Linux

Probe Install

All modern versions of Ubuntu, CentOS and Amazon 2 are supported. Mileage may vary on other distributions, such as RHEL or Debian, as these are not tested regularly. SELinux is not supported.

RPM

sudo yum -y https://api.preludesecurity.com/download/install/detect.rpm
sudo detect-register-endpoint -r <ACCOUNT_ID>/<TOKEN> -t tag1,tag2,tag3

Amazon AM2

sudo yum install https://api.preludesecurity.com/download/install/detect.rpm
sudo detect-register-endpoint -r <ACCOUNT_ID>/<TOKEN> -t tag1,tag2,tag3

Ubuntu

curl -sL https://api.preludesecurity.com/download/install/detect.deb -o detect.deb
sudo dpkg -i detect.deb
rm detect.deb
sudo detect-register-endpoint -r <ACCOUNT_ID>/<TOKEN> -t tag1,tag2,tag3

Probe service control

How to check the status and control the probe service.

Check if Prelude Probe service is running

 sudo systemctl status detect.service

Stop Prelude Probe service

 sudo systemctl stop detect.service

Start Prelude Probe service

 sudo systemctl start detect.service

Restart Prelude Probe service

 sudo systemctl restart detect.service

Logging

/var/log/prelude/probe.log

Ansible Deployment

The following is a sample Ansible playbook that can be used to download, install and register Prelude Detect on Linux using the .deb package. Replace <ACCOUNT_ID>/ with your registration string, -t tags are optional and can be removed if not setting tags at time of install.

---
- name: Install detect package and register endpoint
  hosts: your_target_hosts
  become: yes

  tasks:
    - name: Download detect.deb package
      get_url:
        url: "https://api.preludesecurity.com/download/install/detect.deb"
        dest: "/tmp/detect.deb"

    - name: Install detect.deb package
      apt:
        deb: "/tmp/detect.deb"
      become: yes

    - name: Remove downloaded detect.deb package
      file:
        path: "/tmp/detect.deb"
        state: absent

    - name: Register endpoint
      command: "sudo detect-register-endpoint -r <ACCOUNT_ID>/<TOKEN> -t tag1,tag2,tag3"