1. Introduction
2. Installation
3. Upgrade
4. Commands
5. Configuration

Installing

Installing the Sicura Agent is easy on both Windows and Linux systems.

Begin by having an instance of Sicura Console up and running.

Once you’ve logged into your console, navigate to the Infrastructure -> Management page and click the Agent Downloads link at the top of the page.

Here you will see a set of instructions on how to get started with the agent.

Click on the package you wish to install. For Windows download the .msi file, for Linux download the .rpm file.

The installation packages can also be downloaded without logging into the Console, from the following paths:

• Windows - http(s)://(console URL):(port)/client/windows/sicura-agent-latest.exe
• Linux (EL7 or EL8) - http(s)://(console URL):(port)/client/el/sicura-agent-latest.rpm

Linux

The Sicura Agent requires the following packages:

• openscap-scanner - available on @updates
  • puppet-agent - available on Sicura Enterprise, Sicura Console, and Puppet repositories
  • puppet-bolt - available on Sicura Enterprise, Sicura Console, and Puppet repositories

Sicura Enterprise and Sicura Console repositories require that the license.key file be located on the system in /etc/sicura/. With the license.key file in place, add the desired repository by running

• EL7 - yum install https://download.simp-project.com/sicura-release-console.el7.rpm
  • EL8 - yum install https://download.simp-project.com/sicura-release-console.el8.rpm

The Puppet repository can be installed by running

• EL7 - yum install https://yum.puppet.com/puppet7-release-el-7.noarch.rpm
  • EL8 - yum install https://yum.puppet.com/puppet7-release-el-8.noarch.rpm

Once the prerequisites are installed, run yum install sicura-agent.rpm using your terminal or using your preferred RPM installer GUI.

Windows

Double click the .msi file. This will run you through an interactive installation. Follow the simple on-screen instructions for quick installation. You will be provided links to install prerequisites during the install wizard.

Important Things to Know

Once installed, it is important to know about certain files and directories that the agent uses on your system.

Installation Directory

This is the location you can find the Sicura Agent binaries if you need to move/reference them.

• Linux sicura-agent will be located in /usr/bin by default.

If you’re looking for the config file this can be found in /etc/sicura/sicura-agent.yaml

• Windows sicura-agent.exe is located in C:\Program Files\Sicura\Sicura Agent\bin by default. There is also a sicura-agent-wrapper.ps1 script which will open an elevated Powershell prompt with the agent ready to go.

If you’re looking for the config file this can be found in C:\Program Files\Sicura\Sicura Agent\sicura-agent.yaml

State Directory

This directory contains all of the current working state information used by the agent to perform tasks. The Platform independent directory structure is:

  state
	  |_ benchmarks
		  |_ scap
			  |_ cis
			  |_ stig
	  |_ reports
	  |_ state.json

You can find your Sicura_AUTHOR_Content***.xml files saved into the benchmarks/scap directories. The reports directory is the default location for all scan reports.

state.json contains the working login token for any collectors that an Agent has registered. It also contains a working list of all Sicura Compliance Engine reports that have been sent to the Console. A SHA256 sum of each file is saved to state.json each time the compliance report updates.

• Linux The state directory can be found at /var/db/sicura/agent/state

• Windows The state directory can be found at C:\ProgramData\Sicura\agent\state