Introduction: This document outlines the procedure of installing the Enterprise Agent on Unix\Linux.

 

Prerequisites:

  • Allow incoming communication on port 3999

Procedure:

  1. Locate the proper Agent installer SH script (typically in the "\Forensic_Tools\Agents" folder on the AD Enterprise ISO/disc)
  2. Locate the public certificate to be used by your Agents.
  3. Copy the SH script and public certificate to the target machine.
  4. Open a Terminal and run the following command to give the SH script execute permissions:
    chmod +x
  5. Run the following command to install the Agent:
    sudo {parameters}
  6. Start the Agent with the following command:
    sudo /etc/init.d/agentcored start

 

Parameter Value Default Value Required Description
-installpath /usr/AccessData/agent No Specifies a desired path to install the agent.  Path must be enclosed in quotes if it contains spaces.    If not specified, the default value is assumed.
-lifetime 0 No Specifies the amount of time that a transient agent will exist before self-destructing.  A negative value is used to denote minutes (eg. -30 denotes 30 minutes), and a positive value is used to denote days (eg. 30 denotes 30 days).  0 indicates that the agent will not self-destruct.  If not specified, the default value is assumed.
-port 3999 No The port that the agent will be listening on.  If not specified, the default value is assumed.
-connections 10 No Specifies the number of concurrent connections allowed to the agent.  If not specified, the default value is assumed.
-size 16777216 No Specifies the agent configuration files storage size.  If not specified, the default value is assumed.
-datasize 268435456 No Specifies the agent temporary data storage size.  If not specified, the default value is assumed.