Using the Agent manifest file is a great way to further streamline configuration of servers in your Panopta account. If you opt to use the Agent manifest file, you can preset many of the configuration values and have the Agent automatically add the server into Panopta. This becomes an additional option for automation, especially for complex and large deployments.
Create a manifest file in C:\, for example C:\SampleAgent.manifest. Once this is added, you can set the desired default values. At a minimum, you should add the customer key parameter like below:
[agent]customer_key = xxxx-xxxx-xxxx-xxxx
If you're using PowerShell, you can then run the following command from within the same directory as install.ps1. The agent will install and add the server to your Panopta account.
./install.ps1 -ManifestFile "[Full File Path]\SampleAgent.manifest"
If you're using the MSI, you can then run the following command from within the same directory as the MSI. The agent will install and add the server to your Panopta account.
msiexec /i panopta-agent-[version number].msi MANIFESTFILE="[FULL FILE PATH]\SampleAgent.manifest"
Create the manifest file at /etc/panopta-agent-manifest. Then you can install the agent with either the python 2.xx or python3 command below:
curl -s https://packages.panopta.com/install/linux_agent_install.py | python /dev/stdin
curl -s https://packages.panopta.com/install/linux_agent_install.py | python3 /dev/stdin
The contents of the manifest file for both Windows and Linux are shown below. You do not need to specify values for everything. A detailed description of each parameter is explained below the sample contents:
[agent]customer_key = afsdyngoaeppmfqefaserver_key = ashe-pokf-bfhb-eabnaggregator_url = myappliance.localsite.comserver_group = 3467fqdn = www.panopta.comserver_name = Panoptainterface_mapping = private:10.100.100.2,private2:10.100.100.13templates = 8tags = tag, anothertag, anotheronepartner_server_ID = 828765disable_server_match = truecustom_plugin_url = https://s3.amazonaws.com/custom-panopta-plugins/my-custom-plugins.zipenable_countermeasures = truecountermeasures_remote_plugins = https://s3.amazonaws.com/some-s3-bucket/custom-plugins.zipcountermeasures_refresh_plugins = 6
The server key is what allows the Agent to communicate with our servers securely. You have the option of setting this value, if you like. However, we highly recommend that you allow a key to be generated for you and linked to the server in Panopta accordingly.
Note: all server keys must be unique.
If you have written your own custom plugins, you can host them centrally and have the agent retrieve them during installation so that you do not have to manually manage them post install. The value of this variable can be a compressed archive (.zip, .tar or .tgz) or a single python file (with a .py extension).
New plugins are fetched from the URL defined in custom_plugin_url during metadata rebuilds. By default, metadata rebuilds occur once every hour. You also have the option to manually re-fetch new plugins by issuing a metadata rebuild command, either through the control panel or the command line.
[agent]customer_key = gfoadsvuhyadsflvheaserver_group = 3548[attributes]operating system = ubuntuversion = 14.04[mysql]username = USERNAMEpassword = PASSWORD
[agent]customer_key = gfoadsvuhyadsflvheaserver_group = 3548[attributes]operating system = ubuntuversion = 14.04<agent><plugins><ntp><add key="ntp_host" value="pool.ntp.org"><add key="ntp_port" value="123"></add></add></ntp></plugins></agent>