Enabling Console control of the Sensor

Requirements

• Capsule8 Sensor version 4.1.1 or later
• Capsule8 Console version 4.1.0 or later

How to enable

1. Enable the feature in the console configuration file. For example:

   console:
     policy_config_enabled: true

2. Get an API token from the console. There are two ways to do this:

   • Generate a token on the command line capsule8-console generate-token --host
   • Click the "Add Resource" button on <console-url>/app/hosts

3. Edit /etc/capsule8/capsule8-sensor.yaml

   policy_input:
     url: https://<console-url>/policy/via-metadata
     headers:
       Authorization: "BEARER <token>"

4. Restart the sensor.

Once the above configuration is complete, the sensor periodically requests the most up-to-date policy set from the Console. Initially, there are no user configurations, so a default configuration is returned.

When this feature is enabled, users can Manage the Sensor from the Console and Deploy Detection Policy Sets on the Console.

Notes

Using policy_input in /etc/capsule8/capsule8-sensor.yaml will ignore any configuration in /etc/capsule8/capsule8-analytics.yaml.