-
AIX: Deploying Deep Visibility and EnforcementAgents
AIX sensors are available as ALPHA version in this release. We
recommend using these ALPHA-versionAIX sensors only in a lab
environment for validation and testing.
Note
• Using Installer Script to Deploy Deep Visibility or
Enforcement Agents on AIX, on page 1• Verifying Deep Visibility or
Enforcement Agent Installation: AIX, on page 3• Uninstalling A Deep
Visibility or Enforcement Agent: AIX, on page 3
Using Installer Script to Deploy Deep Visibility or
EnforcementAgents on AIX
Using the installer script is the only method available for
deploying deep visibility or enforcement agents onAIX
platforms.
Before you begin
Note that if the installed agent is to be connected to a
Tetration SaaS cluster, the ACTIVATION_KEY andHTTPS_PROXY
parameters will be required. The installer script will
automatically populate theACTIVATION_KEY, while you need to insert
the HTTPS_PROXY information directly into the script. Formore
information, see User Configuration for Tetration SaaS.
Procedure
Step 1 Choose Agent Config from the Settings menu to display the
Agent Config page.Step 2 Click Software Agent Download to switch to
that tab.Step 3 Select Linux in the Select Platform section.Step 4
Select either Deep Visibility or Enforcement in the Select Agent
Type section.
AIX: Deploying Deep Visibility and Enforcement Agents1
b_Software_Agents_chapter9.pdf#nameddest=unique_8
-
Figure 1: Software Agent Installer Script Download Page
Step 5 Click the Download Installer button and save the file to
a local disk.Step 6 Copy the installer shell script to all
necessary AIX hosts for deployment, and execute the script with
root
privileges on each.
The installer script will not proceed if the agent was already
installed.Note
The installer script command syntax is as follows:
$ tetration_installer_aix.sh [--skip-pre-check] [--noInstall]
[--logFile=filename]
[--proxy=proxy_string>] [--skip-ipv6-check] [--help]
[--version]
[--sensor-version=version_info] [--ls] [--file=filename]
[--save=filename] [--new]
[--libs=filename]
Skips pre-installation checks.--skip-pre-check
The sensor package is not downloaded and installed on the
system.--noInstall
Writes the log to the file specified by filename.--logFile
filename
Sets the value of HTTPS_PROXY. Use this if a proxy server is
needed tocommunicate with the cluster. The string should be
formatted ashttp://proxy:port
--proxy proxy_string
Skips IPv6 verification.--skip-ipv6-check
AIX: Deploying Deep Visibility and Enforcement Agents2
AIX: Deploying Deep Visibility and Enforcement AgentsUsing
Installer Script to Deploy Deep Visibility or Enforcement Agents on
AIX
-
Prints this help information.--help
Prints the current scriptʼs version.--version
Downloads a particular sensor version; default is the latest
version. An exampleof the version_info entry is
--sensor-version=3.1.1.53.devel
--sensorVersionversion_info
Lists all available sensor versions for your system (does not
list pre-3.1packages). This is a listing only; does not download
any package.
--ls
Lets you specify a local zip file to use to install the sensor
instead ofdownloading from the cluster.
--file filename
Downloads the installer zip file from the Tetration cluster,
saving it locallywith filename as its name.
--save filename
Uninstalls/removes all copies of the Tetration agent if it was
already installedon this local machine.
--new
Installs libraries in provided zip file to be used by agent (for
example,libstdc++).
--libs= filename
Verifying Deep Visibility or Enforcement Agent Installation:
AIXFollow these steps on each AIX host to verify the agent was
installed.
Procedure
Run the command lslpp -c -l tet-sensor.rte to confirm that there
is one entry as follows (the specific outputmay differ depending on
the version):sudo lslpp -c -l
tet-sensor.rte/usr/lib/objrepos:tet-sensor.rte:3.4.1.19::COMMITTED:I:TET
tet sensor package:
$ sudo lssrc -s tet-sensorSubsystem Group PID Statustet-sensor
1234567 active
$ sudo lssrc -s tet-enforcerSubsystem Group PID
Statustet-enforcer 7654321 active
Uninstalling A Deep Visibility or Enforcement Agent: AIXFollow
this step to uninstall an agent from an AIX host.
AIX: Deploying Deep Visibility and Enforcement Agents3
AIX: Deploying Deep Visibility and Enforcement AgentsVerifying
Deep Visibility or Enforcement Agent Installation: AIX
-
Procedure
Execute the command installp -u tet-sensor
• By default, not all the related files are deleted after agent
is uninstalled. Log files, for example,are preserved. You can
manually delete all these files.
• The Deep Visibility Agent is controlled by System Resource
Controller as tet-sensor. Assuch it is possible to start, stop,
restart and remove it. The service is made persistent withinittab
as tet-sen-engine.
• The Enforcement Agent is controlled by System Resource
Controller as tet-enforcer. Assuch it is possible to start, stop,
restart and remove it. The service is made persistent withinittab
as tet-enf-engine.
• During the agent operations, it is possible that some kernel
modules will be loaded automaticallyby the kernel. For example, if
enforcement is enabled in AIX, ipfilter modules might be
loaded.Agents do not have a list of modules loaded by the kernel.
Therefore, during agent uninstallation,these kernel modules cannot
be unloaded.
Note
AIX: Deploying Deep Visibility and Enforcement Agents4
AIX: Deploying Deep Visibility and Enforcement
AgentsUninstalling A Deep Visibility or Enforcement Agent: AIX
AIX: Deploying Deep Visibility and Enforcement AgentsUsing
Installer Script to Deploy Deep Visibility or Enforcement Agents on
AIXVerifying Deep Visibility or Enforcement Agent Installation:
AIXUninstalling A Deep Visibility or Enforcement Agent: AIX
