How-To Articles

OpenCTI Turnkey VirtualBox OVA available!

Daniel Bender

2 min read
OpenCTI Turnkey VirtualBox OVA available!
Getting started with OpenCTI CE could not be easier!

This is a Big Update!

I made it even easier to get started with OpenCTI, so I created a fully turnkey ready to go VirtualBox VM OVA, with Host OS, Docker and OpenCTI 6.1.10 configured and installed! This will get you going quick with your own up to date OpenCTI instance with the most popular connectors!

The VM is loaded with Ubuntu 23.04 Server, no GUI, to keep overhead low. The newest version of Docker and Docker Compose are installed, and OpenCTI 6.1.10 setup and running automatically, with all containers set to restart always. Once booted up, it will start to pull down more data soon as it is launched.

When you import the OVA template file, the defaults should be set to 4vcpu and 16GB of RAM. The current memory limits of Redis, and Elastic and Node is optimized for this configuration. I would't really recommend running OpenCTI with anything less than this. If you absolutely have to trim the resources, maybe try 12GB and 4vcpu, anything less and it is going to eventually start choking bad when it ingests enough data!

The username and password for the root user of Ubuntu are both "opencti". The login creds for the OpenCTI admin, is "opencti@opencti.com" and the password "opencti". The VM is set by default to use a bridged adapter and DHCP. To find your IP address, pop a shell, then do an "ip a" command. Then visit the OpenCTI main login portal screen @ http://YOUR-IP:8080 .

For more details and instructions for modification and changes, as well as info on uncommenting additional connector configurations in the Docker-Compose.yml. Go to the "/home/opencti/openctihome sub-folder and read the "howto.txt" file for more documentation. Once you get a few API keys for the disabled connectors, you can un-comment the subsections to activate them.

My preferred recommended way would be to look through the existing docker-compose.yml file in the /home/opencti/openctihome folder. Look at the commented sections, decide which ones you want an API key for. Sign up and get the keys. Then Perform the following steps in this order.

NOTE: The default user "opencti" is part of the docker users group, so no sudo is required for any docker commands.

  1. From within the /home/opencti/openctihome folder, issue command "docker compose down"
  2. Edit the docker-compose.yml and uncomment the sections you want. Enter the API key in the section where it says something like "ENTERAPIKEYHERE", then save the file.
  3. Lastly simply issue command "docker compose up -d"

Click below to download the OVA file fast from one of our servers, Enjoy!

OpenCTI 6.1.10 Turnkey OVA Download