Install with Ansible
Because Ansible is a flexible and extensible automation tool, you can use multiple strategies to install the Lacework agents. Use the following skeleton Debian and RPM playbooks as building blocks to create more advanced, environment-specific playbooks.
Each playbook consists of two parts:
Installation of the Lacework agent. To ensure the latest package, the playbooks query the Lacework repository. Playbooks can be made to retrieve files locally.
Distribution of a Lacework configuration file - config.json. The config.json file must minimally include an access token or the Lacework datacollector cannot communicate with the Lacework application. If you are non-US user, you must add your agent server URL in the config.json file. For more information, see config.json.
In the examples below, config.json is located in the /etc/ansible/lacework/ directory of the Ansible server. You must create this file.
RPM Installation
- hosts: lacework_servers
become: yes
tasks:
- name: configure the lacework repo
yum_repository:
name: packages-lacework-prod
description: packages-lacework-prod
baseurl: https://packages.lacework.net/latest/RPMS/x86_64/
gpgkey: https://packages.lacework.net/latest/keys/RPM-GPG-KEY-lacework
gpgcheck: yes
enabled: yes
- name: install lacework datacollector
yum:
name: lacework
state: latest
- name: wait until /var/lib/lacework/config/ is created
wait_for:
path: /var/lib/lacework/config/
- name: copy config.json
copy:
src: /etc/ansible/lacework/config.json
dest: /var/lib/lacework/config/config.json
owner: root
group: root
mode: 0644
Debian Installation
- hosts: lacework_servers
become: yes
tasks:
- name: add apt signing key
apt_key:
keyserver: hkp://keyserver.ubuntu.com:80
id: EE0CC692
state: present
- name: add lacework repository into source list
apt_repository:
repo: "deb [arch=amd64] https://packages.lacework.net/latest/DEB/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} main"
filename: lacework
state: present
update_cache: yes
- name: install lacework datacollector
apt:
name: lacework
state: latest
- name: wait until /var/lib/lacework/config/ is created
wait_for:
path: /var/lib/lacework/config/
- name: copy config.json
copy:
src: /etc/ansible/lacework/config.json
dest: /var/lib/lacework/config/config.json
owner: root
group: root
mode: 0644
After you install the agent, it takes 10 to 15 minutes for agent data to appear in the Lacework Console under Resources > Agents.