Persistent probes

Permanently install probes as a service

Suggest Edits

Persistent probes install as a service to survive machine reboots, restart if stopped and upgrade automatically. Probes write all stdout/stderr to a common log file, in accordance of the operating system they are running on. The log file will be named prelude.log. Tag flags are optional for all installers.

Instructions in this doc are for headless installs. Download and double-click to install via GUI.

To reinstall, run the uninstall and install steps for your platform.

Prerequisites

Use the CLI to create a new registration user:

prelude detect create-user registration --permission SERVICE

This will generate a low-privilege authentication token. Use this, along with an account ID, to install probes.

MacOS

All versions of Intel and ARM are supported.

curl -sL https://api.preludesecurity.com/download/install/detect-1.0.0.pkg -o detect-1.0.0.pkg
sudo launchctl setenv REGISTRATION_STRING <ACCOUNT_ID>/<TOKEN> ENDPOINT_TAGS tag1,tag2,tag3
sudo installer -pkg detect-1.0.0.pkg -target /

To uninstall and kill the running process use the uninstall script. 

sudo bash /Library/PreludeSecurity/uninstall

Linux

All modern versions of Ubuntu, CentOS and Amazon 2 are supported. Mileage may vary on other distributions, such as RHEL or Debian, as these are not tested regularly. SELinux is not supported.

RPM

sudo rpm -Uvh https://api.preludesecurity.com/download/install/detect-1.0.0.rpm
sudo detect-register-endpoint -r <ACCOUNT_ID>/<TOKEN> -t tag1,tag2,tag3

Amazon AM2

sudo yum install https://api.preludesecurity.com/download/install/detect-1.0.0.rpm
sudo detect-register-endpoint -r <ACCOUNT_ID>/<TOKEN> -t tag1,tag2,tag3

Ubuntu

curl -sL https://api.preludesecurity.com/download/install/detect-1.0.0.deb -o detect-1.0.0.deb
sudo dpkg -i detect-1.0.0.deb
rm detect-1.0.0.deb
sudo detect-register-endpoint -r <ACCOUNT_ID>/<TOKEN> -t tag1,tag2,tag3

Windows

The following versions are supported: Windows 10, Windows 11, Server 2019 and Server 2022

Download here

Install

msiexec.exe /qn /l*v detect-log.txt /i detect-1.0.0.msi REGISTRATION_STRING="<ACCOUNT_ID>/<TOKEN>" ENDPOINT_TAGS="tag1,tag2,tag3"

Uninstall

msiexec.exe /qn /l*v detect-log.txt /x detect-1.0.0.msi

Updated 1 day ago