Share:

Using the Agent manifest file is a great way to automate the configuration of servers in your Panopta account. If you opt to use the Agent manifest file, you can seed many of the configuration values and have the Agent automatically add the server into Panopta.

Information

Note: The Agent manifest file is only used during the initial installation of the Agent. Subsequent changes must be made using the Panopta Agent configuration file. This file can be found in the following directories:

  • Linux: /etc/panopta-agent/panota-agent.cfg
  • Windows: C:\Program Files(x86)\PanotpaAgent\Agent.config 

The Agent manifest file can also be used in conjunction with the Agent oneliner which normally generates a new manifest file with the server's customer and/or server keys. If you have an existing manifest file on the server, the manifest file will be detected and the information from the Agent onliner will be injected into the existing file. Any settings on the existing manifest file will be preserved.

Windows PowerShell or MSI

Create a manifest file in C:\, for example C:\SampleAgent.manifest. Once this is added, you can set the desired default values. At a minimum, you should add the customer key parameter like below:

Basic Agent Manifest File

JSON
[agent]
customer_key = xxxx-xxxx-xxxx-xxxx

If you are using PowerShell, run the following command from within the same directory as install.ps1. The Agent will install and add the server to your Panopta account.

Powershell Install Command

JSON
./install.ps1 -ManifestFile "[Full File Path]\SampleAgent.manifest"

If you are using MSI, run the following command from within the same directory as the MSI. The Agent will install and add the server to your Panopta account.

MSI Install Command

JSON
msiexec /i panopta-agent-[version number].msi MANIFESTFILE="[FULL FILE PATH]\SampleAgent.manifest"

Linux

Create the manifest file in /etc/panopta-agent-manifest. Then you can install the agent with either the python 2.xx or python3 command below:

Python

JSP (JavaServer Pages)
curl -s https://packages.panopta.com/install/linux_agent_install.py | python /dev/stdin

Python 3

JSP (JavaServer Pages)
curl -s https://packages.panopta.com/install/linux_agent_install.py | python3 /dev/stdin

Example Manifest file

The content of the manifest file for both Windows and Linux are shown below. You do not need to specify values for everything. A detailed description of each parameter is explained below the sample content:

INI (.ini files)
[agent]
customer_key = afsdyngoaeppmfqefa
server_key = ashe-pokf-bfhb-eabn
aggregator_url = myappliance.localsite.com
server_group = 3467
fqdn = www.panopta.com
server_name = Panopta
interface_mapping = private:10.100.100.2,private2:10.100.100.13
templates = 8
tags = tag, anothertag, anotherone
partner_server_ID = 828765
disable_server_match = true
custom_plugin_url = https://s3.amazonaws.com/custom-panopta-plugins/my-custom-plugins.zip
enable_countermeasures = true
countermeasures_remote_plugins = https://s3.amazonaws.com/some-s3-bucket/custom-plugins.zip
countermeasures_refresh_plugins = 6

[attributes]
operating system = ubuntu
version = 14.04

Parameters

Parameter Description
customer_key                                                                        
This identifies you with your Panopta account. By setting this value, the agent will automatically add the server to the Panopta control panel. You can find this key in the control panel under My Account under your icon at the top right.
server_key

The server key is what allows the Agent to communicate with our servers securely. You have the option of setting this value if you like. However, we highly recommend that you allow a key to be generated for you and linked to the server in Panopta accordingly.

Note: all server keys must be unique.

aggregator_url
This controls the API which the Agent communicates with to report its results. You should not enter an aggregator URL unless you are using Panopta Onsight as a proxy for servers that do not have outbound public internet access. If you are using Panopta Onsight as a proxy and don't know the aggregator URL, please contact support@panopta.com
server_group
This controls which group your server gets added to in the control panel. Any server template(s) that you have set to be applied to this group will be applied to this server as well. The value of the server group is identified by an ID or a name. If you go to an instance group in the control panel, you can see that group's ID number at the end of that page's URL.
FQDN
This field acts as an override for the hostname that is auto-detected by the Agent. If you do not include this field, your server will be given its natural FQDN in the control panel.
server_name
This field lets you set a logical name for this server. That name will identify the server in the control panel.
interface_mapping
This value is only used if:
  • A template will be auto-applied to the server being created
  • that template has place holders for multiple network interfaces. 

If your server has multiple network interfaces and the template which is being applied has placeholders for multiple network interfaces, you have to provide a mapping of the IP for that network interface to the placeholder.

For example, if your server template has the network interface placeholder named Private, and your server has a network interface with the IP set to 10.100.100.2, you would configure it like this:

interface_mapping = private:10.100.100.2

templates
This field lets you choose which templates you would like to apply to this server. The value of the template is identified by an ID. If you go to a server template in the control panel, you can see that template's ID number at the end of that page's URL.
tags
This field would allow you to add tags to your server. This can be set to any value but would need to be comma-separated to indicate different tags.

tags = tag1, tag2, tag3

partner_server_id 
This value can be used by Panopta partners in order to store their own internal unique identifiers for that server. Setting the value in the manifest file sets it on the Server/Instance object which can then help in server lookups by the partner's ID (via API or within the control panel).
disable_server_match
The default behavior, when customer_key is provided, is to do some automatic server matching by hostname or IP. In some cases, this may be undesirable if you have overlapping private IP ranges across environments. This option allows you to disable the matching logic.
attributes
You can also add an additional field for attributes. This will need to go underneath the rest of the manifest file configurations, and you can set the attributes to any value.
custom_plugin_url

If you have written your own custom plugins, you can host them centrally and have the agent retrieve them during installation so that you do not have to manually manage them post-install. The value of this variable can be a compressed archive (.zip, .tar or .tgz) or a single python file (with a .py extension).

New plugins are fetched from the URL defined in custom_plugin_url during metadata rebuilds. By default, metadata rebuilds occur once every hour. You also have the option to manually re-fetch new plugins by issuing a metadata rebuild command, either through the control panel or the command line. 

enable_countermeasures
This flag enables the CounterMeasures remediation feature in the Agent. Read more about this here.
countermeasures_remote_plugins
If you have written your own custom CounterMeasures plugins, you can host them centrally and have the Agent retrieve them during installation so that you do not have to manually manage them post-install. The value of this variable can be a compressed archive (.zip, .tar or .tgz).
countermeasures_refresh_plugins
If you would like updates to your CounterMeasures plugins to automatically be applied, you can optionally set countermeasures_refresh_plugins to the number of hours for the refresh interval and the Agent will re-fetch the newest plugins from your remote plugin location.
plugin_configuration
To pass plugin configuration to a standard Panopta plugin or one of your own custom plugins, specify those at the bottom of the file. Examples for Linux and Windows are shown in the following sections.

Linux custom plugin configuration

Manifest file

INI (.ini files)
[agent]
customer_key = gfoadsvuhyadsflvhea
server_group = 3548

[attributes]
operating system = ubuntu
version = 14.04

[mysql]
username = USERNAME
password = PASSWORD

Windows custom plugin configuration

Manifest file

EJS (Embedded JavaScript)
[agent]
customer_key = gfoadsvuhyadsflvhea
server_group = 3548

[attributes]
operating system = ubuntu
version = 14.04

<agent>
<plugins>
<ntp>
<add key="ntp_host" value="pool.ntp.org">
<add key="ntp_port" value="123">
</add></add></ntp>
</plugins>
</agent>‚Äč