This Salt formula will install the ForeScout Secure Connector agent. The installer is an archive generated by the ForeScout server and includes all information needed to link to the server.
The states in this formula are entirely configurable through pillar. See the sections below for a description of the pillar keys.
- forescout-secure-connector
- forescout-secure-connector.clean
- forescout-secure-connector.package
- forescout-secure-connector.service
Executes the package and service states to install and manage the ForeScout
Secure Connector.
The clean state will remove all ForeScout Secure Connector components that are
managed by this formula.
The package state ensures the ForeScout Secure Connector is installed.
The service state ensures the ForeScout Secure Connector service is running and enabled.
The only required configuration settings are the archive source URL and its source
hash, i.e. package:archive:source and package:archive:source_hash. Those are
specific to the ForeScout server and the environment where this formula is used.
All other settings are optional. The formula sets reasonable, sane defaults for optional settings.
All settings must be located in the Salt Pillar, within the forescout-secure-connector:lookup
dictionary.
URL to the ForeScout Secure Connector archive.
Required:
True
Example:
forescout-secure-connector:
lookup:
package:
archive:
source: https://url/to/forescout/archive.tgzURL containing the source hash of the archive, or the hash value.
Required:
True
Example:
forescout-secure-connector:
lookup:
package:
archive:
source_hash: source_hash_url_or_valueLocation on the filesystem where the ForeScout agent expects to be installed.
Required:
FalseDefault:
/usr/lib/forescout
Example:
forescout-secure-connector:
lookup:
package:
install_dir: /usr/lib/forescoutCommand the ForeScout archive provides to install the Secure Connector. This command is executed from the archive directory, after extracting the archive.
Required:
FalseDefault:
secure_connector/install.sh
Example:
forescout-secure-connector:
lookup:
package:
install_cmd: secure_connector/install.shCommand that tests whether to run the ForeScout install command
Required:
FalseDefault:
test -d /usr/lib/forescout/daemon
Example:
forescout-secure-connector:
lookup:
package:
installed_test: test -d /usr/lib/forescout/daemonCommand used in the clean state to uninstall the ForeScout Secure Connector.
Required:
FalseDefault:
/usr/lib/forescout/Uninstall.sh
Example:
forescout-secure-connector:
lookup:
package:
uninstall_cmd: /usr/lib/forescout/Uninstall.shCommand used in the clean state that tests whether the ForeScout uninstall command
is available.
Required:
FalseDefault:
test -x /usr/lib/forescout/Uninstall.sh
Example:
forescout-secure-connector:
lookup:
package:
uninstall_test: test -x /usr/lib/forescout/Uninstall.shDirectory where the archive will be extracted
Required:
FalseDefault:
{{ salt.config.get('cachedir') }}/files/base/forescout-secure-connector/package/archive/forescout
Example:
forescout-secure-connector:
lookup:
package:
archive:
extract_directory: {{ salt.config.get('cachedir') }}/files/base/forescout-secure-connector/package/archive/forescoutName of the daemon package required by forescout.
Required:
FalseDefault:
/root/forescout
Example:
forescout-secure-connector:
lookup:
package:
daemon:
name: daemonUrl to the file that installs the daemon package. When not provided, the archive
installer will connect to the ForeScout server to retrieve and install the daemon
package.
Required:
FalseDefault:
None
Example:
forescout-secure-connector:
lookup:
package:
daemon:
source: https://url/to/daemon/pkg.rpmName of the ForeScout Secure Connector service
Required:
FalseDefault:
SecureConnector
Example:
forescout-secure-connector:
lookup:
service:
name: SecureConnector