Arctic Wolf Agent Installation Guide

Installation Guide

Overview of Agent installation Direct link to this section

Arctic Wolf® Agent provides additional intelligence to the Arctic Wolf® Managed Risk and Managed Detection and Response solutions, and is offered as an included component of either solution.

Tip: For information about Agent scans, see Arctic Wolf Agent Scans.

Supported operating systems Direct link to this section

Agent is compatible with these operating system (OS) versions:

Tip: You can use Sysmon to install Agent on Windows endpoints across your organization. Sysmon has these OS requirements:

Note: Vulnerability scanning is not supported on CentOS.

Before you begin Direct link to this section

Before you install Agent:

Note: Do not install Agent on an endpoint that already has Wazuh installed.

Agent installation requirements Direct link to this section

To install Agent, you must:

Caution: Do not make any edits to the customer.json file. Editing this file causes installation errors.

Agent installation options Direct link to this section

To install Agent on a single endpoint, see Installing a Single Arctic Wolf Agent.

To bulk install Agent on several endpoints, follow the guide for your operating system:

Operating system Installation tools Guide
Windows
  • Agent Installer
  • Group Policy Management
  • Intune
  • Sysmon

Note: Installing Sysmon is optional, but Arctic Wolf strongly encourages installing it if you do not have an alternative Endpoint Detection and Response (EDR) solution. See Sysmon installation for installation steps.

Installing Arctic Wolf Agent on Windows
macOS
  • Agent Installer
  • Jamf Pro
Installing Arctic Wolf Agent on macOS
Linux
  • Agent Installer
Installing Arctic Wolf Agent on Linux

Sysmon installation Direct link to this section

To install Sysmon for Agent on Windows endpoints, see Installing Sysmon for Arctic Wolf Agent on Windows.