Agents
      Back to home
      1. Vali Cyber Knowledge Base
      2. ZeroLock®
      3. Agents

      ZeroLock® Agent Installation: Curl/Wget Installer

      A guide for installing the ZeroLock Agent using Curl or Wget.

      A ZeroLock Agent (ZA) can be installed three (3) ways:

      1. Copy/Paste - curl or wget
      2. Download - Self-extracting or Tar installer
      3. Container - Docker

      This document covers the curl and wget installation options. These options mirror each other with the difference being the shell command used.

      Advanced Settings

      Regardless of the installation method, there are settings that must be made prior to installing any agent. These Advanced Settings vary depending on the environment you are using and the agent version you intend to install. Ensure that you select the Default environment and that the Deploy – Default screen is visible prior to proceeding with agent installation. Use this link to access these settings: Advanced Settings

      Agent Installation

      CURL

      Once back on the Deploy screen, under the Use Curl tab, select Copy Curl Installer to save the command to the clipboard.

      To download and install the ZA, open a terminal and SSH to the client, paste the copied script from # 3 into the terminal. You will want to run the installer with root privileges. This may take a few minutes.

      WGET

      If you prefer to use the wget command, the steps are the same as with curl, except in # 2 select the USE WGET. The wget installer is pasted into the terminal during # 3 after you open a terminal session to the endpoint.

      Validating Agent Installation

      To validate the installation process, select the Endpoints tab on the left menu. The new endpoint will be listed; the green dot in the status column indicates a successfully installed agent on the endpoint system.

      Agent Log

      There are two (2) ZA logs, Tyr and Baldur. Tyr provides communication to the ZeroLock Management Console (ZMC) and Baldur is the behavior analysis engine that provides detection, response, and telemetry (data) to Tyr.

      Since the focus is on validating agent installation and communication with the ZMC, we will only show the Tyr logs.

      To locate the ZeroLock Agent’s Tyr logs, login to the endpoint then use commands:

      To see the Tyr directory:      cd /opt/zerolock/zerolock-tyr      

      To see the Tyr.log:                ls -la

      To read the Tyr log:               cat tyr.log

      The system (endpoint) is now benefiting from the protection provided by ZeroLock.

       

      For additional information, please see:

      Vali Cyber support page