/
Trellix Agent Installation on Linux

Trellix Agent Installation on Linux

1. Install WSL (Windows Subsystem for Linux)

Use WSL for file transfer or command execution between Windows and Linux.

Command:
wsl --install -d Ubuntu

2. SSH into the Linux Server

ssh user@<linux-ip-address>

Replace 'user' and '<linux-ip-address>' with your actual username and IP.

3. Verify Folder Existence on Linux

test -d /path/to/dir

If the folder does not exist:
mkdir -p /path/to/dir

4. Transfer the Trellix Agent File from Windows to Linux

scp /mnt/c/Linux/LINUX-IMAGE_HX_AGENT_LINUX_35.31.25.tgz adw@169.237.60.203:/home/adw/tmp

Adjust file path, IP address, and destination as needed.

5. SSH into the Linux Endpoint Again (if not already connected)

ssh adw@169.237.60.203

6. Navigate to the Target Directory

cd /home/adw/tmp

7. Extract the .tgz Trellix Agent File

tar zxf LINUX-IMAGE_HX_AGENT_LINUX_35.31.25.tgz

You should now see:
- .rpm packages
- .deb packages
- agent_config.json

8. Install the RPM Package

sudo rpm -ihv xagt-35.31.25-1.el7.x86_64.rpm

If FIPS mode is enabled, use:
sudo rpm -ihv --nodigest xagt-35.31.25-1.el7.x86_64.rpm

To check FIPS mode:
fips-mode-setup --check

Make sure the RPM version matches your OS version.

9. Import the Agent Configuration

sudo /opt/fireeye/bin/xagt -i agent_config.json

10. Start Trellix Agent Services

sudo systemctl start xagt

To enable agent at boot:
sudo systemctl enable xagt

11. Confirm Agent Status (Optional)

sudo systemctl status xagt