This guide requires that you have installed VAST on Linux.
Please use the official systemd unit file from our VAST repository, unless your Linux distribution ships with a native one.
vast.service provides a
systemd service unit for running VAST as system
service. The service is sandboxed and runs with limited privileges.
Prepare the Host System
Please note that all subsequent commands require
root privileges. The service
requires a user and group called
vast. You can create them as follows.
Make sure that you don't grant any special rights to this user, i.e., do not
sudo or other privileged commands for this user.
Once the user exists, you should create the directory for VAST's persistent data
storage and change the permissions such that it is owned by the new
The systemd unit passes a
file to the VAST process. Make sure that the new user can read the
and change permissions if required.
Before you begin, find the line beginning with
ExecStart= at the very bottom
[Service] section in the unit file. Depending on your installation path
you might need to change the location of the
vast binary and configuration
In case you plan to run a PCAP source directly inside the VAST server process
vast spawn source pcap, you need to make sure that the VAST process gets
the required privileges to listen on the network interfaces.
Then link the unit file to your systemd search path.
To have the service start up automatically with system boot, you can
systemd. Otherwise, just
start it to run it immediately.