Installation via the Capsule8 Package Repository

Capsule8 maintains an external package repository where deb and rpm packages are managed so that any user with an access token can install the correct packages for their system.

Access Token

To start, ask your Capsule8 rep for an access token to Capsule8’s package repository. This will be a read-only token that is used to authenticate with PackageCloud. Access tokens are alphanumeric strings with no punctuation.

Once you receive your access token, the local system must be updated to enable package installation. This is performed through the following script, in which you should substitute your access token at the beginning of the url (after https:// and before :@packagecloud.io)

curl -s https://abcdef012314f29dc850878c6747b70f5b3ff01234567891092f0:@packagecloud.io/install/repositories/capsule8/capsule8/script.deb.sh | sudo bash

Package Installation

Once the local system is updated to pull Capsule8’s packages, installation can be done through the system’s native package installer. Before proceeding, make note of which package manager is being used to start and manage running packages on your system, as well as which version of Capsule8 you desire.

The service and package manager of the system is required when installing a Capsule8 package. The most recent version available will be installed by default, although you may optionally provide your desired version. As an example, the following is a command that would install the Capsule8 sensor version 4.10.3 for a system using systemd as its service manager on a machine using apt-get as its package manager:

sudo apt-get install capsule8-sensor-systemd=4.10.3

Default detections (recommended)

The sensor does not ship with any detections enabled by default, but a recommended set of detections is available by installing the content package:

sudo apt-get install capsule8-content=4.10.0

Upgrading the Sensor

The sensor can be upgraded by installing the desired Capsule8 Sensor package with your package manager. The package is installed with the name Capsule8 Sensor with the service manager (eg. sysV, systemd, upstart or runit) as a hyphenated suffix, such as:

sudo apt-get install capsule8-sensor-systemd