If you haven’t already, enable the Linux debug subsystem, which we use to instrument kernel and userspace events. Newer kernels (what # & up??) have it enabled by default. To enable the debug subsystem, use the following command:
sudo mount -t debugfs nodev /sys/kernel/debug
Installation via a Binary
The Capsule8 sensor can be installed as a binary on Red Hat Enterprise Linux (RHEL), CentOS, or Fedora using the following command:
sudo rpm -i capsule8-sensor-*.rpm
Note: For RHEL 6 or CentOS 6 distributions, the
redhat-lsb-core dependency is required and can be installed suing the following command:
sudo yum install -y redhat-lsb-core
Installation via the Capsule8 Package Repository
Capsule8 maintains an external package repository where deb and rpm packages are managed so that any user with an access token can install the correct packages for their system.
To start, ask your Capsule8 rep for an access token to Capsule8’s package repository. This will be a read-only token that is used to authenticate with PackageCloud. Access tokens are alpha numeric strings with no punctuation.
Once you receive your access token, the local system must be updated to enable package installation. This is performed through the following script, in which you should substitute your access token at the beginning of the url (after
https:// and before
curl -s https://10987654321fedcba893fab2838bce8923984abcdef0123456789:@packagecloud.io/install/repositories/capsule8/capsule8/script.rpm.sh | sudo bash
Once the local system is updated to pull Capsule8’s packages, installation can be done through the system’s native package installer. Before proceeding, make note of which package manager is being used to start and manage running packages on your system, as well as which version of Capsule8 you desire.
The service and package manager of the system is required when installing a Capsule8 package. The most recent version available will be installed by default, although you may optionally provide your desired version. As an example, the following is a command that would install the Capsule8 sensor version
2.2.3 for a system using
upstart as its service manager on a machine using
yum as its package manager:
sudo yum install capsule8-sensor-upstart-2.2.3
Upgrading the Sensor
The sensor can be upgraded by installing the desired Capsule8 Sensor package with your package manager. The package is installed with the name Capsule8 Sensor with the service manager (eg. sysV, systemd, upstart or runit) as a hyphenated suffix, such as:
sudo yum install capsule8-sensor-upstart