Ephemeral Probe

Open-source Nocturnal.

Set your token to an environment variable and start the script:

curl -sL "https://api.preludesecurity.com/download/nocturnal" -H "dos:darwin-arm64" > probe
chmod +x probe

Installed Probe

All modern versions of Ubuntu, CentOS and Amazon 2 are supported. Mileage may vary on other distributions, such as RHEL or Debian, as these are not tested regularly. SELinux is not supported.


sudo rpm -Uvh https://api.preludesecurity.com/download/install/detect-1.2.0.rpm
sudo detect-register-endpoint -r <ACCOUNT_ID>/<TOKEN> -t tag1,tag2,tag3

Amazon AM2

sudo yum install https://api.preludesecurity.com/download/install/detect-1.2.0.rpm
sudo detect-register-endpoint -r <ACCOUNT_ID>/<TOKEN> -t tag1,tag2,tag3


curl -sL https://api.preludesecurity.com/download/install/detect-1.2.0.deb -o detect-1.2.0.deb
sudo dpkg -i detect-1.2.0.deb
rm detect-1.2.0.deb
sudo detect-register-endpoint -r <ACCOUNT_ID>/<TOKEN> -t tag1,tag2,tag3

Probe service control

How to check the status and control the probe service.

Check if Prelude Probe service is running

 sudo systemctl status detect.service

Stop Prelude Probe service

 sudo systemctl stop detect.service

Start Prelude Probe service

 sudo systemctl start detect.service

Restart Prelude Probe service

 sudo systemctl restart detect.service