Skip to main content

Install with Chef

If using Chef Infra for configuration management, Lacework maintains the following two Chef cookbooks that can be used to deploy the Lacework Linux agent to supported Linux hosts:

  • Datacollector Cookbook - Simple cookbook used to install the latest 'GA' version of the datacollector agent using an embedded agent token. This cookbook is not idempotent, customizable, or specifically designed to be run using a Chef run_list.

  • Chef Lacework Cookbook - This cookbook is open source and is published to the Chef Supermarket. The cookbook is idempotent by design, customizable using Chef attributes, supports multiple installation methods (script, repo, package), provides the ability to install specific versions of the datacollector agent, and manage any supported configuration for the datacollector agent. This cookbook is suitable for customers that run Chef repeatedly on a schedule using a Chef run_list and a Chef Server. For more information see the Chef Lacework cookbook on the Lacework Chef GitHub Repository, or on the Chef Supermarket.

Lacework Datacollector Cookbook

This simple Chef cookbook distributes the Lacework install.sh script to your nodes. The script subsequently installs the latest GA release of the Lacework agent.

This cookbook does not contain custom attribute files, resources, templates, providers, or library files. By design, this cookbook is not idempotent. After download, you can customize the cookbook for your environment, or alternatively you can consider the open source Chef Lacework Cookbook maintained by Lacework on the Chef Supermarket.

The installation script, which can be found in the files directory, is also commented.

To try this recipe:

  1. Unzip the .tar.gz.
  2. Review the datacollector cookbook, which contains the following directories:
    datacollector  
    |- recipes
    |- README.md
    |- metadata.rb
    |- files
  3. Move the datacollector cookbook to your repo on your Chef DK workstation.
  4. Upload the cookbook to your Chef server.
  5. Add the datacollector recipe to your test node or production nodes using your preferred Chef CLI commands.
note
  • The install.sh script is periodically updated. Download the current cookbook or install script before proceeding.
  • The datacollector install script itself is idempotent.

After you install the agent, it takes 10 to 15 minutes for agent data to appear in the Lacework Console under Resources > Agents.

Use Agent Server URL

In agent v3.8 and higher, you can optionally specify the endpoint that the agent communicates with. For more information, see Agent Server URL.

When you download chef.tar.gz from the Lacework Console, the agent server URL is already included in the file and you do not need any additional configuration.

Download the Script from GitHub

When you download Chef files from the Lacework Chef GitHub Repository, edit the chef recipe default.rb to pass the serverurl as follows:

Edit: chef/datacollector/recipes/default.rb

execute 'datacollector' do

command 'sh /tmp/install.sh -U Your_API_Endpoint'

end

Where Your_API_Endpoint is your agent server URL.