The silent or unattended installation is useful if you need to install more than one agent. Silent installation allows you to install the agent without interactively running the installation script.
IMPORTANT:To perform silent installation, ensure that you have recorded the installation parameters during the interactive installation and then run the recorded file on other endpoints. Silent installation uses an installation file that records the information required for completing the installation. Each line in the file is a name=value pair that provides the required information, for example, HOME=/usr/netiq.
The installation script extracts information from the installation file and installs the agent according to the values you specify.
If you use the deployment wizard to perform local installation on one computer, you can create a silent installation file based on your requirement. A sample installation file, SampleSilentInstallation.cfg, is located in your agent download package.
To perform a silent installation:
Download the installation files from the NetIQ Downloads website.
Download the package in the root folder and specify the following command to extract the install files from the tar file:
tar -zxvf <install_filename>
Replace <install_filename> with the actual name of the install file.
After you create the installation file, you can run silent installation on the endpoints from command line using the following command:
./install.sh <Target_Directory> -s <SilentConfigurationFile>.cfg
Where Target_Directory is the directory you want to install the agent and SilentConfigurationFile is the file name used to specify the installation options. You can also use the default configuration file, SampleSilentInstallation.cfg. The installation file name must be specified as an absolute path. By default, SampleSilentInstallation.cfg is located in the agent install directory.
NOTE:If you are using the agent with Sentinel, perform additional steps after the silent installation:
Deploy the Sentinel rules using UAM on the system running the agent. For information about how to deploy rules, see Activating Rule Sets.
Configure Oracle database monitoring by clicking Configure > Sentinel Options > Configure Oracle Endpoints.
Following is the list of parameters that you can use during silent installation:
|
Parameter |
Description |
|---|---|
FRESH_INSTALL |
Specifies whether you want to install or upgrade the agent. Valid entries are 1 (install) and 0 (upgrade). The default value is 1. |
CREATE_TARGET_DIR |
Specifies whether you want the install program to create the target installation directory if it does not already exist. Valid entries are y and n. The default value is y. |
CONTINUE_WITHOUT_PATCHES |
Specifies whether the install program stops or continues when the operating system is not a supported version. Valid entries are y and n. The default value is n. |
IQCONNECT_PORT |
Specifies the port that the agent uses to listen for communications from UAM. The default value is 2620. |
IQ_STARTUP |
Specify restart method for the uagent process. For information about the options, see Restart Methods for the Security Agent for UNIX. Valid entries are rclink and inittab. The default option is rclink. |
USE__COMMON |
Specifies whether the agent communicates with UAM in FIPS mode. For more information about this option, see Section 5.0, Converting Agent from Non-FIPS to FIPS mode. The default value is 0. |
INSTALL_SENTINEL |
Specifies whether the agent works with Sentinel. Valid entries are y and n. |
SENTINEL_ADDR= |
Specifies the IP address of the primary Sentinel Agent Manager Server SSL. |
SENTINEL_PORT |
Specifies the port that the agent uses to communicate with Sentinel. The default value is 1590. |
SENTINEL_FAILOVER1_ADDR= |
Specifies the IP address of the failover Sentinel that the agent attempts to contact if the primary Sentinel does not respond. |
SENTINEL_FAILOVER1_PORT= |
Specifies the port that the agent uses to communicate with the first failover Sentinel. The default value is 1590. |
SENTINEL_FAILOVER2_ADDR= |
Specifies the IP address of the failover Sentinel server that the agent attempts to contact if the first failover Sentinel does not respond. |
SENTINEL_FAILOVER2_PORT= |
Specifies the port that the agent uses to communicate with the second failover Sentinel server. The default value is 1590. |
SENTINEL_PRIMARY_RETRY |
Specifies how many seconds you want the agent to wait before attempting to reconnect to a primary computer that does not respond. |
SENTINEL_SNMP_TRAPS |
Specifies the port that the agent monitors for SNMP notifications. |
SENTINEL_LOW_DISK |
Specifies the minimum disk space in bytes that are required to run the agent. If the disk space falls below this limit, then the agent stops monitoring. |
SENTINEL_STARTUP |
Specifies restart method for the agent. For information about the options, see Restart Methods for the Security Agent for UNIX. Valid entries are rclink and inittab. The default value is rclink. |
MANAGE_AUDIT_LOGS |
Specifies whether the agent reduces the size and removes old audit logs. Valid entries are y and n. |
AUDIT_LOG_SIZE |
Specifies the maximum size, in bytes, that the agent allows an audit log to reach before starting a new log. |
AUDIT_LOG_RETENTION |
Specifies the number of audit logs that the agent keeps. Once this number of audit logs exists, the agent deletes old logs when making new ones. |
KEEP_OLD_AGENT_DIR |
Specifies whether to keep the previous installation directory when you are upgrading the agent. Valid entries are y and n. |
OLD_INSTALL_DIR_MOVED |
Specifies the directory where you want the installation program to move to the previous installation directory. |