Good to Know Typically the agent installation requires root level access on the system (for example in order to access the RPM database). After the cloud agent has been installed it can be configured to run in a specific user and group context (using the agent configuration tool).
Looking for our agent configuration tool? Click here
Credentials - what are my options
This is recommended as it gives the cloud agent enough privileges to gather the necessary information for the host system's evaluation.
The non-root user needs to have sudo privileges directly OR through a group membership. Be sure NOPASSWD option is configured.
Here is an example of agentuser entry in sudoers file (where "agentuser" is the user name for the account you'll use to install the Agent):
%agentuser ALL=(ALL) NOPASSWD: ALL
1) execute installation package for automatic update
2) commands required for data collection (see Sudo command list at the Community)
Linux/BSD/Unix Agent - How to enable proxy
Good to Know By default the Linux/BSD/Unix Agent will operate in non-proxy mode. The agent can be configured to use an HTTPS or HTTP proxy for internet access.
Options The agent can be configured in one of these ways:
1) /etc/sysconfig/qualys-cloud-agent - applicable for Cloud Agent on Linux (.rpm)
2) /etc/default/qualys-cloud-agent - applicable for Cloud Agent on Linux (.deb)
3) /etc/environment - applicable for Cloud Agent on Linux (.rpm), Linux (.deb).
4) /usr/local/etc/qualys-cloud-agent - applicable for Cloud Agent on BSD (.txz)
Tip - Option 3) is a better choice for Linux/Unix if the systemwide proxy will be used by the agent.
Here are the steps to enable the Linux agent to use a proxy for communication with our cloud platform:
1) if /etc/sysconfig/qualys-cloud-agent file doesn't exist create it
2) add one of the following lines to the file:
where <username> and <password> are specified if the https proxy uses authentication. If special characters are embedded in the username or password (e.g. @, :, $) they need to be url-encoded. where <host> is the proxy server's IPv4 address or FQDN. where <port> is the proxy's port number.
If the proxy is specified with the https_proxy environment variable, it will be used for all commands performed by the Cloud Agent. If the proxy is specified with the qualys_https_proxy environment variable, it will only be used by the Cloud Agent to communicate with our cloud platform.
3) change the permissions using these commands (not applicable for BSD/Unix):
4) restart qualys-cloud-agent service using the following command:
service qualys-cloud-agent restart
Mac Agent - How to enable proxy
Good to Know Qualys proxy configured in the .../QualysCloudAgent/Config/proxy file will take preference over any proxies set in System Preferences (including Automatic Proxy, Web Proxy (HTTP), or Secure Web Proxy (HTTPS)).
Our tool for Linux, BSD, Unix, MacOS gives you many options: provision agents, configure logging, enable sudo to run all data collection commands, and configure the daemon to run as a specific user and/or group.. This tool is available with Linux Agent 1.3 and later, BSD Agent, Unix Agent, Mac Agent.
You'll find this tool at /usr/local/qualys/cloud-agent/qualys-cloud-agent.sh
On Unix, the tool is located at /opt/qualys/cloud-agent/bin/qualys-cloud-agent.sh
Cloud Agent for Linux Installation Guide
Cloud Agent for BSD Installation Guide
Cloud Agent for Unix Installation Guide
Cloud Agent for Mac Installation Guide
Help me with troubleshooting