Obtain the Linux EDR Docker Container Image
- 22 Mar 2024
- 1 Minute to read
- PDF
Obtain the Linux EDR Docker Container Image
- Updated on 22 Mar 2024
- 1 Minute to read
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Currently there are two ways to obtain the image. Both of these require your specific Linux Endpoint Detection and Response (EDR) subdomain, username and your associated API key.
To get started, gather the credentials needed by following the instructions below.
Credentials
Linux EDR Subdomain Name
The subdomain is the first part of the URL to access your Linux EDR portal.
https://.my.redcanary.co
API Key
Visit either of the below sections in the Linux EDR portal and copy the entire string after password.
Step 1 of Page Endpoints > Deploy Sensors > [Make selections] > RPM.
Step 2 of Page Endpoints > Deploy Sensors > [Make selections] > Debian.
Be sure to copy the entirety of the password, shown in the redaction above. The passwords are the same regardless of the section chosen. Every Red Canary customer has a single password that works for all package management solutions.
Method 1: Docker Authentication Config
Execute the following cat command, ensuring you substitute the username and API key. This command creates a file with authentication configuration settings named redcanary.docker.config. The resulting contents of this file can be used to append to your Docker configuration file.
Command and Format
cat > redcanary.docker.config <<- EOM
{
"auths":{
"https://redcanary-forwarder-docker-prod-local.jfrog.io":{
"auth":"$(echo username:API_key | base64)"
}
}
}
EOMExample
This example is formed with a dummy username and API key. Please follow the above sections to obtain your own credentials from your portal.
cat > redcanary.docker.config <<- EOM
{
"auths":{
"https://redcanary-forwarder-docker-prod-local.jfrog.io":{
"auth":"$(echo rcsample:exAMpLE000000iwidHlwIjoiSldUIiwiYWxnIjoiUlMyNTYiLCJraWQiOiJsd0xmTnNwSXpWbW5nZmxXdGJMNzgtd2pHamc1Y2VsaTUxU0JFVVNmNE93In0.eyJzdWIiOiJqZnJ0QDAxZTg3cnk0YnkybmpkMGpiOHNrM3cwNjk2XC91c2Vyc1wvZGVtb2N3cCIsInNjcCI6Im1lbEXAMPLEZi1ncm91cHM6Y3VzdG9tZXJzIGFwaToqIiwiYXVkIjoiamZydEAwMWU4N3J5NGJ5Mm5qZDBqYjhzazN3MDY5NiIsImlzcyI6ImpmcnRAMDFlODdyeTRieEXAMPLEamI4c2szdzA2OTZcL3VzZXJzXC9jdXN0b21lci1wcm92aXNpb24tYm90IiwiaWF0IjoxNjA1Nzk4NTI5LCJqdGkiOiI3YjBlZGE2ZS1lMTkzLTRjZDUtYmFjZC01M2U4N2JhNjI4MjkifQ.hqlu1_TTvQuAYS-sSFA3iuOkAh1MpsX-s90JwDrwwehrYJP_RTHBNDfQC9QfBen5gkEhyUtoWpadEANBLq1aWAH9Vtd9IvdU65gqTr-2669CNREcHpRguj1ta8eWmIOLl7k19OZ0f9JdD0oN628bWpMUhgaT0jACVp45L_Oys0U0ZrluexjI1onjLoiXZXvcl86klewBNMWeIivHCQEWdNkCb0uW34yd11TKdchhiUZdU1sr28ni-m7vEXMk6kDsWHzyuMc533zacPNgIl6795kUhJPQ7Zso1JJDDIH7RRw7uaYCVukgwxIvRCc_u6N-3IRISZYpr9FfMmwhEXAMPLE | base64)"
}
}
}
EOMThen, take the contents and append it to your Docker configuration file.
Note: Make certain that this file does not replace any existing configuration, as doing so would result in the loss of the existing settings. This method has also proven to be brittle across docker versions as various docker commands entirely replace this file.
Method 2: Docker Pull
On your host, log in to Docker using your username specified in the instructions at the top of this page and the API key as the password.
docker login redcanary-forwarder-docker-prod-local.jfrog.ioThen, use the following command to pull the image.
docker pull redcanary-forwarder-docker-prod-local.jfrog.io/canary_forwarderNote: If you need an arm image, please append aarch64 to the image path.
docker pull redcanary-forwarder-docker-prod-local.jfrog.io/canary_forwarder/aarch64If you encounter any issues with either method, please contact support.
Was this article helpful?
