Install Agent using the Apt or Yum Repository
Supported Systems
Review the Supported Operating Systems and Kernels article before installing the Threat Stack Agent.
Note
For the latest instructions deploying the Threat Stack Agent, please see:The Threat Stack Servers page contains in app instructions for all of our supported servers. Select your preferred server to display specific instructions.
Your deployment key can be found in the Threat Stack app by selecting the Settings tab in the left navigation bar, and clicking the Applications Keys tab. Configuring the Agent with a policy automatically enables it to report data without manual activation.
Alternate Installation Instructions
- We now only support the Containerized Agent. For additional information, please see the Threat Stack Containerized Agent article
Server Setup Instructions
Requires Amazon Linux 2012.09 or newer.
1) Create a .repo file titled "threatstack.repo" in the /etc/yum.repos.d/
2) Paste the following repository information:
[threatstack]
name=Threat Stack Package Repository
baseurl=https://pkg.threatstack.com/Amazon
enabled=1
gpgcheck=1
3) Import our PGP key:
sudo rpm --import https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK
4) Install and configure the agent
sudo yum install threatstack-agent
sudo cloudsight setup --deploy-key=<key> --ruleset="<ruleset name>"
Example
sudo cloudsight setup --deploy-key=20fe2 --ruleset="Base Rule Set"
Requires version 14.04, 16.04 or 18.04
1) Import our PGP key:
curl https://app.threatstack.com/APT-GPG-KEY-THREATSTACK | sudo apt-key add -
2) Add the following repository information:
echo "deb https://pkg.threatstack.com/Ubuntu $distro main" > /etc/apt/sources.list.d/threatstack.list
NOTE
$distro is trusty, xenial or bionic
3) Install and configure the agent
sudo apt-get update
sudo apt-get install threatstack-agent -y
sudo cloudsight setup --deploy-key= --ruleset="<ruleset name>"
Example
sudo cloudsight setup --deploy-key=20fe2 --ruleset="Base Rule Set"
Instructions specific to Centos/RHEL 6.
1) Create a .repo file titled "threatstack.repo" in the /etc/yum.repos.d/
2) Paste the following repository information:
[threatstack]
name=Threat Stack Package Repository
baseurl=https://pkg.threatstack.com/EL/6
enabled=1
gpgcheck=1
3) Import our PGP key:
sudo rpm --import https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK
4) Install and configure the agent
sudo yum install threatstack-agent
sudo cloudsight setup --deploy-key=<key> --ruleset="<ruleset name>"
Example
sudo cloudsight setup --deploy-key=20fe2 --ruleset="Base Rule Set"
Instructions specific to Centos/RHEL 7.
1) Create a .repo file titled "threatstack.repo" in the /etc/yum.repos.d/
2) Paste the following repository information:
[threatstack]
name=Threat Stack Package Repository
baseurl=https://pkg.threatstack.com/EL/7
enabled=1
gpgcheck=1
3) Import our PGP key:
sudo rpm --import https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK
4) Install and configure the agent
sudo yum install threatstack-agent
sudo cloudsight setup --deploy-key=<key> --ruleset="<ruleset name>"
Example
sudo cloudsight setup --deploy-key=20fe2 --ruleset="Base Rule Set"