Install a Sensor Via Script

You will obtain the first Sensor installation script from your Fortra Cloud Email Protection sales engineering representative. The script will be named something like:

sensor-install-<orgname>-<date>.sh

TIP: You should run the script promptly after receiving it. Attempting to install older, outdated versions of the Sensor installation script may result in errors. When in doubt, be sure that you have received the very latest version of the Sensor installation script.

You can rename the file.

Move the file to the host system (via SCP, for example). If necessary, after moving the file you may need to set the permissions so that the script can be executable. For example:

# chmod +x sensor-install-examplecom-2018-02-01.sh

In addition to the prerequisites mentioned in Sensor Prerequisites, ensure that you have the following items in order prior to running the installation script for the Sensor:

Do you have root access to the provisioned Linux machine?

Is the firewall configured to allow DNS, NTP, SMTP (inbound), and HTTP/S access to the Cloud Email Protection Cloud and installation repositories?

Proxy: If using a proxy for HTTP traffic, do you have the proxy type (HTTP or NTLMO), hostname, port, username, and password available?

TLS traffic: During the installation, you can configure that inbound traffic to the Sensor be delivered via TLS. If you plan to use SMTP over TLS delivery to the Sensor, do you have a private key (.key file), a signed TLS certificate (.pem file), and a certificate chain (.pem file)?

Running the Script

With all of prerequisites and dependencies in consideration, you can execute the installation script.

The script is comprised of the following stages:

1. Print the version of the script
2. Create the directories /opt/agari and /var/opt/agari/etc
3. Stops any existing Cloud Email Protection Sensor services, if necessary
4. Extract installation files into a temporary directory
5. Install Docker
6. Install PyYAML (if necessary)
7. Install AWS tools (AWS, AWS SSL)
8. Prompt for additional UNIX group permissions for the logs and configuration files (optional; the root group will be used by default)
9. Prompt for HTTPS proxy configuration (optional)
10. Test for access to the correct S3 buckets for uploading data
11. Prompt for TLS certificates and TLS configuration for connections to the Sensor (the default is OFF - TLS connection required)
12. Prompt for debugging-level log output (OFF by default)
13. Move files to appropriate directories; deletes temporary files
14. Upgrade the version of the Sensor (if necessary)

An example of the script being run on an Linux Ubuntu image is below. In the following example, please note:

• Your installation script output will not be identical. The text below is provided as an example.
• Your organization ID is unique.
• The Access key ID is for access to AWS.
• Docker and AWS tools are installed if they are not found on the host system.
• You can specify a UNIX group permission for access to the logs and configuration data.
• You have the option to specify an HTTPS proxy.
• You can specify TLS certificates to use for SMTP connections to the Sensor.
• You can specify DEBUG-level logging.

Example of the running Sensor script:

Version number of the script   Create Agari directories	$ sudo ./sensor-install-examplecom-2017-09-27.sh     Fortra Cloud Email Protection Sensor Installation ... Wed Sep 27 21:49:03 UTC 2017 VERSION: 17.09.27035106   + mkdir -p /opt/agari /var/opt/agari/etc Extracting install files into /var/opt/agari/tmp/agari.df8jXF Running extracted install Running Install/Upgrade steps...   • agari-collector.service - LSB: start and stop agari-collector-milter    Loaded: loaded (/etc/init.d/agari-collector; bad; vendor preset: enabled)    Active: inactive (dead) since Wed 2017-09-27 14:46:21 PDT; 2min 42s ago      Docs: man:systemd-sysv-generator(8)   Process: 4664 ExecStop=/etc/init.d/agari-collector stop (code=exited, status=0/SUCCESS)   Process: 4284 ExecStart=/etc/init.d/agari-collector start (code=exited, status=0/SUCCESS)   Sep 27 13:38:33 ubuntu systemd[1]: Starting LSB: start and stop agari-collector-milter... Sep 27 13:38:33 ubuntu agari-collector[4284]: net.ipv4.ip_forward = 1 Sep 27 13:38:33 ubuntu agari-collector[4284]: Waiting for agari-collectord to start... Sep 27 13:38:34 ubuntu agari-collector[4284]: Started agari-collectord: PID 4299. Sep 27 13:38:34 ubuntu systemd[1]: Started LSB: start and stop agari-collector-milter. Sep 27 14:46:21 ubuntu systemd[1]: Stopping LSB: start and stop agari-collector-milter... Sep 27 14:46:21 ubuntu agari-collector[4664]: agari-collectord is not running. Sep 27 14:46:21 ubuntu systemd[1]: Stopped LSB: start and stop agari-collector-milter. Sep 27 14:48:36 ubuntu systemd[1]: Stopped LSB: start and stop agari-collector-milter. Warning: agari-collector.service changed on disk. Run 'systemctl daemon-reload' to reload units. Writing sensor configuration to file: /var/opt/agari/tmp/agari.df8jXF/etc/collector.yml
You can specify UNIX group permissions for access to the logs and configuration data   You can specify an HTTPS proxy                       You can specify TLS certificated to use for SMTP connections to the Sensor   You can specify DEBUG –level logging	Do you want to verify the AWS SSL server certificates  used for communications from this sensor to AWS? [y/N](no)>no   You may optionally specify a Unix group that will be given read access to logs as well as write access to the collector's configuration and data.   Group name (root): Will this sensor use an HTTPS proxy to send data to the cloud? [y/N](no)>   Testing access to download S3 bucket...   OK.   Testing access to configuration S3 bucket...   OK.   Testing access to data ingest S3 bucket...   OK.   Testing access to statistical ping SNS topic...   OK.   Testing access to data ingest Kinesis stream...   OK.   Do you want to configure TLS Certificates for incoming SMTP traffic to this sensor? [y/N](no)> n Require that all SMTP sessions use TLS? [y/N](no)?> n Which port should this sensor listen on for incoming SMTP connections? [25]> Enable DEBUG-level logging? [y/N](no)> n + : Creating directories ... + mkdir -p /var/opt/agari/etc /var/opt/agari/run /var/opt/agari/spool /var/opt/agari/shared /var/opt/agari/log + mkdir -p /opt/agari/bin /opt/agari/lib + ln -Tsf /var/opt/agari/etc/ /opt/agari/etc + ln -Tsf /var/opt/agari/etc/ /etc/agari + ln -Tsf /var/opt/agari/log/ /var/log/agari
	Running Install/Upgrade steps...   Moving new files to /opt/agari Downloading docker image from S3...   Deleting old docker containers...   Deleting old docker images...   Loading new docker image...   Updated version to 17.09.27035106   Running post-installation Running post-installation Running post-install steps...   Removing temporary install files in /var/opt/agari/tmp/agari.df8jXF   Installation Complete

At this point, the Sensor has been successfully installed.

If you have access to Cloud Email Protection, you should be able to navigate to the Manage > Sensors pages and see that the Sensor has connected.

TIP: The Sensor should phone home after about 2 minutes.