Installation
Browsermon Install
Browsermon Enterprise Version runs in a client-server model, where Browsermon Controller(s) run on all enterprise endpoints for local browser history log collection. Whereas a central Browsermon Watchdog server is installed to perform health checking and distributed management of all Browsermon controllers installed endpoints.
Important: For optimal continuity, maintain the same logdir path as used in previous versions. This ensures the new version will resume log processing from the last recorded position.
Windows
- Download the latest release of Browsermon Private based on your system architecture and extract the files.
- Populate the
browsermon.conffile with the required parameters. - Open the Administrative PowerShell in the Browsermon Private directory and execute the following command to install:
Set-ExecutionPolicy RemoteSigned -Force ; .\win_install.ps1 - Verify the installation by checking the Browsermon service in the Windows service manager to ensure it is installed and functioning correctly.
- Configure your
watchdog_ipandwatchdog_portin the Browsermon Config filebrowsermon.confto integrate Watchdog.
Linux
- Download the latest release of Browsermon Private from GitHub according to your architecture and extract the files.
- Populate the
browsermon.conffile with the necessary parameters. - Open the terminal in the Browsermon Private directory and run the following command:
sudo ./linux_install.sh - Run
systemctl status browsermonto check the status of your service. - Configure your
watchdog_ipandwatchdog_portin the Browsermon Config filebrowsermon.confto integrate Watchdog.
TLS Certificate Verification
BrowserMon can verify TLS server certificates presented by the Watchdog, Kafka, and Elasticsearch services against a shared CA bundle. This is controlled by the verify_certs flag.
Note: The values shipped in
browsermon.confare fall-back defaults and should not be edited directly. To change any of the settings below, uncomment the matching key inbrowsermon-local.confand set your value there — options in that file take the highest precedence.
CA bundle location
Place your CA certificate at <install_dir>/ca.crt:
- Linux / macOS:
/opt/browsermon/ca.crt - Windows:
C:\browsermon\ca.crt
The same ca.crt is used by all three integrations (Watchdog license POST, Kafka SASL_SSL, Elasticsearch). It must be readable by the BrowserMon service user.
Enable verification
Uncomment and set the following in browsermon-local.conf:
verify_certs=true
When verify_certs=true, BrowserMon loads <install_dir>/ca.crt and rejects any server whose certificate chain does not validate against it. If the file is missing or unreadable, BrowserMon will fail to start with a clear error — either drop the CA bundle in place or set verify_certs=false.
When verify_certs=false (the default), TLS is still negotiated but the server certificate chain is not validated.
Kafka SASL credentials
Kafka transport uses SASL_SSL with PLAIN-style credentials. Uncomment and set these in browsermon-local.conf to match the broker's JAAS configuration:
kafka_username=browsermon
kafka_password=browsermon
Compatibility Matrix
| Watchdog v2.x | Watchdog v3.x | Watchdog v4.x | |
|---|---|---|---|
| BrowserMon v2.x | ✅ | ✅ | ✅ |
| BrowserMon v3.x | ❌ | ✅ | ✅ |
| BrowserMon v4.x | ❌ | ✅* | ✅* |
Note: BrowserMon releases newer than 4.1.0 (4.1.1 and later) are only compatible with Watchdog 4.1.0 or newer. Compatibility of BrowserMon v4.x with Watchdog v3.x applies to BrowserMon 4.1.0 and earlier only. When upgrading BrowserMon beyond 4.1.0, upgrade Watchdog to 4.1.0+ first.