "gcInactiveDestinations="true" inactiveTimoutBeforeGC="30000"" to the policyEntry tag. This is highlighted in yellow below:

      activeMQ_node_cleanup.png

    • Add "&wireFormat.maxInactivityDuration=0" to the URI for the transportConnector named openwire. This is highlighted in yellow below:

      maxinactivityduration.PNG


  3. Install ActiveMQ as a service by navigating to the folder bin\win64, right-clicking InstallService.bat, clicking Run as administrator, then click Yes.

  4. Start the ActiveMQ service by pressing Start, type services.msc, and press Enter. Find ActiveMQ in the list and press the Start the service link.

  5. ActiveMQ should now be installed and configured using the default credentials.

Testing

To test your installation, you can access the admin pages in your web browser via a URL like this: http://localhost:8161/admin.

The default administrator username is admin with a password of admin and the default regular username is user with a default password of password. You can change these passwords by following the instructions below.

If you can see a page that looks like the following, it confirms that the ActiveMQ service is running locally but it does not necessarily mean that the service is visible to other computers on the network.

activemq.PNG



You can confirm that your ActiveMQ installation is visible to other computers on the network by attempting to connect to a URL like the following (replacing the host name with that of the ActiveMQ computer) in a web browser: http://activemq-computer:61616

If you are unable to connect to this address:

Configuring Authentication

You can optionally add authentication to your ActiveMQ server. The ActiveMQ communications are not encrypted and contain basic messages between the systems about when new data has been found.

The following directions allow you to set up credentials:

  1. Copy and paste the following text to the file "conf\groups.properties", overwriting the text highlighted in yellow in the screenshot below:

    admins=system,sslclient,client,broker1,broker2
    tempDestinationAdmins=system,user,sslclient,client,broker1,broker2
    users=system,user,sslclient,client,broker1,broker2
    guests=guest



    groups.properties.before.PNG


    When complete, the file should look like this:

    groups.properties.after.PNG


  2. Copy and paste the following text to the file "conf\users.properties", overwriting the text highlighted in yellow in the screenshot below:

    system=manager
    user=password
    guest=password
    sslclient=CN=localhost, OU=activemq.org, O=activemq.org, L=LA, ST=CA, C=US



    users.properties.before.PNG


    When complete, the file should look like this:

    users.properties.after.PNG


  3. Copy and paste the following text to the file "conf\activemq.xml", inserting the text at the line shown in yellow in the screenshot below.
         <plugins>
         <jaasAuthenticationPlugin configuration="activemq-domain" />
             <simpleAuthenticationPlugin>
                 <users>
                     <authenticationUser username="system" password="manager" groups="users,admins"/>
                     <authenticationUser username="user" password="password" groups="users"/>
                     <authenticationUser username="guest" password="password" groups="guests"/>
                 </users>
             </simpleAuthenticationPlugin>
         </plugins>
    



insertTextHere.PNG



After insertion, the file should look like the screenshot below, with the inserted portion highlighted in yellow. This is where you can change the username and password for your ActiveMQ setup.

insertedText.PNG



To add a new user or change the password:

  1. Stop the ActiveMQ service by pressing Start, type services.msc, and press Enter. Find ActiveMQ in the list and press the Stop the service link.

    StopActiveMQService.PNG


  2. Edit "conf\activemq.xml" adding the desired line. Both username and password are case sensitive. You will very likely want to keep your new users in the users group.

    newUserAndPassword.PNG


  3. Start the ActiveMQ service by pressing Start, type services.msc, and press Enter. Find ActiveMQ in the list and press the Start the service link.

    StartActiveMQService.PNG


Backing Up

There is nothing to backup for ActiveMQ. It does not store any case-related data in files.


Copyright © 2012-2021 Basis Technology. Generated on Thu Sep 30 2021
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.