# Platform

{% hint style="warning" %}
To upgrade an existing platform, please refer to [Upgrade section](/manual/implementation/upgrade/platform.md)
{% endhint %}

## Availability

The platform is available exclusively on linux systems:

| Distribution                               |
| ------------------------------------------ |
| RHEL8, Rocky linux 8, AlmaLinux 8          |
| RHEL9, Rocky linux 9, AlmaLinux 9, SLES 15 |
| Debian Bullseye                            |

{% hint style="info" %}
To install Datasentinel on a different Linux system, please reach out to us at [support@datasentinel.io](mailto:support%40datasentinel.io)
{% endhint %}

## License

A license key is required to use Datasentinel.

Obtain a Datasentinel license key:

* Users who want to try Datasentinel can obtain a [60-day Trial Key](/manual/free-trial.md)
* Existing customers can obtain their license key from support: [support@datasentinel.io](mailto:support%40datasentinel.io)

Refer to the documentation for instructions on updating the [Token](/manual/implementation/platform-usage/configuration/license.md) to enable the license key.

## System Requirements

The sizing of the machine (cpus, memory, storage) to be provisioned, will depend on the number of PostgreSQL instances to monitor as well as the data retention chosen.\
\
Default sizing recommendations with a retention of 14 days

<table data-full-width="false"><thead><tr><th width="159">Instances</th><th width="107" data-type="number">CPUs</th><th width="192">Memory</th><th>Storage</th></tr></thead><tbody><tr><td>1 to 10</td><td>4</td><td>8GB</td><td>25GB</td></tr><tr><td>11 to 50</td><td>8</td><td>16GB</td><td>50GB</td></tr><tr><td>51 to 100</td><td>8</td><td>32GB</td><td>75GB</td></tr><tr><td>101 to 200</td><td>16</td><td>64GB</td><td>100G</td></tr><tr><td>>200</td><td>24</td><td>96GB</td><td>150GB</td></tr></tbody></table>

{% hint style="info" %}
We strongly recommend a machine with scale capabilities such as virtual machines
{% endhint %}

For enhanced memory management on a server hosting Datasentinel, it is advised to set the **swappiness** parameter to a value of **1**, or to disable swap entirely.

You can confirm the current value:

```bash
cat /proc/sys/vm/swappiness
```

## Security rules

Here are the firewall settings necessary for **Datasentinel.**\
**NGINX** acts as the main entry point for Datasentinel, handling all incoming connections—both from agents and the user interface (GUI)—over port **443** by default. (can be changed)<br>

{% hint style="danger" %}
**NGINX** communicates locally with other Datasentinel components through their assigned ports.<br>

**IMPORTANT:** **SELinux Requirement**\
For proper operation of all Datasentinel services, SELinux **must be set to&#x20;*****Permissive*****&#x20;or&#x20;*****Disabled*** on the host. Running in *Enforcing* mode can block critical internal traffic and file access, preventing components from starting or communicating.

Refer to [How to configure SELinux](/manual/implementation/troubleshooting/selinux.md)
{% endhint %}

**1. Agent-based mode**

* The listening port of the platform server must be accessible in both directions (PUSH and PULL) from the agents' servers.
* Each agent listens on port **8282** by default (updatable).\
  The platform server must be able to communicate with the agent servers on this port (PUSH and PULL)

**2. Agentless mode**

* The platform connects directly to PostgreSQL instances.\
  The listening port of each PostgreSQL instance must be accessible from the platform

***

## Step-by-Step Installation Instructions

<table><thead><tr><th width="182.33333333333331">Date</th><th>Last available platform version</th><th></th></tr></thead><tbody><tr><td>2026-05-22</td><td><strong>2026.05</strong></td><td><a href="/spaces/PvzN7wvXjseIpii6401f/pages/xSKACgaFjsHdWkvrL7EZ">Release Notes</a></td></tr></tbody></table>

{% stepper %}
{% step %}

### Download

{% hint style="info" %}
The platform is packaged as a single file, **install-datasentinel-platform-<\<OS>>-latest.tar.gz**, which includes all necessary [components](/manual/getting-started/architecture.md#components).
{% endhint %}

