Skip to content

Installing the CodeLogic SQL Agent (Linux)

The agents send metadata to the CodeLogic Server, they are installed on the servers upon which the applications or databases are running. The applications and databases to be scanned are specified in the agent configuration files.

The repository on the CodeLogic Server contains a script, named install_agents.sh, that automates the installation of the Linux agents. The script adds the CodeLogic key to the repo keyring; adds the software repository (the CodeLogic Server); updates the apt/dnf cache; and installs the agents using the default package manager (DPKG or RPM)

  1. Install a Certificate
  2. Download the install_agents.sh Script
  3. Execute the install_agents.sh Script
  4. Authorize the Agent

Install a Certificate

Important

If you are using HTTPS you will need to install a certificate. If you are not using HTTPS skip to the download step.

sudo cp path/to/yourCertificate.cer /etc/pki/ca-trust/source/anchors  
sudo update-ca-trust

sudo cp path/to/yourCertificate.cer /usr/local/share/ca-certificates  
# if ca-certificates is not on machine  
sudo apt-get install -y ca-certificates  
sudo update-ca-certificates

IMPORTING ROOT/INTERMEDIATE CERTIFICATE TO JDK

keytool -import -trustcacerts -keystore path/to/cacerts -storepass changeit-alias codelogic -file path/to/certificate.cer

Note

The keystore location on java 11 looks like /<yourjdkpath>/lib/security Example: /opt/jdk-11/lib/security/cacerts

Download the install_agents.sh Script

Use wget or curl to retrieve the install_agents.tar file. Be certain to open any firewall for port 80 (http) or 443 (https). Extract the tar file.

Commands

cd /tmp  
wget http://your_server/codelogic/server/packages/install_agents.tar  
tar -xvf install_agents.tar

Note

You MUST replace your_server with the actual address of your CodeLogic Server.

Sample output 
$ cd /tmp  
$ wget http://ub20scratch/codelogic/server/packages/install_agents.tar  
--2021-01-08 21:31:11--http://ub20scratch/codelogic/server/packages/install_agents.tar  
Resolving ub20scratch (ub20scratch)... 192.168.1.89  
Connecting to ub20scratch (ub20scratch)|192.168.1.89|:80... connected.  
HTTP request sent, awaiting response... 200  
Length: 30720 (30K) [application/x-tar]  
Saving to: ‘install_agents.tar’  

install_agents.tar 100%[============================================================>] 30.00K --.-KB/s in 0s  

2021-01-08 21:31:11 (95.6 MB/s) - ‘install\_agents.tar’ saved [30720/30720]  

$ tar xvf ./install_agents.tar  
./install_agents.sh

Execute the install_agents.sh Script

The script runs on Debian‑based or RHEL‑based distributions. For more information on supported technology, see CodeLogic Installation Requirements.

Commands

sudo ./install_agents.sh -d your_server -l agent_name

Note

You MUST replace your_server with the actual address of your CodeLogic Server.

Replace agent_name with a descriptive name for the agent. If the descriptive name contains spaces be sure to put the name in quotes. For example, -l "agent name".

If the label is not specified, agent_type-hostname_of_codelogic_server is used.

Sample output (Debian-based systems) 
$ sudo ./install_agents.sh -d ub20scratch  
Supported OS version: ubuntu 19.  
Received ping response from ub20scratch.  
Untrusted self-signed certificate detected.  
The connection may not be secure.  
It may not be safe to continue unless this a trusted network.  
It is not recommended but we can finish the installation using http.  
Continue installation using http instead of https? [y/N] y  
Added http://ub20scratch/codelogic/server/packages/crosscode.com.gpg to list of trusted keys.  

[ gpg output omitted for clarity ]  

Added /etc/apt/sources.list.d/codelogic-agents.list  
Installing agents...  

[ package installation output omitted for clarity ]

Authorize the Agent

For security, agents must be authorized before they will send metadata to the CodeLogic Server.

  • Click Admin and then select the Agents tab.
  • Locate the agent in the list.

Note

The Request Status will be listed as OPEN.

  • Click the more menu icon in the Actions column and select Approve/Reject.

  • The Approve window opens.

  • Optionally, enter a name for the agent in the Agent Name field.

  • Click Approve to complete the authorization process.

Next Steps To run a scan immediately, see Binary Scanning via Command Line (SQL). To configure scanning, and set up a scanning schedule, see Configuring the CodeLogic SQL Agent.