Agents
      Back to home
      1. Vali Cyber Knowledge Base
      2. ZeroLock®
      3. Agents

      ZeroLock® Agent Installation: Curl/Wget Installer

      A guide for installing the ZeroLock Agent using Curl or Wget.

      A ZeroLock Agent (ZA) can be installed in two (2) ways:

      1. Copy/Paste - curl or wget
      2. Download - Self-extracting or Tar installer

      This document covers the curl and wget installation options. These options mirror each other with the difference being the shell command used.

      Advanced Settings

      Regardless of the installation method, some settings must be made before installing any agent. These Advanced Settings vary depending on the environment being used and the agent version you intend to install. Ensure that you select the Default environment and that the Deploy – Default screen is visible before proceeding with agent installation. Use this link to access these settings: Advanced Settings

      Agent Installation

      CURL

      Once back on the Deploy screen, under the Use Curl tab, select Copy Curl Installer, to save the command to the clipboard.

      Copy Curl Installer v3.2.1

      To download and install the ZA, open a terminal, SSH to the client, and paste the copied script from # 3 into the terminal. Run the installer with root privileges. This may take a few minutes.

      Installing v3.5.6

      WGET

      If you prefer using the wget command, the steps are the same as with curl, except in # 2 select the USE WGET. The wget installer is pasted into the terminal during # 3 after you open a terminal session to the endpoint.

      Copy WGET Installer v3.2.1

      Validating Agent Installation

      Select the Endpoints tab on the left menu. The new endpoint will be listed; the green dot in the status column indicates a successfully installed agent on the endpoint system.

      Agent on Endpoint v3.2.1

      Agent Log

      There are two (2) ZA logs, Tyr and Baldur. Tyr provides communication to the ZeroLock Management Console (ZMC) and Baldur is the behavior analysis engine that provides detection, response, and telemetry (data) to Tyr.

      Since the focus is on validating agent installation and communication with the ZMC, we will only show the Tyr logs.

      To locate the ZeroLock Agent’s Tyr logs, login to the endpoint then use the commands:

      To see the Tyr directory:      cd /opt/zerolock/zerolock-tyr      

      To see the Tyr.log:                ls -la

      To read the Tyr log:               cat tyr.log

      Tyr Log v3.5.6-1

      The system (endpoint) is now benefiting from the protection provided by ZeroLock.

       

      For additional information, please see:

      Vali Cyber support page