<table><thead><tr><th width="259">OS</th><th>File to download</th></tr></thead><tbody><tr><td>RHEL, Rocky Linux, AlmaLinux 8</td><td><a href="https://app.datasentinel.io/ds-api/download/install-datasentinel-platform-rocky8-latest.tar.gz">install-datasentinel-platform-rocky8-latest.tar.gz</a></td></tr><tr><td>RHEL, Rocky Linux, AlmaLinux 9, SLES 15</td><td><a href="https://app.datasentinel.io/ds-api/download/install-datasentinel-platform-rhel9-latest.tar.gz">install-datasentinel-platform-rhel9-latest.tar.gz</a></td></tr><tr><td>Debian Bullseye</td><td><a href="https://app.datasentinel.io/ds-api/download/install-datasentinel-platform-debian-bullseye-latest.tar.gz">install-datasentinel-platform-debian-bullseye-latest.tar.gz</a></td></tr></tbody></table>

*The file size is approximately 690 MB.*

```bash
// Download example with wget
wget https://app.datasentinel.io/ds-api/download/install-datasentinel-platform-rhel9-latest.tar.gz

```

{% endstep %}

{% step %}

### Installation

{% hint style="danger" %}
During installation, you will need to be logged in as the **root** account.\
However, this is the only time this account is required.\
\
After installation, all modules and future updates will be executed using the defined application account.
{% endhint %}

Prior to starting the installation process, it is necessary to install [NGINX](https://www.nginx.com/), as it serves as the initial entry point for Datasentinel.

```bash
// Example
dnf install -y nginx
```

```bash
// Uncompress the downloaded file
tar xvzf install-datasentinel-platform-rhel9-latest.tar.gz
```

Uncompress the downloaded file to create two files:\
`init_datasentinel.sh` and `datasentinel-platform.tar.gz`

{% hint style="info" %}
The application binaries and the database for storing metrics will be installed in the **/datasentinel** directory.\
\
You can choose to pre-create the directory as a symbolic link, file system, or directory, or it will be created during installation.\
Make sure the directory is empty.
{% endhint %}

```bash
// Run the shell script
./init_datasentinel.sh
```

The script executes in less than 2 minutes and performs multiple actions:

* Requests user input for the application username (default is **datasentinel**). The user can be pre-created with bash as the default shell.
* Requests the application listening port (default is **443**)
* Creates the **/datasentinel** directory if it doesn't already exist
* Decompresses **datasentinel-platform.tar.gz** to install all components
* Creates entries in `bash_profile` and `crontab`
* Deploys services for automatic restart
* Starts all components.

{% hint style="info" %}
To install Datasentinel silently, use **`./init_datasentinel.sh -d`**\
Default values will be used
{% endhint %}

At the end of the installation, the platform should be up and running.

{% hint style="danger" %}
The listening port must be opened and accessible.\
Also, be careful with your firewall configuration (**SELinux**, **firewalld**) if any.\
\
**NGINX** is the entry component for **Datasentinel**, listening on port **443** by default for all incoming communications from other servers.\
**NGINX** communicates locally with other components using their designated listening ports. Refer to the configuration file located at `/etc/nginx/conf.d/datasentinel.conf`

\
If a **502** error appears on the graphical interface despite all components being up and running, it’s worth checking the firewall settings, such as **SELinux**
{% endhint %}
{% endstep %}

{% step %}

### SSL certificate

The on-premises platform utilizes a self-signed certificate configured with NGINX.\
The self-signed certificate is located in the **`/etc/nginx/certs`** directory.\
\
If desired, you can replace it with your own certificate. To do so:

* Generate a certificate for the platform machine.
* Replace the existing files **`cert_datasentinel.pem`**&#x61;nd **`key_datasentinel.pem`** with the real certificate
* Restart NGINX or reload it: **`/usr/sbin/nginx -s reload`**

{% hint style="info" %}
The configuration file used by NGINX is `/etc/nginx/conf.d/datasentinel.conf`
{% endhint %}
{% endstep %}

{% step %}

### User interface

Once the installation is complete, access the UI using url and username:

* URL: https\://<\<server\_name>>
* Username: datasentinel

{% hint style="info" %}
The password will be displayed at the end of the installation process
{% endhint %}
{% endstep %}

