How to check and install redcloak service on Linux ?
Let us have a look how to check and install redcloak service/package in Linux.
Redcloak is secureworks agent to detect and respond to unknown threats to secure our Linux system.
I. Check if service is running.
In case the service is not found, then we need to install the package.
[root@ngelinux001 ~]# service redcloak status Redirecting to /bin/systemctl status redcloak.service ● redcloak.service - Redcloak Security monitoring service Loaded: loaded (/etc/systemd/system/redcloak.service; enabled; vendor preset: disabled) Active: active (running) since Mon 2021-12-13 18:46:33 GMT; 1 weeks 6 days ago Process: 4911 ExecStart=/bin/sh -c ${REDCLOAK_HOME}/bin/redcloak_start.sh ${REDCLOAK_HOME} (code=exited, status=0/SUCCESS) Main PID: 6025 (redcloak) CGroup: /system.slice/redcloak.service ├─ 6025 /var/opt/secureworks/redcloak/bin/redcloak --run-service --override-root /var/opt/secureworks/redcloak ├─ 6031 /var/opt/secureworks/redcloak/bin/redcloak --run-service --override-root /var/opt/secureworks/redcloak ├─ 6049 /var/opt/secureworks/redcloak/bin/lacuna --log-path=/var/opt/secureworks/redcloak/log/lacuna.log --override-root=/v... ├─ 6054 /var/opt/secureworks/redcloak/bin/procwall --log-path=/var/opt/secureworks/redcloak/log/procwall.log --override-roo... ├─ 6057 /var/opt/secureworks/redcloak/bin/procwall --log-path=/var/opt/secureworks/redcloak/log/procwall.log --override-roo... ├─ 6058 /var/opt/secureworks/redcloak/bin/lacuna --log-path=/var/opt/secureworks/redcloak/log/lacuna.log --override-root=/v... ├─15025 /var/opt/secureworks/redcloak/bin/procwall --log-path=/var/opt/secureworks/redcloak/log/procwall(2).log --override-... └─15026 /var/opt/secureworks/redcloak/bin/procwall --log-path=/var/opt/secureworks/redcloak/log/procwall(2).log --override-... Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable. Warning: redcloak.service changed on disk. Run 'systemctl daemon-reload' to reload units. [root@ngelinux001 ~]#
II. Download the package from redhat support or vendor as per license terms applicable with vendor.
ngelinux001 ngeuser $ ls -l /tmp/Linux.zip -rwxrwxrwx 1 ngeuser ngeuser 6846084 13 Dec 16:58 /tmp/Linux.zip
III. Installation of Redcloak
### Unzip the package # unzip Linux.zip ### Install the unzipped RPM # yum install ./name.rpm ### Check Service Status # service redcloak status
If the service is running, all is fine at our end.
In case of any issue with service then we need to troubleshoot.
Note:- Always install via yum command, and don’t use rpm command directly.