InsightCloudSec Docs

Welcome to the InsightCloudSec Docs!

InsightCloudSec by Rapid7 (formerly DivvyCloud) is a Cloud-Native Security Platform that provides real-time analysis and automated remediation for continuous security and compliance for your multi-cloud environment.

For questions reach out to us through [email protected].

Take Me to the Docs!    Release Notes

Increase MySQL Max Packet Size

Instructions for Increasing the InsightCloudSec Internal Database Max Packet Size

📘

Value Names (DivvyCloud vs. InsightCloudSec)

Some components use our former product name (DivvyCloud vs. InsightCloudSec). Updates to the naming of these components will be communicated when changes are made, but note that the name difference does not affect functionality within the product.

Overview

The following page provides instructions on the process of updating the RDS parameter value for max_allowed_packet to 64Mb (67108864) using three options: Terraform, CloudFormation, and the AWS Console. These details are offered for scenarios where the default value is not big enough for certain queries InsightCloudSec sends to RDS.

Note: The content/steps provided on this page apply to self-hosted customers. For hosted customers we recommend that you contact your CSM or [email protected] with any questions or concerns.

Updating RDS via Terraform

The following are the steps required to update the RDS parameter value for max_allowed_packet to 64Mb using Terraform.

1. Starting from the cloned or copied directory containing the Terraform deployment templates, locate the file DivvyCloud-AWS-Fargate-v1.4.

In the defined parameters section show below:

resource "aws_db_parameter_group" "DivvyCloud-RDS-SlowQuery-PG" {
  name   = "divvycloud-slow-query-pg"
  family = "mysql5.7"

  parameter {
    name  = "log_output"
    value = "FILE"
  }

  parameter {
    name  = "slow_query_log"
    value = "1"
  }
}

2. Update the parameters to include the following. (This changes the max_allowed_packet parameter to 64Mb (67108864).

resource "aws_db_parameter_group" "DivvyCloud-RDS-SlowQuery-PG" {
  name   = "divvycloud-slow-query-pg"
  family = "mysql5.7"

  parameter {
    name  = "log_output"
    value = "FILE"
  }

  parameter {
    name  = "slow_query_log"
    value = "1"
  }
}
parameter {
   name = "max_allowed_packet"
   value = "67108864"
  }
}

3. Save the file after making these updates and run your Terraform plan to apply.

Updating RDS via CloudFormation

The following are the steps required to update the RDS parameter value for max_allowed_packet to 64Mb using CloudFormation.

1. From the InsightCloudSec directory containing the CFT deployment templates (which should be similar to the example). Navigate to the desired deployment: ec2-docker or ecs-fargate

2. Locate and select the DivvyCloud-AWS-Data-v1.4-CFT.yaml file.

3. In the Parameters section of the Metadata:

  • Define a new Parameter group DivvyRDSDBParameterGroup with the value for the max_allowed_packet defined, as shown in the Example YAML file below.
DivvyRDSDBParameterGroup:
    Type: "AWS::RDS::DBParameterGroup"
    Condition: CreateRDS
    Properties:
      Description: "DivvyCloud MySQL Parameters"
      Family: MySQL5.7
      Parameters:
        slow_query_log: 1
        log_output: FILE
        max_allowed_packet: 67108864
      Tags:
      - Key: Name
        Value: 'divvycloud-slow-query-pg'
  ParameterCreateRDSYN:
    AllowedValues:
    - 'yes'
    - 'no'
    ConstraintDescription: Must be yes or no
    Default: 'yes'
    Type: String
  ParameterExistingRDSInstance:
    ConstraintDescription: Must be valid endpoint
    Default: divvycloud-mysql.xxxxxxxxxxxx.us-east-1.rds.amazonaws.com
    Type: String
  ParameterUseDBSnapshotYN:
    AllowedValues:
    - 'yes'
    - 'no'
    ConstraintDescription: Must be yes or no
    Default: 'no'
    Type: String
  ParameterDBSnapshotName:
    ConstraintDescription: Must be valid snapshot name (not ARN)
    Default: rds:divvycloud-mysql-1970-01-01-00-00
    Type: String
  ParameterExistingRDSUser:
    Default: divvy
    Description: Enter your username for the database.
    Type: String

4. Save the file and apply it to your Cloud Formation deployment.

Updating with the AWS Console

The following are the steps required to update the RDS parameter value for max_allowed_packet to 64Mb using the AWS Console.

1. Log into your AWS console and using search locate and bring up the main RDS page.

2. From the AWS RDS landing page select "Parameter groups" from the left-hand navigation menu.

AWS Console - RDS Landing Page to Select Parameter groups.AWS Console - RDS Landing Page to Select Parameter groups.

AWS Console - RDS Landing Page to Select Parameter groups.

3. Locate the Parameter group associated with RDS (It will typically be named the same as the RDS Database). Click on the parameter group that corresponds with the DB name.

Select RDS Parameter GroupSelect RDS Parameter Group

Select RDS Parameter Group

4. From the Parameter group, use the search box to locate the max_allowed_packet parameter.

5. Check the box located to the left of the name of the max_allowed_packet parameter and select the enabled "Edit parameters" button.

RDS - Edit ParameterRDS - Edit Parameter

RDS - Edit Parameter

6. Update the new value for the max_allowed_packet parameter to "67108864".

7. Click "Save" to update your parameter. After saving, click on databases, and select the database associated with the updated parameter.

8. After selecting the database, click on the "Configuration" tab to view the database configuration details.

9. Verify under "Instance -> Configuration -> Parameter Group", the database should have a pending-reboot status.

Verify Status (example shows In-Sync, look for "Pending Reboot")Verify Status (example shows In-Sync, look for "Pending Reboot")

Verify Status (example shows In-Sync, look for "Pending Reboot")

10. Reboot the server to apply all the changes by selecting "Actions --> Reboot" from the top right corner.

  • Afterwards the status of the Database should now reflect a state of In-sync

11. To verify the value has been modified using mysql shell, login to mysql with your username, password, and database name and run the mysql -h RDS-ENDPOINT-HERE -u username -p.

  • Once logged in, from the mysql prompt, run the following commands:
    • mysql> SHOW VARIABLES LIKE 'max_allowed_packet'

This should display the recently modified value.

Updated 11 days ago

Increase MySQL Max Packet Size


Instructions for Increasing the InsightCloudSec Internal Database Max Packet Size

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.