Team: Huntress EDR
Product: Addigy (Script)
Environment: MacOS
Summary:Huntress agent deployment via Addigy (Script) RMM
Addigy provides the ability to create Smart Software to deploy third-party software. This document provides the instructions to add Smart Software for Huntress to your Policies to deploy the Huntress Agent to your customer's computers. We are not able to offer comprehensive support for Addigy; please refer to the Addigy documentation for full details regarding the usage of Addigy policies and Smart Software.
If you have feedback or questions about this deployment, please reach out to support@huntress.com.
- Retrieve Your Huntress Account Key
- Create Smart Software for Huntress
- Granting Full Disk Access
- Troubleshooting
Retrieve Your Huntress Account Key
- Login to the Huntress Web Interface.
- Hover over the Huntress options menu in the upper-right corner of the dashboard.
- Select the "Download Agent" option from the menu.
- On the Installer page click the clipboard icon to copy your secret account key to your clipboard; this will come in handy later in the deployment process.
Create Smart Software for Huntress
-
- First, view the Huntress Installation Script for Addigy. Leave this browser window open as we will need it later.
- Create a new entry for Smart Software in Addigy by navigating to Catalog > Software > Smart Software. Click "New" to add a new Smart Software entry.
- Add initial details for your Huntress Smart Software and scroll down to </>InstallationScript.
- Go back to your browser window with the Huntress Installation Script for Addigy and copy the contents by clicking on the "Copy raw contents" icon on the right above the script.
- Paste this into the </>InstallationScript section of your Addigy Smart Software window
- Scroll down to line 52 within the </>InstallationScript section. Replace __ACCOUNT_KEY__ with the Account Key that you copied earlier on this page.
- If you have a preferred Organization, go to line 56 and replace __ORGANIZATION_KEY__ with your preferred Organization Key (can be found in your Huntress portal under Home > Organizations.) Here is what the script looks like before it is edited.
Here is what it should look like after you have added in your Account and Organization Keys
- In most Addigy multitenant setups, each client has their own top-level Policy that represents the client name. If you would like to dynamically use the top-level Policy name as the Organization Name for each agent installation, then comment out line 56 and then uncomment lines 68-69. This will pull in the $POLICY_PATH environment variable and extract just the top-level policy name. NOTE: This will only work as part of normal scheduled deployments. It will not work when deploying from GoLive or Self-Service.
For example, if your Policy hierarchy looks like this:
then the above script will use "First Tier Top Level Policy" as the Organization Name with "first-tier-top-level-policy" as the Organization Key. To update this script to dynamically use the Second Tier Policy, update the end of Line 68 so that it uses
{print $2}
so that it now look like this:topLevelPolicy=$(echo ${POLICY_PATH} | awk -F ' \\| ' '{print $2}')
{print $3}
, etc. - A Condition Script is available if you would like Addigy to check if Huntress is an installed application, then install Huntress if it is not found on the machine.
- Under Conditions, select "Check for a path"
- Set "Failure" if the following exists:
- In "Path to file or folder" input
/Applications/Huntress.app
- Click on "Add to script". This action to automatically add your condition script into your Smart Software. This script will look like this
- Ensure "Install on success" is checked.
- When installation script is skipped, report as: "Finished"
Here is the generate code for the Condition Script:
if [ -e "/Applications/Huntress.app" ]; then
echo " /Applications/Huntress.app File exists "
exit 1
else
echo "/Applications/Huntress.app File does not exist"
exit 0
fi
- Lastly, for Removal Steps, if you would like Huntress to be removed when the device is removed from a corresponding policy, then copy and paste this code block into the Remove Script section
#!/bin/sh
/bin/sh /Applications/Huntress.app/Contents/MacOS/Uninstall - Click Save and Review on the bottom right.
- Navigate to Policies > (Your relevant policy) > Software. Under the Smart Software tab, click the box next to your new Smart Software for Huntress. Click "Add/Remove" to add this software to your Policy.
Grant Full Disk Access to the Huntress agent
Once you have completed the above steps to deploy the Huntress agent, ensure you also add an MDM Policy to grant Full Disk Access.
Instructions for creating a PPPC Payload for Full Disk access can be found here:
https://support.huntress.io/hc/en-us/articles/9591929170835
Troubleshooting
If you see a successfully installed message like the example below, and you still don't see the agent in your portal make sure you're searching from your Account-level dashboard, not your Org-level dashboard.
If you're still stuck; email your Huntress log files from the affected machine's /tmp/
and /Library/Application Support/Huntress/HuntressAgent/
directories to support@huntress.io
Comments
0 comments
Please sign in to leave a comment.