From 04c958a9d4eb42ae2e08fddb1d8d58e80e16d154 Mon Sep 17 00:00:00 2001 From: meghapriyams <107922071+meghapriyams@users.noreply.github.com> Date: Tue, 24 Sep 2024 17:18:33 +0530 Subject: [PATCH] Update README.md --- linux/installation/README.md | 29 ++++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/linux/installation/README.md b/linux/installation/README.md index 056c44b..d3fcf3b 100644 --- a/linux/installation/README.md +++ b/linux/installation/README.md @@ -2,13 +2,17 @@ ## About the script -`mde_installer.sh` is a bash script that sets up mde on all [supported distros](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux#system-requirements). - -It runs through the steps of the [manual deployment](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually), and installs MDE. -There are a few extra features for one-line installation like [onboarding](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually#download-the-onboarding-package). +`mde_installer.sh` is a bash script that can install MDE on all [supported distros](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux#system-requirements). With the help of installer script, you can not just install but also onboard MDE on your endpoints. ## How to use +1. Download onboarding package from the Microsft Defender Portal. For guidance, refer to the [steps](https://learn.microsoft.com/en-us/defender-endpoint/linux-install-manually#download-the-onboarding-package) +2. Give executable permission to the installer script +```bash +chmod +x /mde_installer.sh +``` +3. Execute the installer script with appropriate parameters such as (onboard, channel, realtime protection, etc) based on your requirements. Check help for all the available options + ```bash ❯ ./mde_installer.sh --help mde_installer.sh v0.4.2 @@ -21,7 +25,7 @@ Options: -o|--onboard onboard/offboard the product with -p|--passive-mode set EPP to passive mode -t|--tag set a tag by declaring and . ex: -t GROUP Coders - -m|--min_req enforce minimum requirements + -m|--min_req enforce minimum requirements -x|--skip_conflict skip conflicting application verification -w|--clean remove repo from package manager for a specific channel -y|--yes assume yes for all mid-process prompts (highly reccomended) @@ -35,19 +39,18 @@ Options: ## Sample use case ```bash -sudo ~/mde_installer.sh --install --channel prod --onboard ~/linux_onboarding_script.py --tag GROUP Coders --min_req -y +sudo ~/mde_installer.sh --install --channel prod --onboard ~/MicrosoftDefenderATPOnboardingLinuxServer.py --tag GROUP Coders --min_req -y ``` -This one-liner would: +This one-liner will: -1. Check that the device qualifies to run MDE (`--min_req`) +1. Check if the device qualifies to run MDE (`--min_req`). Aborts installation, if the check fails 2. Install MDE according to the detected distribution and version and defined channel (`--install` and `--channel prod`): - 1. Install required packages. - 2. Set up the package repository in the package manager. - 3. Pull latest version of MDE and install it. + 1. Install required packages + 2. Set up the package repository in the package manager + 3. Pull latest version of MDE from production and install it 3. Onboard MDE according to a provided onboarding script (`--onboarding `) 4. Once installed, will set a device group tag to the device (`--tag GROUP Coders`) -5. If the machine is behind proxy, use `--proxy` to set proxy url ## Additional details @@ -55,7 +58,7 @@ This one-liner would: The installer script can be used to (separatly or combined): -* Install, upgrade or remove the product. +* Install, upgrade or uninstall the product. * Onboad or offboard the product. * Clean package manager from repositry (only SLES for now)