Skip to main content

Agent Command Line Guide

Valerie
  • Updated

You can control the Automox agent installation using the command line. The following topics are described here:

Operating System Install Locations

Based on the operating system, the Automox agent installs to these locations:

macOS

/usr/local/bin/amagent

Windows

C:\Program Files (x86)\Automox\amagent.exe

Linux

/opt/amagent/amagent

Command Line Help

--help

Basic help information for command line options can be found by executing the following:

amagent --help
amagent -h

Setting the Organization Access Key

--setKey

The access key binds the agent and device to a specific organization in the Automox console. This command can be used to move a device from one organization to another, or to change the organization if an incorrect access key was provided during installation.

Follow these steps:

  1. Deregister the device and set the new access key. See Accessing Your API Keys for information about access keys.

    <path to amagent>/amagent --setkey <NEW_ORGANIZATION_ACCESS_KEY>

  2. Restart the Automox agent.

Linux:

sudo service amagent restart

macOS:

sudo launchctl kickstart -k system/com.automox.agent

Windows:

net stop amagent
net start amagent

Assigning a Group to a Device

--setgrp

This command defines the Automox group that this agent should be placed in when it first connects with the Automox platform. This allows you to easily add the device to a group and is a no-touch way to specify the policies you want to add to the device. When using the --setgrp flag, you must predefine the Default Group/ to the group name that you are providing to the setgrp command. When specifying groups, remember to separate them with a forward-slash / character.

Follow these steps:

  1. To set the device group to the Engineering group, issue the following command:
    amagent --setgrp 'Default Group/Engineering' (macOS and Linux)
    amagent --setgrp "Default Group/Engineering" (Windows)

  2. Deregister the agent:
    amagent --deregister

  3. Restart the Automox Agent:

Linux:

sudo service amagent restart

macOS:

sudo launchctl kickstart -k system/com.automox.agent

Windows:

net stop amagent
net start amagent

Deregistering a Device

--deregister

When the Automox agent runs for the first time, it establishes an identity with the Automox servers using public-key cryptographic methods. If you ever need to reset the agent and have it re-register as a new device, you can deregister the agent.

Checking for Device Compatibility with Automox

After a device is connected, Automox runs a compatibility check to ensure that we can successfully manage the device. Each operating system has its own compatibility checklist. For more details about what is passing or failing on the compatibility check, click the Review Checklist link to view the Compatibility Checklist in the Device Details page in the Automox console. To perform this check directly from the device via the agent command line, issue this command:

amagent --checkcompat

Redirect Agent Output to stdout of a Console

This command runs the agent in the current console. Logging is piped to stdout.

Note: Before running with this command, it is recommended that the agent service is disabled.

amagent -c

Setting the Directory for Executing Scripts

The Automox Agent uses scripts to execute most of its functions including scanning and patching. These scripts execute from a fixed directory on the local device. By default this is set to the following locations:

Windows: C:\ProgramData\amagent\

macOS: /Library/Application Support/Automox/

Linux: /var/lib/amagent

If you prefer these actions to run from a different default path, that can be set using an agent command on the device (--setexecdir). The next time the Automox Agent service is restarted, it will use the newly specified location for running its scripts. Some endpoint security applications block scripts that don't originate from a designated location. So the most common reason to modify this setting is to move it to a trusted or preferred directory for your security software.

Note: For macOS, do not set the execdir to any directory or subdirectory of a user’s Desktop, Downloads, or Documents folder. Temporary directories created for executing commands are not cleaned up if they are in an OS protected special location. See also Control access to your files and folders on Mac.

Output from amagent --help:

automox@ubuntu:/opt/amagent$ ./amagent --help
amagent 1.0-28 (go1.12.4) Copyright (c) 2019 Automox, Inc.usage:
[--setkey <accesskey>] Sets the access key
[--setgrp <groupname>] Sets the initial group name
[--setexecdir <directory>] Sets the temporary directory to execute scripts from
[--deregister] Deregisters this server from Automox
[--checkcompat] Checks the compatibiltiy and connectivity with Automox server
[-c] Runs the agent in the current console. Logging is piped to stdout. (It is recommend to disable the agent service before running with this command)
[-h | --help] Displays this message

Note: To restore the default, you can set the original directory path in the same manner as a new one.

Reinstalling the Automox Agent

To reinstall the Automox agent, ensure that the agent has first been deregistered and then removed.

  1. Deregister the agent as described here in Deregistering the Agent.

  2. Remove the agent. See Removing the Automox Agent.

  3. Follow the instructions in Installing the Automox Agent for your device.

Related articles

Comments

0 comments

Article is closed for comments.