Once installed, the agent by default will:
/etc/appcanary/agent.ymland load its configuration settings.
- emit logs to
- upon successful registration, write to
At minimum you must specify a valid API key and a process or file for it to watch. You may specify more than one watcher per agent instance, if applicable.
Sample minimum configuration
#/etc/appcanary/agent.yml api_key: "<YOUR_TOKEN_HERE>" watchers: # if on centos or redhat - process: "rpm -qa" # if on ubuntu or debian - file: "/var/lib/dpkg/status" # if you have any number of Ruby apps - file: "/path/to/a/Gemfile.lock" # if you have any number of PHP apps - file: "/path/to/a/composer.lock"
When dealing with large fleets, it's more useful to refer to servers by their function or other labels. You can tag a server within Appcanary by adding the following:
#/etc/appcanary/agent.yml tags: - web - db - etc
Optional, additional configuration
#/etc/appcanary/agent.yml # you can also specify a custom name server_name: "name here" # specify a different log path log_path: /tmp/example/path.log # wait this many seconds before reporting on configured watchers. # this is useful if you auto upgrade newly provisioned servers: # setting a time delay will prevent meaningless patch notifications startup_delay: 10
Command line modes
By default, the agent will just silently monitor any configured watchers. The agent also provides the following modes:
- (Ubuntu only) Install the latest version of packages that have vulnerabilities
- (BETA: Contact us if you'd like to use this) Report on which running processes depend on out of date libraries, and should be restarted.
- Guess what distribution and version of Linux you're using