Skip to main content

Configuration

Sensor configuration directory

The sensor configuration directory is located at /etc/upwind

Sensor configuration file

The sensor configuration files:

  • agent.yaml
  • agent-hostconfig.yaml

Sensor services

Systemd ServiceDescription
upwind-agent-hostconfig.serviceHost configuration service
upwind-agent-scanner.serviceScan Agent - Scans the host on a timer
upwind-agent-scanner.timerTimer for the scan agent
upwind-agent-update.serviceAuto-Update service, runs on a timer
upwind-agent-update.timerTimer for auto update service (Default: Every hour)
upwind-agent.serviceUpwind Sensor

Environment Variables

Below is a list of all the environment variables you can set for the Upwind Agent:

Environment VariableDescriptionDefault
UPWIND_CLIENT_IDUpwind API Client ID (Required)
UPWIND_CLIENT_SECRETUpwind API Client Secret (Required)
UPWIND_AGENT_CLOUD_PROVIDERUpwind Cloud Providerunset
UPWIND_AGENT_CLOUD_ACCOUNT_IDUpwind Cloud Account IDunset
UPWIND_AGENT_ZONEUpwind Cloud Account Zoneunset
UPWIND_AGENT_VERSIONUpwind Agent Versionstable
UPWIND_AGENT_INSTALL_ONLYDon't start the Upwind Agent Service on completion
UPWIND_AGENT_NO_UPDATESDo not enable and start the Upwind Agent Update Service/Timer
UPWIND_AGENT_LOG_LEVELSet the log level in configinfo
UPWIND_AGENT_LOG_FORMATSet the log format in configlogfmt
UPWIND_AGENT_CPUQUOTASet the Upwind Agent Service CPUQuota50%
UPWIND_AGENT_MEMORYHIGHSet the Upwind Agent Service MemoryHigh800M
UPWIND_AGENT_MEMORYMAXSet the Upwind Agent Service MemoryMax1024M
UPWIND_AGENT_EXTRA_CONFIGSet extra config for the Upwind Agent
UPWIND_HOSTCONFIG_VERSIONSet the Upwind Agent Host Config Helper Versionstable
UPWIND_HOSTCONFIG_ENABLEDEnable the Upwind Agent Host Config Helper Servicetrue
UPWIND_HOSTCONFIG_LOG_LEVELSet the log level in config for Host Configinfo
UPWIND_HOSTCONFIG_LOG_FORMATSet the log format in config for Host Configlogfmt
UPWIND_HOSTCONFIG_EXTRA_CONFIGSet extra config for the Upwind Agent Host Config Helper
UPWIND_SCANNER_ENABLEDEnable periodic scanningtrue
UPWIND_SCANNER_CPUWEIGHTSet the Upwind Agent Scanner Service CPUWeight25
UPWIND_SCANNER_IOWEIGHTSet the Upwind Agent Scanner Service IOWeight25
UPWIND_SCANNER_MEMORYHIGHSet the Upwind Agent Scanner Service MemoryHighunset
UPWIND_SCANNER_MEMORYMAXSet the Upwind Agent Scanner Service MemoryMaxunset
UPWIND_SCANNER_EXCLUSIONSSet the Upwind Agent Scanner Service Exclusionsunset
UPWIND_SCANNER_MIN_HOST_MEMMinimum host memory required to enable the Upwind Agent Scanner Service8388608

These variables can be set to configure various aspects of the Upwind Agent according to your specific requirements.

Configuring the Upwind Sensor

To configure the Upwind Sensor according to your environment and security requirements, you can use the environment variables listed above. These variables allow you to specify essential configuration details, such as the Upwind API credentials, logging preferences, service limits, and more.

Setting Environment Variables

Before running the installation or configuration script for the Upwind Sensor, set the desired environment variables in your shell. Use the export command for each variable you wish to configure:

export VARIABLE_NAME="value"

Replace VARIABLE_NAME with the name of the variable you're setting, and "value" with the desired setting.

Installing the Upwind Sensor

After setting the environment variables, you can install the Upwind Sensor by executing the following command:

curl -s https://get.upwind.io/sensor.sh | bash -s install

This command downloads and runs the installation script with the environment variables you've set, ensuring the sensor is configured as per your specifications.

Editing Configuration After Installation

If you need to edit the configuration after installation, you can modify the environment variables and re-run the configuration part of the script as follows:

curl -s https://get.upwind.io/sensor.sh | bash -s configure

This command will re-apply the configuration changes based on the newly set environment variables.

By following these steps, you can ensure that your Upwind Sensor is customized to meet the specific needs of your infrastructure and security policies.

Proxy Configuration

The sensor and the scanner and hostconfig tool will respect the HTTP_PROXY family of environment variables. Set the HTTP_PROXY and HTTPS_PROXY to your proxy server's URL. The value of the NO_PROXY variable should be the IP addresses or domains that should not be proxied and depends on environment.

HTTP_PROXY / http_proxy

Used as the proxy URL for HTTP requests unless overridden by NO_PROXY.

HTTPS_PROXY / https_proxy

Used as the proxy URL for HTTPS requests unless overridden by NO_PROXY.

NO_PROXY / no_proxy

Specifies a string that contains comma-separated values specifying hosts that should be excluded from proxying. Each value is represent by:

  • an IP address (1.2.3.4)
  • an IP address prefix in CIDR notation (1.2.3.0/24)
  • a domain name An IP address prefix and domain name can also include a literal port number (1.2.3.4:80). A domain name matches that name and all subdomains.

Most commonly these values are configured globally for the host but in the case that configuring these values per service we recommend using a systemd drop-in configuration file configured in /etc/systemd/system/<service-name>.d/ directories

sudo mkdir "/etc/systemd/system/upwind-.service.d/"
cat << EOF | sudo tee "/etc/systemd/system/upwind-.service.d/proxy.conf"
[Service]
Environment="HTTP_PROXY=http://proxy.example.com:port"
Environment="HTTPS_PROXY=http://proxy.example.com:port"
Environment="NO_PROXY=localhost,127.0.0.1,.example.com"
EOF
sudo systemctl daemon-reload

This snipped will create a shared drop in for all upwind related service files /etc/systemd/system/upwind-.service.d/ All of our units have the same upwind- prefix so creating this once will affect all current and future units