Agent Installation: Apt or Yum Repository Instructions

Threat Stack has been tested on and designed for support on the following systems (64-bit only)

  • Amazon AMI versions 2012-03 and higher (3.x kernel required for file integrity monitoring support on Amazon Linux)
  • CentOS 6.x 
  • RHEL 6.x
  • Ubuntu 12.04 LTS, and 14.04 LTS

 

Amazon Linux Setup Instructions (2012.03 or newer) 

1. Import our PGP key 

sudo rpm --import https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK

2. Add the following repository information to /etc/yum.repos.d/threatstack.repo

[threatstack]
name=Threat Stack Package Repository
baseurl=https://pkg.threatstack.com/Amazon
enabled=1
gpgcheck=1

3. Install and configure the agent

Note: Your deploy key can be found in the Threat Stack app by selecting Agents from the sidebar and clicking on "Add New Agent". Configuring the agent with a policy automatically enables it to report data without manual activation.

sudo yum install threatstack-agent
sudo cloudsight setup --deploy-key=<key> --ruleset="<ruleset name>"

e.g.
sudo cloudsight setup --deploy-key=20fe2 --ruleset="Base Rule Set"

CentOS or RHEL Install Instructions (CentOS/RHEL 6.0-6.5)

1. Import our PGP key 

sudo rpm --import https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK

2. Add the following repository information to /etc/yum.repos.d/threatstack.repo

[threatstack]
name=Threat Stack Package Repository
baseurl=https://pkg.threatstack.com/CentOS
enabled=1
gpgcheck=1

3. Install and configure the agent

Note: Your deploy key can be found in the Threat Stack app by selecting Agents from the sidebar and clicking on "Add New Agent". Configuring the agent with a policy automatically enables it to report data without manual activation.

sudo yum install threatstack-agent
sudo cloudsight setup --deploy-key=<key> --ruleset="<ruleset name>"

e.g.
sudo cloudsight setup --deploy-key=20fe2 --ruleset="Base Rule Set"

 

Ubuntu Setup Instructions (12.04, 14.04)

1. Add our PGP key

curl https://app.threatstack.com/APT-GPG-KEY-THREATSTACK | sudo apt-key add -

2. Add the following repository information

echo "deb https://pkg.threatstack.com/Ubuntu <distro> main" > /etc/apt/sources.list.d/threatstack.list

Note: <distro> is lucid, precise or trusty

3. Update, install and configure the agent

Note: Your deploy key can be found in the Threat Stack app by selecting Agents from the sidebar and clicking on "Add New Agent". Configuring the agent with a policy automatically enables it to report data without manual activation.

 

sudo apt-get update
sudo apt-get install threatstack-agent -y
sudo cloudsight setup --deploy-key=<key> --ruleset="<ruleset name>"

e.g.
sudo cloudsight setup --deploy-key=20fe2 --ruleset="Base Rule Set"

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.