Skip to main content

Linux Agent Installation Checklist

Before Installation

Complete the following steps before you install the agent.

  1. Verify that the Lacework agent supports the distribution installed on your machine. For more information, see Supported Operating Systems.

  2. Verify that your machine can connect to the internet, and your proxy and firewall applications allow access to the URLs listed in Connectivity Requirements.

  3. Use sed (GNU sed) version 4.2.2 or higher in the procedures.

  4. Download the release package release.tgz (replace release with the agent release number), checksum_sha256.txt, and checksum_sha256.txt.asc files for a release from the Lacework Agent GitHub repository.

    1. Go to Lacework Agent GitHub repository.
    2. Click Releases on the right frame to view the available agent releases.
    3. Find a release and click release.tgz (replace release with the agent release number) to download the file that contains the agent installer for the release.
    4. For the same release, click on the checksum_sha256.txt and the checksum_sha256.txt.asc files to download the files.
    5. Create a temporary directory such as ~/lacework and move the release.tgz, checksum_sha256.txt, and checksum_sha256.txt.asc files to that directory.
  5. Verify that the checksum in the checksum_sha256.txt file matches the checksum of the release.tgz file.

    1. In a terminal window, go to the ~/lacework directory.
      cd ~/lacework
    2. Verify that the release.tgz matches the checksum.
      shasum -c checksum_sha256.txt
      If the verification is successful, the command displays OK.
  6. Verify that the checksum is signed correctly.

    1. Download the Lacework agent GPG key.

      gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 360D55D76727556814078E25FF3E1D4DEE0CC692

      For RPM-based systems, use the following commands to download the GPG key:

      wget https://packages.lacework.net/RPM-GPG-KEY-lacework
      rpm --import RPM-GPG-KEY-lacework
    2. Verify the signature.

      gpg --verify checksum_sha256.txt.asc

      If the verification is successful, the following is displayed:

      gpg: assuming signed data in 'checksum_sha256.txt'
      gpg: Signature made <TIMESTAMP>
      gpg: using RSA key 360D55D76727556814078E25FF3E1D4DEE0CC692
      gpg: Good signature from "Lacework Inc. <support@lacework.net>"
  7. Unzip the release.tgz (replace release with the agent release number) file into a temporary directory.

  8. Create an agent access token using the instructions in Create Agent Access Token.

  9. In the Lacework Console, click the ... icon in the row for the token and select Copy to copy the access token for use during the installation process.

During Installation

  • Install the agent only on the host on which containers are provisioned. Installing the agent on a host and also on any containers running on the host will result in increased memory and CPU usage proportional to the number of agents installed. This may cause significant resource usage on the host and degrade general system performance.