How to check and install redcloak service on Linux ?

Let us have a look how to check and install redcloak service/package in Linux.

Redcloak is secureworks agent to detect and respond to unknown threats to secure our Linux system.

I. Check if service is running.

In case the service is not found, then we need to install the package.

[root@ngelinux001 ~]# service redcloak status
Redirecting to /bin/systemctl status redcloak.service
● redcloak.service - Redcloak Security monitoring service
Loaded: loaded (/etc/systemd/system/redcloak.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2021-12-13 18:46:33 GMT; 1 weeks 6 days ago
Process: 4911 ExecStart=/bin/sh -c ${REDCLOAK_HOME}/bin/ ${REDCLOAK_HOME} (code=exited, status=0/SUCCESS)
Main PID: 6025 (redcloak)
CGroup: /system.slice/redcloak.service
├─ 6025 /var/opt/secureworks/redcloak/bin/redcloak --run-service --override-root /var/opt/secureworks/redcloak
├─ 6031 /var/opt/secureworks/redcloak/bin/redcloak --run-service --override-root /var/opt/secureworks/redcloak
├─ 6049 /var/opt/secureworks/redcloak/bin/lacuna --log-path=/var/opt/secureworks/redcloak/log/lacuna.log --override-root=/v...
├─ 6054 /var/opt/secureworks/redcloak/bin/procwall --log-path=/var/opt/secureworks/redcloak/log/procwall.log --override-roo...
├─ 6057 /var/opt/secureworks/redcloak/bin/procwall --log-path=/var/opt/secureworks/redcloak/log/procwall.log --override-roo...
├─ 6058 /var/opt/secureworks/redcloak/bin/lacuna --log-path=/var/opt/secureworks/redcloak/log/lacuna.log --override-root=/v...
├─15025 /var/opt/secureworks/redcloak/bin/procwall --log-path=/var/opt/secureworks/redcloak/log/procwall(2).log --override-...
└─15026 /var/opt/secureworks/redcloak/bin/procwall --log-path=/var/opt/secureworks/redcloak/log/procwall(2).log --override-...

Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.
Warning: redcloak.service changed on disk. Run 'systemctl daemon-reload' to reload units.
[root@ngelinux001 ~]#


II. Download the package from redhat support or vendor as per license terms applicable with vendor.

ngelinux001 ngeuser $ ls -l /tmp/
-rwxrwxrwx 1 ngeuser ngeuser 6846084 13 Dec 16:58 /tmp/


III. Installation of Redcloak

### Unzip the package
# unzip

### Install the unzipped RPM
# yum install ./name.rpm

### Check Service Status
# service redcloak status

If the service is running, all is fine at our end.

In case of any issue with service then we need to troubleshoot.

Note:- Always install via yum command, and don’t use rpm command directly.

0 0 votes
Article Rating
Notify of

Inline Feedbacks
View all comments