This is a community project and while you will see contributions from the Deep Security team, there is no official Trend Micro support for this project. The official documentation for the Deep Security APIs is available from the Trend Micro Online Help Centre.
Tutorials, feature-specific help, and other information about Deep Security is available from the Deep Security Help Center.
For Deep Security specific issues, please use the regular Trend Micro support channels. For issues with the code in this repository, please open an issue here on GitHub.
- Overview
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with deepsecurityagent
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
Manage installation and activation of the Deep Security Agent. Supported platforms include Windows, RHEL, CentOS, Amazon Linux, Ubuntu, and SuSE.
Contains functionality to enforce Deep Security agent is running. Includes capability to activate the Deep Security Agent against primary tenant or a tenant a managed service. Policy assignment during activation is optional.
Will install the latest Deep Security Agent package for the platform from the Deep Security Manager specified.
Requires a Deep Security Manager FQDN. Defaults to Trend Micro Deep Security as a Service
Bare minimum configuration for a node is:
class { "deepsecurity" : }
This will default to installing the latest package from Trend Micro Deep Security as a Service, and will not activate the agent.
To install package from a Deep Security Manager other than Trend Micro Deep Security as a Service:
class { "deepsecurityagent" :
dsmheartbeataddress => 'dsm.heartbeat.domain.tld',
dsmconsoleaddress => 'dsm.console.domain.tld',
dsmheartbeatport => '4120',
dsmconsoleport => '4119',
}
To activate the agent against a managed service (tenant ID and password are optional):
class { "deepsecurityagent::activation" :
dsmtenantid => 'XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX',
dsmtenantpassword => 'XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX',
}
To activate and request a policy (tenant ID and password are optional):
class { "deepsecurityagent::activation" :
dsmtenantid => 'XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX',
dsmtenantpassword => 'XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX',
policyid => '1',
}
To specify download and install options for the package, e.g. insecurely download rpm, install locally and skip verification:
class { "deepsecurityagent" :
dsmheartbeataddress => 'dsm.heartbeat.domain.tld',
dsmconsoleaddress => 'dsm.console.domain.tld',
dsmheartbeatport => '4120',
dsmconsoleport => '4119',
local_rpm_install => true,
curl_command => 'curl -k',
download_opts => '--insecure --silent --tlsv1.2',
install_opts => '--nosignature',
}
Here, list the classes, types, providers, facts, etc contained in your module. This section should include all of the under-the-hood workings of your module so people know what the module is touching on their system but don't need to mess with things. (We are working on automating this section!)
This is where you list OS compatibility, version compatibility, etc.
Since your module is awesome, other users will want to play with it. Let them know what the ground rules for contributing are.
If you aren't using changelog, put your release notes here (though you should
consider using changelog). You may also add any additional sections you feel are
necessary or important to include here. Please use the ## header.