Linux Agent
Install the NetRecon agent on Linux endpoints for continuous monitoring and inventory reporting.
Prerequisites
- Ubuntu 20.04+ / Debian 11+ / RHEL 8+ / Fedora 36+ (or compatible)
- Root or sudo access (for installation)
- Network connectivity to the probe (direct or via Cloudflare Tunnel)
- An enrollment token from the probe dashboard
- systemd (for service management)
Manual Installation
Debian/Ubuntu (DEB)
Step 1: Download the Package
# Download from the probe dashboard, or use curl:
curl -O https://probe.netreconapp.com/downloads/netrecon-agent-linux-amd64.deb
For ARM64 systems:
curl -O https://probe.netreconapp.com/downloads/netrecon-agent-linux-arm64.deb
Step 2: Install
sudo dpkg -i netrecon-agent-linux-amd64.deb
Step 3: Configure and Start
sudo netrecon-agent configure \
--server-url "https://probe.netreconapp.com" \
--enrollment-token "your-token-here"
sudo systemctl enable --now netrecon-agent
RHEL/Fedora (RPM)
Step 1: Download the Package
curl -O https://probe.netreconapp.com/downloads/netrecon-agent-linux-amd64.rpm
Step 2: Install
sudo rpm -i netrecon-agent-linux-amd64.rpm
# or with dnf:
sudo dnf install ./netrecon-agent-linux-amd64.rpm
Step 3: Configure and Start
sudo netrecon-agent configure \
--server-url "https://probe.netreconapp.com" \
--enrollment-token "your-token-here"
sudo systemctl enable --now netrecon-agent
CLI Setup Wizard
The agent includes an interactive setup wizard for manual configuration:
sudo netrecon-agent setup
The wizard prompts for:
- Server URL — the probe's HTTPS URL
- Enrollment Token — paste your token
- Heartbeat Interval — frequency of check-ins (default: 30s)
- Report Interval — frequency of full data upload (default: 15m)
- Log Level — debug, info, warn, error (default: info)
After completing the wizard, the agent starts automatically.
Automated Deployment
One-Line Install Script
For quick deployment across multiple servers:
curl -fsSL https://probe.netreconapp.com/install-agent.sh | sudo bash -s -- \
--server-url "https://probe.netreconapp.com" \
--enrollment-token "your-fleet-token"
The script:
- Detects the Linux distribution and architecture
- Downloads the appropriate package (DEB or RPM)
- Installs the package
- Configures the agent with the provided parameters
- Starts the service
Ansible Playbook
For configuration management at scale:
---
- name: Deploy NetRecon Agent
hosts: all
become: true
vars:
netrecon_server_url: "https://probe.netreconapp.com"
netrecon_enrollment_token: "your-fleet-token"
netrecon_agent_version: "2.2.0"
tasks:
- name: Download agent package (Debian)
get_url:
url: "{{ netrecon_server_url }}/downloads/netrecon-agent-linux-{{ ansible_architecture }}.deb"
dest: /tmp/netrecon-agent.deb
when: ansible_os_family == "Debian"
- name: Install agent (Debian)
apt:
deb: /tmp/netrecon-agent.deb
when: ansible_os_family == "Debian"
- name: Download agent package (RedHat)
get_url:
url: "{{ netrecon_server_url }}/downloads/netrecon-agent-linux-{{ ansible_architecture }}.rpm"
dest: /tmp/netrecon-agent.rpm
when: ansible_os_family == "RedHat"
- name: Install agent (RedHat)
dnf:
name: /tmp/netrecon-agent.rpm
state: present
when: ansible_os_family == "RedHat"
- name: Configure agent
command: >
netrecon-agent configure
--server-url "{{ netrecon_server_url }}"
--enrollment-token "{{ netrecon_enrollment_token }}"
- name: Enable and start agent
systemd:
name: netrecon-agent
enabled: true
state: started
Shell Script for Multiple Servers
#!/bin/bash
SERVERS="server1.example.com server2.example.com server3.example.com"
TOKEN="your-fleet-token"
SERVER_URL="https://probe.netreconapp.com"
for server in $SERVERS; do
echo "Deploying to $server..."
ssh root@$server "curl -fsSL ${SERVER_URL}/install-agent.sh | bash -s -- --server-url ${SERVER_URL} --enrollment-token ${TOKEN}"
done
Agent Management
Configuration File
/etc/netrecon/agent.yaml
server_url: "https://probe.netreconapp.com"
heartbeat_interval: 30
report_interval: 900
log_level: "info"
log_file: "/var/log/netrecon/agent.log"
Service Commands
# Check status
sudo systemctl status netrecon-agent
# Stop
sudo systemctl stop netrecon-agent
# Start
sudo systemctl start netrecon-agent
# Restart
sudo systemctl restart netrecon-agent
# View logs
sudo journalctl -u netrecon-agent -f
Uninstallation
Debian/Ubuntu:
sudo systemctl stop netrecon-agent
sudo apt remove netrecon-agent
RHEL/Fedora:
sudo systemctl stop netrecon-agent
sudo dnf remove netrecon-agent
SELinux Configuration
On RHEL/Fedora systems with SELinux enforcing, the agent needs a policy module:
# The agent package includes an SELinux policy, but if needed:
sudo semanage fcontext -a -t bin_t '/usr/local/bin/netrecon-agent'
sudo restorecon -v /usr/local/bin/netrecon-agent
If SELinux blocks network access:
sudo setsebool -P netrecon_agent_can_network_connect 1
Firewall Configuration
The agent only requires outbound HTTPS (port 443). No inbound rules are needed.
# UFW (Ubuntu)
sudo ufw allow out 443/tcp
# firewalld (RHEL/Fedora)
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload
Troubleshooting
Agent not starting
# Check service status
sudo systemctl status netrecon-agent
# Check logs
sudo journalctl -u netrecon-agent --no-pager -n 50
# Verify config file syntax
netrecon-agent validate-config
Permission denied
- Ensure the agent binary has execute permission:
ls -la /usr/local/bin/netrecon-agent - Check SELinux denials:
sudo ausearch -m AVC -ts recent
Connection refused
- Test connectivity:
curl -I https://probe.netreconapp.com/api/health - Check DNS resolution:
dig probe.netreconapp.com - Verify no proxy is interfering; set
no_proxyif needed
FAQ
Q: Does the agent work on Alpine Linux or other musl-based distributions? A: The agent is compiled against glibc. Alpine Linux and other musl-based distributions are not currently supported.
Q: Can I run the agent in a Docker container? A: While technically possible, the agent is designed to monitor the host system. Running it in a container limits its ability to gather host-level data. Install directly on the host instead.
Q: Does the agent support ARM (32-bit)? A: The Linux agent is available for amd64 (x86_64) and arm64 (aarch64). 32-bit ARM is not supported.
For additional help, contact [email protected].