Windows Agent Installation



Threat Stack provides the ability to monitor Windows instances, hosted in the cloud or on-premise.

We recommend that you review the System Requirements article before installing the Windows Agent.

Windows Agent Installation Methods

You can install the Threat Stack Windows Agent with either the:

  • Threat Stack Cloud Security Platform Setup Wizard
  • Command Line Installation Instructions

Regardless of the installation method, you need to download the Windows Agent Installer:

Windows Agent Installer

If you plan to do a command line installation of the Windows Agent, you do not need to open the Windows Agent Installer after you download it. It is unnecessary to your process.

Platform Setup Wizard

To begin, open the Windows Agent Installer:

1) Click the Next button to open the Configuration page.


2) Enter your Deployment Key and change other settings as needed for your organization.



  • When the services start, the Threat Stack Agent Service service will acquire an agent ID as soon as it connects to the Threat Stack cloud.
  • To make a "golden master" that can be duplicated, uncheck the checkbox on this page. The services will be installed and won't start until the host is rebooted. This provides an opportunity to shutdown the host and make multiple copies.

3) Click the Next button to open the Verification page.

4) Review your settings, confirm they are correct, and click the Install button.


5) After the installation process is complete, click the Finish button to end the installation workflow.


After the installation, the agent should display in the Threat Stack application on the Servers page.


Command Line Installation

If you are an Administrator, you can install the Windows Agent from the command line using either PowerShell or a cmd console.

1) Copy and paste the below text into Command Console

msiexec /i ThreatStack.Installer.1.0.11.msi /quiet TSDEPLOYKEY="my-deployment-key"

2) Replace the "my_deploy_key" with your Deploy Key from your Threat Stack organization.

3) Execute the command, this silently runs the installer and applies the deployment key.

After the installation, the agent should display in the Threat Stack application on the Servers page.

Additional Variables

There are two additional command line variables that you can set, "INSTALLDIR" and "TSSTARTSERVICES".

The "INSTALLDIR" variable gives you to ability to install the agent in any directory you want, instead of "C:\Program Files\Threat Stack".

The "TSSTARTSERVICES" acts as a switch. If you include the "TSSTARTSERVICES" in your command, the Threat Stack Agent Services do not start after installation. Additionally, you can use it to create the "golden master" and then snapshot it.

msiexec /i ThreatStack.Installer.1.0.11.msi /quiet TSDEPLOYKEY="my-deploy-key" TSSTARTSERVICES=""
Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request



Article is closed for comments.