Skip to main content



NOTE: All the commands in this section need to be executed as root

As of version {revnumber}, {ta} is only supported on CentOS/Redhat 7.0. Support for CentOS/RedHat 8.0 is planned for the future.

The main {ta} dependencies are:

  • a web server like Nginx
  • a firewall such as firewalld
  • the Clickhouse database
  • (optional) The MaxMind geolocation database:
  • (optional) OpenSSL for key generation

== Installing pre-requisites

=== Installing Nginx include::../common/install_nginx.adoc[]

=== Installing firewalld include::../common/install_firewalld.adoc[]

=== Installing Clickhouse

Following the guide at link:[], we can install Clickhouse with the following steps. NOTE: Use Clickhouse v20.3.8.53 or later.

We firsts install dependencies:

yum install –y pygpgme yum-utilshere

then create the file /etc/yum.repos.d/altinity_clickhouse.repo with the content:

[altinity_clickhouse] name=altinity_clickhouse baseurl=$basearch repo_gpgcheck=1 gpgcheck=0 enabled=1 gpgkey= sslverify=1 sslcacert=/etc/pki/tls/certs/ca-bundle.crt metadata_expire=300

[altinity_clickhouse-source] name=altinity_clickhouse-source baseurl= repo_gpgcheck=1 gpgcheck=0 enabled=1 gpgkey= sslverify=1 sslcacert=/etc/pki/tls/certs/ca-bundle.crt


We then finish the installation:

Enable the repository

yum –q makecache –y --disablerepo’*’ --enablerepo=’altinity_clickhouse’

Install clickhouse client and server

yum install –y clickhouse-server clickhouse-client

We need to make sure Clickhouse server is started and enabled:

systemctl start clickhouse-server

systemctl enable clickhouse-server

You can verify that the installation is correct with:


:) show databases

You should see the clickhouse client starting and then displaying database information.

=== Downloading MaxMind GeoIP2 geolocation library

The MaxMind geolocation library allows matching of IP addresses to locations. {ta} can use this library to enhance the information it displays.

Due to licensing issues, you need to register and download the database yourself from link:[]

For the installation instructions of {ta}, we will asume that the file /root/GeoLite2-City_20200505.tar.gz exists. The exact file name will depend on the version you download.

TIP: Note the download path down so that you can correctly use it in the installation of {ta} steps.

== Installing {ta}

{tc} is made available in the form of RPMs for CentOS/RedHat 7.0. The latest version is available from link:{ta-dir}{ta-file}[]

Installation consists simply of downloading and installing the RPM.


Grab the {ta} RPM

wget {ta-dir}{ta-file}


yum -y install {ta-file}

We now create directory structure where {ta} files will be placed

mkdir -p /var/lib/tiaudit

and place the GeoIP2 database in it, if desired

cp /var/lib/tiaudit

tar -xzvf /root/GeoLite2-City_20200505.tar.gz

and then fix the permissions

chown -R tiaudit:tiaudit /var/lib/tiaudit/

The two services comprising the {ta} system need to be enabled:

systemctl enable tiaudit

systemctl enable tiaudit-logger