Related articles:
The installation of the Lumu Agent for Windows Server is simple and straightforward. They can be deployed easily to your entire user population through an IT assets management system, thus facilitating their installation and administration. This section covers the installation and configuration of the Lumu Agent on Windows Server devices.
The Lumu Agent for Windows includes an application for support purposes. You can use this application to troubleshoot and get agent information from devices.
The table below lists the available support commands for the Lumu Agent for Windows Server. You should run the commands in the Lumu installation path (e.g. C:/Program Files (x86)/Lumu/Agent ) using Command Prompt or Windows PowerShell with admin privileges.
Command: lumu-server-support.exe [argument]
Argument |
Description |
-h or --help |
Print all the available commands with their description. |
--show_status |
Print agent’s last status information, including its status, version, and settings. |
--activation_code [arg] |
Reset the activation code to the provided argument [arg]. This command is intended for correcting an activation code that is invalid or to reactivate an agent that was deleted by mistake. This will not change the activation code for an already successfully activated agent. To do so, you’ll need to delete it first from the portal and wait for the agent to disable itself or uninstall it. Command example:
lumu-server-support.exe --activation_code 5FDHjJWI |
--proxy_list [arg] |
Set the proxy configuration to the provided argument [arg]. The argument should be a colon-separated list of elements in the following format:
Command example: lumu-server-support.exe --proxy_list http://user1:123@10.5.8.5:8080 |
- -check |
Perform checks and print if the agent is running. |
-v or --version |
Show the support application version. |
--ask_credentials [arg] |
Use this option to allow/avoid [true/false] the user popup asking proxy credentials |
–
ask_hostname
|
Use this option to enable/disable [true/false] hostname finder subsystem.
|
–save_ip_filter_list
|
Set the IP list to be excluded from dns traffic monitoring.
|
–show_ip_filter_list
|
Show the IP list excluded.
|
–clear_ip_filter_list
|
Clear the IP list excluded.
|
Related articles:
In order to deploy the Windows Server Collector Agent, we must create an installation group. This will allow you to easily deploy Agents remotely.
Once the installation group creation is completed, you can download the Agent Installer.
In order to streamline Lumu’s Continuous Compromise Assessment process, the Windows Server Agent can also be deployed as a Collector Agent within the domain controller machine.
Once the Collector Agent has been activated, it can be configured to group data to analyze under a set of rules you can specify.
The Online Installer downloads the latest available files and settings required for set-up during installation. It is the most basic installation, used to install an agent on a single user device, in a non-domain environment.
1. To download the agent file for online installation on Windows, go to the Lumu Portal, navigate to the Agents menu, then click to download agent. Select the Windows Server option and select the Online Installer .
2. Once downloaded, run the installation file, wait for the updated files to be downloaded, and when requested, accept the license agreement and enter the activation code from the group or collector you created previously.
3. After installation, when you see the completion screen, click
Finish
.
In the Lumu Portal, you can find the .msi and .exe offline installer files created by Lumu to install the agent without the need of an Internet connection. This procedure is conducted via command prompt.
The offline installer brings all files required for installation; no additional files are downloaded. It includes two components that allow you to install the Lumu Agent or the Agent Updater independently.
The agent component is the Lumu sensor that collects the network metadata, which is presented to your company on the Lumu Portal. The updater is the component in charge of periodically checking the server for the latest version of the agent, downloading, and installing it.
If you want to have a silent deployment of the Lumu Agent (.exe)—installation process without any dialogs or user inputs
—
you should run the installer with the activation code of the
group
and accept the license agreement.
This procedure will hide the graphical user interface during the installation process.To do so, add the the lines /SP- /VERYSILENT to the .exe installation command and /quiet to the .msi installation command as shown in the command line examples below:
The following parameters can be used during the installation procedure to configure the agent according to the needs of your organization:
Parameter |
Mandatory |
Version added |
Description |
activationcode |
Yes |
1.0.0.0 |
Activation code obtained from the
Lumu Portal
|
acceptlicense |
Yes |
1.0.0.0 |
<true/false> value. Must be set to ‘ true ’ to guarantee that the license has been accepted by the user. |
COMPONENTS |
No |
1.0.0.0 |
The offline installer allows you to install specific components and manage updates manually. You can set it to ‘ agent ’ to install only the Lumu Agent or ‘ updater ’ to install the updater by itself. By default, the offline installer installs both components. |
COMPONENTS Examples:
lum_server_agent_offline.exe /SP- /VERYSILENT /activationcode="[ActivationCode]" /acceptlicense="true" /COMPONENTS="agent"
"C:\Windows\System32\msiexec.exe" /i lum_server_agent_offline.msi /quiet WRAPPED_ARGUMENTS="/activationcode=""[ActivationCode]"" /acceptlicense=""true"" /COMPONENTS=agent"
|
|||
changeactivationcode |
No |
1.0.0.0 |
This parameter must be used to notify the agent that a new activation is required when the product has already been activated. |
Changeactivationcode Examples:
lum_server_agent_offline.exe /SP- /VERYSILENT /activationcode="[ActivationCode]" /acceptlicense="true"/changeactivationcode
"C:\Windows\System32\msiexec.exe" /ilum_server_agent_offline.msi /quiet WRAPPED_ARGUMENTS="/activationcode=""[ActivationCode]"" /acceptlicense=""true"" /changeactivationcode"
|
|||
askcredentials |
No |
1.0.0.0 |
This parameter can be used to allow or deny to show the popup asking for proxy credentials. |
Askcredential Examples:
lum_server_agent_offline.exe /SP- /VERYSILENT /activationcode="[ActivationCode]" /acceptlicense=true /askcredentials=true
"C:\Windows\System32\msiexec.exe" /ilum_server_agent_offline.msi /quiet WRAPPED_ARGUMENTS="/activationcode=""code"" /askcredentials=""false"" /acceptlicense=""true"""
|
The Lumu Agent installer for Windows Server brings the ability to repair, update, or reinstall the Windows agent.
To manually
repair
the Lumu Agent, simply run the installer that matches the version of the agent installed on the machine. The installer will prompt
the following screen:
The repair feature returns the agent to its default installation state. This feature should be used in cases such as when any file or registry was erased, as the repair will retrieve the missing files. The repair process keeps the current agent configuration and activation code.
To update a Lumu Agent, run an installer from a more recent version of the installed agent on the machine. A screen with the new update option will display. This new feature allows you to upgrade your agent manually to a newer version.
In both the repair and update processes, you also have the option to reinstall a Lumu Agent.
To reinstall an agent, you will need to enter the same or a different activation code.
In case you want to uninstall the Lumu Agent from a Windows device, go to the Control Panel > Programs and Features, choose Lumu from the list, and select Uninstall .
You can opt to uninstall the agent using Command Prompt or Windows PowerShell with admin privileges. To do so, go to the Lumu installation path (e.g. C:/Program Files (x86)/Lumu/Agent ) and run the uninstaller file unins000.exe .
In order to maximize flexibility with the least amount of downtime possible, the Windows Server Agent works under a hybrid paradigm that allows it to shift between Endpoint Agent configuration (meaning it just solves its own traffic), or Collector Agent configuration (meaning it solves both its own traffic and the traffic for all machines connected to the server domain).