{% step %}

### License update

To begin using Datasentinel, you must update the license by following the instructions on [how to update the token](/manual/implementation/platform-usage/configuration/license.md).
{% endstep %}
{% endstepper %}

***

## Components

### Architecture

<figure><img src="/files/YvHqZL10Awvv2OHaoRqU" alt=""><figcaption><p>Datasentinel architecture</p></figcaption></figure>

Datasentinel utilizes the following components:

1. Nginx web server
2. Datasentinel [Backend API](/manual/implementation/platform-usage/api-reference.md)
3. Datasentinel dispatcher ([Agentless](/manual/features/other-features/agentless-monitoring.md) feature)
4. Timeseries database InfluxDB
5. Grafana Frontend, which includes a PostgreSQL database and Datasentinel Frontend as a plugin.

{% hint style="info" %}
Each component is restarted automatically with a system service located on **`/usr/lib/systemd/system`**
{% endhint %}

### Management

```bash
// Start All
systemctl start datasentinel_influxdb datasentinel_postgresql datasentinel_grafana datasentinel_backend datasentinel_dispatcher nginx
```

```bash
// Stop All
systemctl stop datasentinel_influxdb datasentinel_postgresql datasentinel_grafana datasentinel_backend datasentinel_dispatcher nginx
```

```bash
// Component status
systemctl -l | egrep -i "datasentinel_|nginx"
```

{% hint style="info" %}
An alias is available when connected as **datasentinel** to check the availability of all components
{% endhint %}

```bash
// alias
status_datasentinel
```

```
// Output
datasentinel_backend.service                                       loaded active running   Datasentinel backend APIs
datasentinel_dispatcher.service                                    loaded active running   Datasentinel dispatcher
datasentinel_influxdb.service                                      loaded active running   InfluxDB service
datasentinel_grafana.service                                       loaded active running   Grafana daemon
datasentinel_postgresql.service                                    loaded active running   PostgreSQL 10 database server
nginx.service                                                      loaded active running   The nginx HTTP and reverse proxy server

```

### Status Check via the API

Another method to check the status of the platform is by querying its API using the following curl command

```bash
// curl
curl -k https://localhost/ds-api/
```

```json
// output
{
"status": "OK",
"message": "Datasentinel Backend up and running",
"datasentinel_version": "2023.05",
"services": [
   {
      "name": "nginx",
      "description": "Nginx web server",
      "running": true
   },
   {
      "name": "datasentinel_grafana",
      "description": "Grafana frontend",
      "running": true
   },
   {
      "name": "datasentinel_postgresql",
      "description": "PostgreSQL instance",
      "running": true
   },
   {
      "name": "datasentinel_backend",
      "description": "Backend service and API",
      "running": true
   },
   {
      "name": "datasentinel_dispatcher",
      "description": "Agentless service",
      "running": true
   },
   {
      "name": "datasentinel_influxdb",
      "description": "Influxdb database",
      "running": true
   }
]
}

```

## Installation demo

{% @arcade/embed url="<https://app.arcade.software/share/dDPOjW1F89lyWobC5g9T>" flowId="dDPOjW1F89lyWobC5g9T" %}

## Log files

Datasentinel generates logs, which are located in the `/datasentinel/log` directory, except for the NGINX log file

<table><thead><tr><th width="370">Log file</th><th>Information</th></tr></thead><tbody><tr><td><code>/var/log/https_datasentinel.log</code></td><td>Nginx log access (by default, access log is <strong>off</strong>)</td></tr><tr><td><code>datasentinel.log</code></td><td>Backend log file</td></tr><tr><td><code>dispatcher.log</code></td><td>Agentless feature log file</td></tr><tr><td><code>alerting.log</code></td><td>Alerting and Notification log file</td></tr><tr><td><code>scheduler.log</code></td><td>Scheduler log file</td></tr><tr><td><code>backend_to_influx.log</code></td><td>Log data copied to influxdb database in case of errors</td></tr><tr><td><code>grafana.log</code></td><td>Grafana log access</td></tr></tbody></table>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.datasentinel.io/manual/getting-started/installation/platform.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.