Deploy Defender for IoT C# based security agent for Linux
This guide explains how to install and deploy the Defender for IoT C#-based security agent on Linux.
In this guide, you learn how to:
- Install
- Verify deployment
- Uninstall the agent
- Troubleshoot
Prerequisites
For other platforms and agent flavors, see Choose the right security agent.
To deploy the security agent, local admin rights are required on the machine you wish to install on.
Create a Defender-IoT-micro-agent for the device.
Installation
To deploy the security agent, use the following steps:
Download the most recent version to your machine from GitHub.
Extract the contents of the package and navigate to the /Install folder.
Add running permissions to the InstallSecurityAgent script by running
chmod +x InstallSecurityAgent.shNext, run the following command with root privileges:
./InstallSecurityAgent.sh -i -aui <authentication identity> -aum <authentication method> -f <file path> -hn <host name> -di <device id> -cl <certificate location kind>for more information about authentication parameters, see How to configure authentication.
This script performs the following actions:
Installs prerequisites.
Adds a service user (with interactive sign-in disabled).
Installs the agent as a Daemon - assumes the device uses systemd for legacy deployment model.
Configures sudoers to allow the agent to do certain tasks as root.
Configures the agent with the provided authentication parameters.
For additional help, run the script with the –help parameter: ./InstallSecurityAgent.sh --help
Uninstall the agent
To uninstall the agent, run the script with the –u parameter: ./InstallSecurityAgent.sh -u.
Note
Uninstall does not remove any missing prerequisites that were installed during installation.
Troubleshooting
Check the deployment status by running:
systemctl status ASCIoTAgent.serviceEnable logging. If the agent fails to start, turn on logging to get more information.
Turn on the logging by:
Open the configuration file for editing in any Linux editor:
vi /var/ASCIoTAgent/General.configEdit the following values:
<add key="logLevel" value="Debug"/> <add key="fileLogLevel" value="Debug"/> <add key="diagnosticVerbosityLevel" value="Some" /> <add key="logFilePath" value="IotAgentLog.log"/>The logFilePath value is configurable.
Note
We recommend turning logging off after troubleshooting is complete. Leaving logging on increases log file size and data usage.
Restart the agent by running:
systemctl restart ASCIoTAgent.serviceView the log file for more information about the failure.
Log file location is:
/var/ASCIoTAgent/IotAgentLog.logChange the file location path according to the name you chose for the logFilePath in step 2.
Next steps
- Read the Defender for IoT service Overview
- Learn more about Defender for IoT What is agent-based solution for device builders
- Enable the service
- Read the Microsoft Defender for IoT agent frequently asked questions
- Understand alerts
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for