Install StaffCop agent for Linux

Staffcop Linux Agent is at the stage of active development and it meant to work on any Linux-systems. Or was successfully tested to be compatible with:

  • CentOS;
  • Ubuntu Desktop;
  • Debian;
  • Gentoo linux;
  • Astra linux;
  • Arch linux;
  • Rosa linux.

Supported functionality

  • Managing agent configurations from the web console of Staffcop
  • Sreenshots taken on the interval.
  • Screenshots taken on tab switching/changing the window title.
  • Compression level and the format of screenshots.
  • Apllications’ attributes - wndows titles and icons.
  • Activity time in applications.
  • Keylogger.
  • USB-devises connections.
  • Local/remote logging in/out of the system (including ssh connections).
  • Logs of terminal commands input.
  • Printing events (CUPS).
  • History and time of visiting sites in Firefox and Chrome.
  • The contents of the clipboard.
  • Integration with Astra Linux.
  • Functions of agent management in the command line.
  • Tracking system log files with management of monitoring rules through the agent configuration.
  • Recording sound from the connected microphones.
  • An alternative keylogger module supporting work outside the X Window;
  • A module for capturing snapshots from a webcam;
  • File operations: defining file operations, support for monitoring rules (black / white lists).
  • Shadow copies of files when intercepting file operations.
  • Block web-sites

Agent installation

If the version of your Staffcop Server supports double agent downloading, you can download the Linux-agent installer the same way you downloaded the Windows-agent installer.

../_images/linux_download.png

If your version of Staffcop Server doesn’t support this option, download the Linux-agent installer following this link.

http://dist.staffcop.ru/agent-install.sh

Installation

For installation download the agent on the targeted workstation you want to monitor and run the command

sudo bash agent-install.sh 192.168.1.134 443

where you should state the IP-address of you Staffcop Server (192.168.1.134 in the example) as the first argument

Note

Sudo command is used in Ubuntu. It may vary on other Linux distributives.

Warning

When updating a Linux-agent, the installer removes all the files of the agent. To correctly update the agent to a new version it must be installed anew after the reboot.

Removal

Run the command:

sudo bash agent-install.sh uninstall

Mass installation with ansible

The playbook for ansible is currently in testing phase. The IP-address of the host must be manually written there.

---
- hosts: localhost
  sudo: no
  tasks:

    - name: download agent for linux
      get_url:
        url: http://distr.staffcop.su/agent-install.sh
        dest: /tmp/agent_installer.sh

- hosts: all
  sudo: yes
  tasks:

    - name: install agent for remote host
      script: /tmp/agent_installer.sh 192.168.1.134 443