Linux
Ephemeral Probe
Open-source Nocturnal.
Set your token to an environment variable and start the script:
curl -sL "https://api.preludesecurity.com/download/nocturnal" -H "dos:darwin-arm64" > probe
export PRELUDE_TOKEN=<TOKEN>
chmod +x probe
./probe
Installed Probe
All modern versions of Ubuntu, CentOS and Amazon 2 are supported. Mileage may vary on other distributions, such as RHEL or Debian, as these are not tested regularly. SELinux is not supported.
RPM
sudo rpm -Uvh https://api.preludesecurity.com/download/install/detect-1.2.0.rpm
sudo detect-register-endpoint -r <ACCOUNT_ID>/<TOKEN> -t tag1,tag2,tag3
Amazon AM2
sudo yum install https://api.preludesecurity.com/download/install/detect-1.2.0.rpm
sudo detect-register-endpoint -r <ACCOUNT_ID>/<TOKEN> -t tag1,tag2,tag3
Ubuntu
curl -sL https://api.preludesecurity.com/download/install/detect-1.2.0.deb -o detect-1.2.0.deb
sudo dpkg -i detect-1.2.0.deb
rm detect-1.2.0.deb
sudo detect-register-endpoint -r <ACCOUNT_ID>/<TOKEN> -t tag1,tag2,tag3
Probe service control
How to check the status and control the probe service.
Check if Prelude Probe service is running
sudo systemctl status detect.service
Stop Prelude Probe service
sudo systemctl stop detect.service
Start Prelude Probe service
sudo systemctl start detect.service
Restart Prelude Probe service
sudo systemctl restart detect.service
Logging
/var/log/prelude/probe.log
Updated 4 days ago