Use the Agent manifest file

Using the Agent manifest file is a great way to automate the configuration of servers in your Panopta account. If you opt to use the Agent manifest file, you can seed many of the configuration values and have the Agent automatically add the server into Panopta.

The Agent manifest file is only used during the initial installation of the Agent. Subsequent changes must be made using the Panopta Agent configuration file. This file can be found in the following directories:

Linux: /etc/panopta-agent/panota-agent.cfg

Windows: C:\Program Files(x86)\PanoptaAgent\Agent.config

The Agent manifest file can also be used in conjunction with the Agent oneliner which normally generates a new manifest file with the server's customer and/or server keys. If you have an existing manifest file on the server, the manifest file will be detected and the information from the Agent onliner will be injected into the existing file. Any settings on the existing manifest file will be preserved.

Windows PowerShell or MSI 

Create a manifest file in C:\, for example C:\SampleAgent.manifest. Once this is added, you can set the desired default values. At a minimum, you should add the customer key parameter like below:

Basic Agent Manifest File

If you are using PowerShell, run the following command from within the same directory as install.ps1. The Agent will install and add the server to your Panopta account.

Powershell Install Command

If you are using MSI, run the following command from within the same directory as the MSI. The Agent will install and add the server to your Panopta account.

MSI Install Command

Linux 

Create the manifest file in /etc/panopta-agent-manifest. Then you can install the agent with either the python 2.xx or python3 command below:

Python

Python 3

Example Manifest file 

The content of the manifest file for both Windows and Linux are shown below. You do not need to specify values for everything. A detailed description of each parameter is explained below the sample content:

Parameters 

Parameter

Description

customer_key 

This identifies you with your Panopta account. By setting this value, the agent will automatically add the server to the Panopta control panel. You can find this key in the control panel under My Account under your icon at the top right.

server_key

The server key is what allows the Agent to communicate with our servers securely. You have the option of setting this value if you like. However, we highly recommend that you allow a key to be generated for you and linked to the server in Panopta accordingly.

Note: all server keys must be unique.

aggregator_url

This controls the API which the Agent communicates with to report its results. You should not enter an aggregator URL unless you are using Panopta Onsight as a proxy for servers that do not have outbound public internet access. If you are using Panopta Onsight as a proxy and don't know the aggregator URL, please contact our support team.

server_group

This controls which group your server gets added to in the control panel. Any server template(s) that you have set to be applied to this group will be applied to this server as well. The value of the server group is identified by an ID or a name. If you go to an instance group in the control panel, you can see that group's ID number at the end of that page's URL.

FQDN

This field acts as an override for the hostname that is auto-detected by the Agent. If you do not include this field, your server will be given its natural FQDN in the control panel.

server_name

This field lets you set a logical name for this server. That name will identify the server in the control panel.

interface_mapping

This value is only used if:

  • A template will be auto-applied to the server being created

  • that template has place holders for multiple network interfaces. 

If your server has multiple network interfaces and the template which is being applied has placeholders for multiple network interfaces, you have to provide a mapping of the IP for that network interface to the placeholder.

For example, if your server template has the network interface placeholder named Private, and your server has a network interface with the IP set to 10.100.100.2, you would configure it like this:

interface_mapping = private:10.100.100.2

templates

This field lets you choose which templates you would like to apply to this server. The value of the template is identified by an ID. If you go to a server template in the control panel, you can see that template's ID number at the end of that page's URL.

tags

This field would allow you to add tags to your server. This can be set to any value but would need to be comma-separated to indicate different tags.

tags = tag1, tag2, tag3

partner_server_id 

This value can be used by Panopta partners in order to store their own internal unique identifiers for that server. Setting the value in the manifest file sets it on the Server/Instance object which can then help in server lookups by the partner's ID (via API or within the control panel).

disable_server_match

The default behavior, when customer_key is provided, is to do some automatic server matching by hostname or IP. In some cases, this may be undesirable if you have overlapping private IP ranges across environments. This option allows you to disable the matching logic.

attributes

You can also add an additional field for attributes. This will need to go underneath the rest of the manifest file configurations, and you can set the attributes to any value.

custom_plugin_url

If you have written your own custom plugins, you can host them centrally and have the agent retrieve them during installation so that you do not have to manually manage them post-install. The value of this variable can be a compressed archive (.zip, .tar or .tgz) or a single python file (with a .py extension).

New plugins are fetched from the URL defined in custom_plugin_url during metadata rebuilds. By default, metadata rebuilds occur once every hour. You also have the option to manually re-fetch new plugins by issuing a metadata rebuild command, either through the control panel or the command line. 

enable_countermeasures

This flag enables the CounterMeasures remediation feature in the Agent. Read more about this here.

countermeasures_remote_plugins

If you have written your own custom CounterMeasures plugins, you can host them centrally and have the Agent retrieve them during installation so that you do not have to manually manage them post-install. The value of this variable can be a compressed archive (.zip, .tar or .tgz).

countermeasures_refresh_plugins

If you would like updates to your CounterMeasures plugins to automatically be applied, you can optionally set countermeasures_refresh_plugins to the number of hours for the refresh interval and the Agent will re-fetch the newest plugins from your remote plugin location.

plugin_configuration

To pass plugin configuration to a standard Panopta plugin or one of your own custom plugins, specify those at the bottom of the file. Examples for Linux and Windows are shown in the following sections.

Linux custom plugin configuration 

Manifest file

Windows custom plugin configuration 

Manifest file