You can configure the policy on each node (The capability to configure policy for multiple nodes on a visual editor is coming in the near future).
Requirements
- Capsule8 Sensor version 4.1.1 or later
- Capsule8 Console version 4.1.0 or later, and before 4.4.0
How to enable
-
Set
CAPSULE8_CONSOLE_POLICY_CONFIG_ENABLED
in the console deployment totrue
-
Get a 10 year token from the console. Two ways to do this:
- Generate a token on the command line
capsule8-console generate-token --host
- (with
CAPSULE8_CONSOLE_ALERT_BLOB_STORAGE_ENABLED
set tofalse
) click the “Add Host” button on<console-url>/app/hosts
- Edit
capsule8-sensor.yaml
:
policy_input: url: https://<console-url>/policy/via-metadata headers: Authorization: "BEARER <token>"
How to configure
-
Under the “Hosts” page
<console-url>/app/hosts
, click on a host you would like to configure the policy for. -
Under the hostname, click on the “Policy Set” button.
-
You will find a text editor to edit the YAML configuration file that is deployed to the host. This policy supersedes any locally installed
/etc/capsule8/capsule8-analytics.yaml
configuration as well as capsule8-content package, if installed.
Comments
0 comments
Please sign in to leave a comment.