Getting Started¶
This document will show you how to get up and running with Zercurity.
Registration¶
Account signup is a straightforward process. You’ll be required to fill in all of the required forms. As depicted below.
After you’ve signed up you’ll receive an email welcoming you to Zercurity. You’ll also be immediately logged into the application.
Enroll your first Asset¶
To start using Zercurity you’ll first need to enroll a new Asset. At present Zercurity only supports MacOSX and Linux (Debian).
If you’ve not already created a Team. You’ll need to create one before being allowed to download the OSX installer.
Once you’ve created or selected your team. The download option will be made available to you. By clicking the download button. The package will be built behind the scenes (this may take a few moments to complete). The package will then be automatically downloaded.
Installer OSX¶
Once the installer has downloaded double click the package from your downloads folder to start the installation.
If the package fails to run then you’ll need to check your security settings under the OSX Security & Privacy, System Preferences.
Introduction Gives a brief summary of what this installer will do, including the packages that will be installed.
Read Me Gives a more in-depth breakdown of the packages that will be installed and links to the relevant documentation.
License Zercurity’s license agreement. Please take the time to read through this.
Destination Select By default Zercurity will and must be installed to the primary disk on your Mac. Please do not change the destination path unless you know what you’re doing.
Installation Type By default all packages will be installed. We recommend not changing the packages that will be installed unless you’ve customised or pre-compiled the binaries yourself.
Installation The installation will now take place. This will take a few minutes to install the various packages and register with the Zercurity server.
Summary This is the final part of the installation. Upon a successful installation you can now visit the Assets section on the Zercurity dashboard to see your new asset.
Installer OSX (MDM)¶
Zercurity can be deployed using an MDM.
JAMF Now
Once, you’ve logged into Jamf Now proceed to the application management view from the left hand menu. Up at the top click Add an app.
Use the Upload your app tab to select your zercurity.pkg and then wait for the upload to complete before naming your new application e.g. Zercurity 2.2.
Next, from the left hand menu head on over to your companies blueprints. Select the blueprint you want to apply the Zercurity PKG too. In most cases this will just be the default blueprint.
Firstly from the Apps tab, click Add an app and search for the app you added earlier Zercurity 2.2
Warning
For MacOSX 10.15 (Catalina) Osquery requries a custom profile be applied to the system which can only be installed via an MDM. This transparency consent and control (TCC) profile to give Osquery greater access and visibility over the system.
To apply the Zercurity TCC profile you can add it to your current blueprint. Simply select the Custom Profiles tab and then select Add a Custom Profile. You can download Zercurity’s TCC mobileconfig.
Once you’ve down all that JAMF will automatically install Zercurity onto your fleet.
Installer Linux (Debian)¶
This section will walk you through the installation of Zercurity against a Debian based host. Zercurity should work with:
- Ubuntu
- Debian
Before downloading the Debian package (.deb). There are some prerequisites you’ll need to run first.
export OSQUERY_KEY=1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys $OSQUERY_KEY
sudo add-apt-repository "deb [arch=amd64] https://pkg.osquery.io/deb deb main"
sudo apt-get update
sudo apt-get install osquery
Once you’ve installed the dependencies you can the install the
zercurity-2.0.deb
package like so.
sudo dpkg -i zercurity-2.0.deb
The installer will take a few moments to complete. Upon a successful installation you can now visit the Assets section on the Zercurity dashboard to see your new asset.
Installer Linux (RHEL)¶
This section will walk you through the installation of Zercurity against a RHEL based host. Zercurity should work with:
- Redhat
- Centos
- Fedora
Before downloading the RHEL package (.rpm). There are some prerequisites you’ll need to run first.
curl -L https://pkg.osquery.io/rpm/GPG | sudo tee /etc/pki/rpm-gpg/RPM-GPG-KEY-osquery
sudo yum-config-manager --add-repo https://pkg.osquery.io/rpm/osquery-s3-rpm.repo
sudo yum-config-manager --enable osquery-s3-rpm
sudo yum install osquery
Once you’ve installed the dependencies you can the install the
zercurity-2.0-1.x86_64.rpm
package like so.
sudo yum install zercurity-2.0-1.x86_64.rpm
The installer will take a few moments to complete. Upon a successful installation you can now visit the Assets section on the Zercurity dashboard to see your new asset.
