Login
      Contents x
      Upgrade Plug-ins
      • 22 Aug 2024
      • 1 Minute to read
      • PDF
      Contents

      Upgrade Plug-ins

      • Updated on 22 Aug 2024
      • 1 Minute to read
      • PDF
      Article summary

      Linux Endpoint Detection and Response (EDR) supports an automatic schedule for upgrading plugins. This allows plugins to be maintained at the latest release without the hassle of manual plugin management. Automatic Upgrades can also be disabled.

      Supported Versions

      Automatic Plugin Upgrades will be enabled by default for new clients after February 2021 or sensor version 1.2.0+. This ensures our latest capabilities are delivered to customers quickly.

      Opting Out

      Existing customers will receive a communication with opt-out instructions, prior to Automatic Upgrades being enabled. If you wish to opt-out of this feature please contact support.

      Enabling Sensor Auto-Upgrade

      The auto-upgrading sensor package is named cwp. To install it, first uninstall the existing package (previous packages are named canary-forwarder or canary_forwarder) then install the auto-upgrading package.

      Note: These steps are relevant if there is an existing deployment of the sensor as either canary-forwarder or canary_forwarder. New deployments using the cwp package do not have additional steps.

      Steps

      Debian

      1. sudo apt remove canary-forwarder
      2. sudo apt autoremove
      3. sudo apt-get update
      4. sudo apt-get install cwp

      RHEL/Centos 6, 7, 8

      1. sudo yum remove -y canary_forwarder
      2. sudo yum install -y cwp

      FAQ

      Is there a lifecycle for the files, and will they be updated/upgraded independently of the RPM binary?

      Yes, the plugins are not distributed in the RPM and they are always downloaded if enabled.

      Is it possible to disable .plugin updates?

      The customer can disable the updates by not incrementing the version in the remote config when we update the plugins. We can introduce new versions on specific endpoints via the exception mechanism, but currently we not have any UI or automation for this.

      Can you introduce new plugins into our production environment without our approval or testing?

      Technically the sensor can introduce new plugins, but we have not done so. The Response Action plugin is an example of a new plugin we released following the normal plugin mechanism, however it is not enabled unless requested (and paid for).

       

      Was this article helpful?
      What's Next
      PRODUCTS
      USE RED CANARY
      SUPPORT
      Change password!
      Changing your password will log you out immediately. Use the new password to log back in.
      Change profile
      Success!
      First name must have atleast 2 characters. Numbers and special characters are not allowed.
      Last name must have atleast 1 characters. Numbers and special characters are not allowed.
      Enter a valid email
      Enter a valid password
      Your profile has been successfully updated.
      Logout