Introduction: This document outlines the procedure of installing the Enterprise Agent on Unix\Linux.
Prerequisites:
- Allow incoming communication on port 3999
Procedure:
- Locate the proper Agent installer SH script (typically in the "\Forensic_Tools\Agents" folder on the AD Enterprise ISO/disc)
- Locate the public certificate to be used by your Agents.
- Copy the SH script and public certificate to the target machine.
- Open a Terminal and run the following command to give the SH script execute permissions:
chmod +x agent-linux64.sh
- Run the following command to install the Agent:
sudo ./agent-linux64.sh <Certificate Path>
- Start the Agent with the following command:
sudo /etc/init.d/agentcored start
Parameter | Value | Default Value | Required | Description |
-installpath | /usr/AccessData/agent | No | Specifies a desired path to install the agent. Path must be enclosed in quotes if it contains spaces. If not specified, the default value is assumed. | |
-lifetime | 0 | No | Specifies the amount of time that a transient agent will exist before self-destructing. A negative value is used to denote minutes (eg. -30 denotes 30 minutes), and a positive value is used to denote days (eg. 30 denotes 30 days). 0 indicates that the agent will not self-destruct. If not specified, the default value is assumed. | |
-port | 3999 | No | The port that the agent will be listening on. If not specified, the default value is assumed. | |
-connections | 10 | No | Specifies the number of concurrent connections allowed to the agent. If not specified, the default value is assumed. | |
-size | 16777216 | No | Specifies the agent configuration files storage size. If not specified, the default value is assumed. | |
-datasize | 268435456 | No | Specifies the agent temporary data storage size. If not specified, the default value is assumed. | |
-folder_storage | 1/0 | 0 | No | A 1 Indicates that the agent will not use protected storage. A 0 indicates that the agent will use protected storage. If not specified, the default value is assumed. |