Installer Windows (Standalone)¶
Once the installer has downloaded double click on the MSI (Windows Installer). This will start the installation of Zercurity. The windows installer requires administrator privileges.
Once the installation has finished the Assets will be available immediately. You’re free to delete the installer.
Lastly, if you want to capture a verbose log of the installation you can run:
msiexec /i zercurity-2.1.msi /L*v C:\temp\install.txt
Installer Windows (Active Directory)¶
As Zercurity comes as an MSI it can be distributed to client machines with an Active Directory GPO (Group Policy Object). Before continuing you must have both Active Directory (AD) installed and a Windows File Server, from which to serve the MSI.
This walkthrough uses Windows Server 2016 Datacenter edition.
From your Windows Server. Open up the Windows Server Manager (which should launch automatically upon login). Select Tools -> Group Policy Management
This will open the Group Policy Management window. Within your organisational structure you can apply GPOs to specific teams within your domain.
In this example however, we’re going to apply our new policy to the entire domain. This will mean that every computer managed under AD domain will have Zercurity installed.
Under your domain right click on Group Policy Objects and from the context menu select New.
Provide a name for your new Group Policy Object. We’ve called ours Zercurity Installer
Click on your newly created GPO. In the right pane on the bottom, under the heading “Security Filtering”. Click on and remove the “Authenticated Users” entry. If you want this program deployed on certain computers, add all of the specific computer names that you want the software to be deployed on. Otherwise, if you want it on all computers, add the group “Domain Computers”.
Go back up to your domain (in the navigation pane) and right-click it. Click “Link an existing GPO”. Click your new GPO’s name and click OK.
Now go back to the GPO under “Group Policy Objects” folder, and right click and select Edit from the context menu.
This will now open the Group Policy Management Editor for our Zercurity Installer GPO.
Under Policies -> Software Settings there’s a tree item called Software installation. right click and select New -> Package from the context menu.
You’ll now need to provide a valid network path for the Zercurity installer.
IMPORTANT The location of zercurity-2.1.msi
must be hosted from an
accessible and readable drive on the network. You can use Window’s File Server
to host the installer.
Accept the default setting of Assigned and click OK.
That’s it. Zercurity will now be installed when a user next logs onto their machine and you’ll see it listed on Zercurity’s Assets page.
If you are testing this on your location computer first. You can force the
installation of Zercurity onto client machines by running the gpupdate
command. This will cause the system to be restarted as Zercurity is installed
before the user logs in.
gpupdate /target:computer /force
If you need any help. Please raise a ticket via the Zercurity application.
Installer Docker (Ubuntu)¶
To run Zercurity inside a Docker container please follow these steps.
docker run --name zercurity_ubuntu -ti -d --privileged=true ubuntu:latest "/sbin/init"
docker exec -it zercurity_ubuntu /bin/bash
Before downloading the Debian package (.DEB). There are some prerequisites you’ll need to run first.
apt-get update && apt-get upgrade
apt-get install software-properties-common apt-transport-https wget rsyslog
export OSQUERY_KEY=1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys $OSQUERY_KEY
add-apt-repository "deb [arch=amd64] https://pkg.osquery.io/deb deb main"
apt-get update
apt-get install osquery
Download the zercurity DEB to your system and install like so:
dpkg -i zercurity-2.0.deb
You should now see the docker asset displayed on your dashboard.
Installer Docker (CentOS)¶
To run Zercurity inside a Docker container please follow these steps.
docker run --name zercurity_centos -ti -d --privileged=true centos:latest "/sbin/init"
docker exec -it zercurity_centos /bin/bash
Before downloading the Debian package (.RPM). There are some prerequisites you’ll need to run first.
yum update && yum upgrade
yum install sysvinit-tools
curl -L https://pkg.osquery.io/rpm/GPG | tee /etc/pki/rpm-gpg/RPM-GPG-KEY-osquery
yum-config-manager --add-repo https://pkg.osquery.io/rpm/osquery-s3-rpm.repo
yum-config-manager --enable osquery-s3-rpm
yum install osquery
Download the zercurity RPM to your system and install like so:
yum install zercurity-2.0.rpm
You should now see the docker asset displayed on your dashboard.
Assets¶
After you’ve completed the installation steps for your asset. You’ll be able to it listed under the Assets section.
Clicking on the asset’s name will allow you to inspect it further.
Note
It may take a few minutes for additional system information to start to appear such as networking and disk.
You can learn more about your Assets.