Windows Agent
Install the NetRecon agent on Windows endpoints for continuous monitoring and inventory reporting.
Prerequisites
- Windows 10 or later / Windows Server 2016 or later
- Local administrator privileges (for installation)
- Network connectivity to the probe (direct or via Cloudflare Tunnel)
- An enrollment token from the probe dashboard
Manual Installation
Step 1: Download the MSI
Download netrecon-agent-windows-x64.msi from the probe dashboard:
- Log into the probe dashboard
- Navigate to Agents > Downloads
- Click Windows (MSI)
Step 2: Run the Installer
- Double-click the downloaded MSI file
- Click Next on the welcome screen
- Enter the configuration details:
- Server URL: your probe's URL (e.g.,
https://probe.netreconapp.com) - Enrollment Token: paste the token from the probe dashboard
- Server URL: your probe's URL (e.g.,
- Click Install
- Click Finish when the installation completes
The agent installs to C:\Program Files\NetRecon\Agent\ and registers as a Windows service named NetReconAgent.
Step 3: Verify Installation
Open a Command Prompt as Administrator:
sc query NetReconAgent
The service should show STATE: RUNNING.
Check enrollment status in the probe dashboard under Agents — the new endpoint should appear within 30 seconds.
Silent Installation
For scripted or unattended installation:
msiexec /i netrecon-agent-windows-x64.msi /quiet /norestart SERVER_URL="https://probe.netreconapp.com" ENROLLMENT_TOKEN="your-token-here"
SCCM Deployment
Deploy the agent to thousands of Windows endpoints using Microsoft SCCM (System Center Configuration Manager).
Step 1: Create the Package
- Open the SCCM Console
- Navigate to Software Library > Application Management > Applications
- Click Create Application
- Select Windows Installer (MSI file) and browse to the MSI
- Complete the wizard with the following install command:
msiexec /i netrecon-agent-windows-x64.msi /quiet /norestart SERVER_URL="https://probe.netreconapp.com" ENROLLMENT_TOKEN="your-fleet-token"
Step 2: Configure Detection
Set the detection rule:
- Type: File system
- Path:
C:\Program Files\NetRecon\Agent\ - File:
netrecon-agent.exe - Property: File exists
Step 3: Deploy
- Right-click the application and select Deploy
- Choose your target device collection
- Set the deployment purpose to Required
- Configure the schedule
- Click Next through the wizard and deploy
Intune Deployment
Deploy via Microsoft Intune for cloud-managed endpoints.
Step 1: Prepare the Package
- Convert the MSI to an
.intunewinpackage using the Intune Win32 Content Prep Tool:
IntuneWinAppUtil.exe -c .\source -s netrecon-agent-windows-x64.msi -o .\output
Step 2: Create the App in Intune
- Go to Microsoft Intune Admin Center > Apps > Windows
- Click Add > Windows app (Win32)
- Upload the
.intunewinfile - Configure:
- Install command:
msiexec /i netrecon-agent-windows-x64.msi /quiet /norestart SERVER_URL="https://probe.netreconapp.com" ENROLLMENT_TOKEN="your-fleet-token" - Uninstall command:
msiexec /x {product-code} /quiet - Detection rule: File exists at
C:\Program Files\NetRecon\Agent\netrecon-agent.exe
- Install command:
Step 3: Assign
- Assign to a device group or all devices
- Set as Required for automatic deployment
- Monitor deployment status in the Intune portal
GPO Deployment
Deploy using Group Policy for Active Directory environments.
Step 1: Prepare the Share
- Copy the MSI to a network share accessible by all target machines:
\\fileserver\software\netrecon\netrecon-agent-windows-x64.msi - Ensure the share has Read permissions for Domain Computers
Step 2: Create the GPO
- Open Group Policy Management Console
- Create a new GPO linked to the target OU
- Navigate to Computer Configuration > Policies > Software Settings > Software Installation
- Right-click and select New > Package
- Browse to the MSI on the network share
- Select Assigned deployment method
Step 3: Configure Parameters
Since GPO software installation does not support MSI properties directly, create a transform file (MST) or use a startup script instead:
Create a startup script at \\fileserver\scripts\install-netrecon-agent.bat:
@echo off
if not exist "C:\Program Files\NetRecon\Agent\netrecon-agent.exe" (
msiexec /i "\\fileserver\software\netrecon\netrecon-agent-windows-x64.msi" /quiet /norestart SERVER_URL="https://probe.netreconapp.com" ENROLLMENT_TOKEN="your-fleet-token"
)
Assign this script under Computer Configuration > Policies > Windows Settings > Scripts > Startup.
Agent Management
Configuration File
The agent configuration is stored at:
C:\Program Files\NetRecon\Agent\config.yaml
server_url: "https://probe.netreconapp.com"
heartbeat_interval: 30
report_interval: 900
log_level: "info"
log_file: "C:\\Program Files\\NetRecon\\Agent\\logs\\agent.log"
Service Commands
# Stop the agent
net stop NetReconAgent
# Start the agent
net start NetReconAgent
# Restart the agent
net stop NetReconAgent && net start NetReconAgent
Uninstallation
Via Control Panel:
- Open Settings > Apps > Installed Apps
- Find "NetRecon Agent"
- Click Uninstall
Via command line:
msiexec /x netrecon-agent-windows-x64.msi /quiet
Troubleshooting
Agent not appearing in dashboard
- Verify the service is running:
sc query NetReconAgent - Check the agent log:
C:\Program Files\NetRecon\Agent\logs\agent.log - Verify the SERVER_URL is correct and reachable
- Ensure the enrollment token is valid and has not expired
Service fails to start
- Check Windows Event Viewer for errors under Application log
- Verify the config.yaml file is valid YAML
- Ensure port 443 outbound is not blocked by a firewall
High resource usage
- Check the log for errors causing rapid retries
- Verify the heartbeat and report intervals are not set too low
- Restart the service to clear any accumulated state
FAQ
Q: Does the agent work on Windows ARM (e.g., Surface Pro X)? A: Currently, the agent supports x64 architecture only. ARM64 support is planned.
Q: Can I install the agent alongside other monitoring agents? A: Yes. The NetRecon agent is designed to coexist with other monitoring tools without conflicts.
Q: Does the agent survive Windows updates and reboots? A: Yes. The agent runs as a Windows service set to automatic start, so it restarts after any reboot.
For additional help, contact [email protected].