CrowdStrike Sensor | CentOS-RHEL | Install .header { font-size: 14px; background-color: #990000; color: white; padding: 6px 40px 6px 10px; white-space: nowrap; } .row { font-size: 14px; padding: 6px 40px 6px 10px; border: 1px solid black; border-top: none; } .nowrap { white-space: nowrap; }
This fixlet will download and install the CrowdStrike Sensor for Linux on the targeted CentOS/RHEL endpoints..
  
This fixlet is provided "As-Is" and without warranty.
]]> (unix of operating system) AND ((operating system as string as lowercase contains "CentOS" as lowercase) OR (operating system as string as lowercase contains "RHEL" as lowercase) OR (operating system as string as lowercase contains "RedHat" as lowercase) OR (operating system as string as lowercase contains "Red Hat" as lowercase)) exists folder "/etc/yum" not exists package "falcon-sensor" of rpm CrowdStrike, Sensor, Install, CentOS, RHEL 2450991 HCL BigFix Professional Services casey.cannady@hcl.com 2020-11-12 x-fixlet-modification-time Thu, 12 Nov 2020 21:44:49 +0000 BESC Click here to run the CrowdStrike Sensor install for CentOS. // *** ******************************************************************************** *** // *** Title :: CrowdStrike Sensor | CentOS | Install *** // *** Author :: Casey Cannady (casey.cannady@hcl.com) *** // *** Company :: HCL Software - BigFix Professional Services *** // *** Date Created :: 11/12/2020 *** // *** Date Modified :: 11/12/2020 *** // *** ******************************************************************************** *** // *** Documentation :: *** // *** https://www.crowdstrike.com/blog/tech-center/install-falcon-sensor-for-linux *** // *** ******************************************************************************** *** // Query operator for action parameters of fixlet action parameter query "_inputCID" with description "Please input the CrowdStrike CID." with default "YOUR-COMPANY-CID" // Prefetch the CrowdStrike sensor from the designated URL prefetch falcon-sensor-5.43.0-10807.el7.x86_64.rpm sha1:546221fb0507d3465fdce35bddeb9ec6baeb8428 size:2433836 http://bigfix.company-domain.com:52311/Uploads/CrowdStrike/falcon-sensor-5.43.0-10807.el7.x86_64.rpm sha256:1806ae82913c59b84fe2e2afbadf2b736d1dba83eb81d7c0e93a57915628ad75 // Good housekeeping delete "/tmp/falcon-sensor-5.43.0-10807.el7.x86_64.rpm" // Move the downloaded RPM to TMP directory move "__Download/falcon-sensor-5.43.0-10807.el7.x86_64.rpm" "/tmp/falcon-sensor-5.43.0-10807.el7.x86_64.rpm" // Update RPM permissions wait sudo su - root -c "chmod 744 /tmp/falcon-sensor-5.43.0-10807.el7.x86_64.rpm" parameter "__ExitCode01" = "{if exist exit code of action then exit code of action as string else "999"}" if {parameter "__ExitCode01" != "0"} exit {parameter "__ExitCode01"} endif // Execute RPM install command for CrowdStrike sensor wait sudo su - root -c "yum install falcon-sensor-5.43.0-10807.el7.x86_64.rpm" parameter "__ExitCode02" = "{if exist exit code of action then exit code of action as string else "998"}" if {parameter "__ExitCode02" != "0"} exit {parameter "__ExitCode02"} endif // Set CID config for sensor as per documentation wait sudo su - root -c "/opt/CrowdStrike/falconctl -s --cid={parameter "_inputCID"}" parameter "__ExitCode03" = "{if exist exit code of action then exit code of action as string else "997"}" if {parameter "__ExitCode03" != "0"} exit {parameter "__ExitCode03"} endif // Start the CrowdStrike sensor as per documentation wait sudo su - root -c "systemctl start falcon-sensor" parameter "__ExitCode04" = "{if exist exit code of action then exit code of action as string else "996"}" if {parameter "__ExitCode04" != "0"} exit {parameter "__ExitCode04"} endif // Validate that the CrowdStrike sensor is now running if {not exsits process "falcon-sensor"} exit "995" endif // Good housekeeping delete "/tmp/falcon-sensor-5.43.0-10807.el7.x86_64.rpm" exit code of action != 0