Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Installing the Endpoint Agent - Linux

            Introduction

            Within this guide we will cover how to obtain the Linux Endpoint Agent installation packages, the commands to install the Endpoint Agent and how to Uninstall the agent using the CLI.


            Table of contents


            Overview of the Linux agent

            The Field Effect MDR Linux agent is natively built and runs as a privileged systemd service. The default user-mode agent install monitors processes (starts|stops), network activity, users, logon sessions, software packages, services/scheduled jobs, drives. It also collects general information about the host OS (OS, kernel version, etc.). We also support static file scanning and log monitoring where relevant to security. Most of this data is available to view on the Appliance Dashboard.


            Obtaining an installation package

            The installation package for the Linux, and all other support, endpoint agent can be downloaded from the MDR Portal's Downloads page.


            Packages are available in either a Debian (.deb) or RedHat (.rpm) package. 


            .deb files are the files used for Debian Linux based operating systems. 

            .rpm files are the files that are used for Red Hat Linux based operating systems.


            You must install the license file first, followed by the agent file.


            Installing the Linux Endpoint Agent

            Ensure to replace the <version> with the Endpoint Agent version in the filename of the package you have downloaded.


            Installing Debian/Ubuntu

            sudo dpkg -i "covalence-endpoint-license.deb" 
sudo dpkg -i "covalence-endpoint-x86_64-<version>.deb"


            Installing RedHat

            sudo rpm -i "covalence-endpoint-license.rpm" 
sudo rpm -i "covalence-endpoint-x86_64-<version>.rpm"


            Uninstalling the Linux Endpoint Agent

            Here are the CLI commands required to uninstall the Linux Endpoint Agent:


            Uninstalling Debian/Ubuntu

            sudo dpkg -r covalence-endpoint-license 
sudo dpkg -r covalence-endpoint


            Uninstalling RedHat

            sudo rpm -e covalence-endpoint-license 
sudo rpm -e covalence-endpoint


            Verifying the Installation

            To verify if the agent was successfully installed, you can run the following Linux commands:


            Verifying Debian/Ubuntu

            dpkg -s covalence-endpoint


            Will return something similar to the following if the agent is installed:

            Package: covalence-endpoint
Status: install ok installed
...


            Verifying RedHat

            rpm -q covalence-endpoint


            If the agent was installed successfully, the command should return the following output (or something similar, depending on your version) : 

            covalence-endpoint-3.3.24-1.x86_64


            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0