From d8645c694b380be60dd1a25593c77d84bbd1c30c Mon Sep 17 00:00:00 2001 From: Kelly Baker Date: Sat, 22 Feb 2020 20:31:41 -0800 Subject: [PATCH 1/4] Update linux-install-with-ansible.md @mjcaparas Edit complete. Again, TOC title could be "Ansible-based installation" (or deployment). Thanks, Kelly --- .../linux-install-with-ansible.md | 54 +++++++++---------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md index ebe4a8e842..489504c74a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md @@ -1,7 +1,7 @@ --- -title: Installing Microsoft Defender ATP for Linux with Puppet +title: Install Microsoft Defender ATP for Linux with Ansible ms.reviewer: -description: Describes how to install Microsoft Defender ATP for Linux, using Puppet. +description: Describes how to install Microsoft Defender ATP for Linux using Ansible. keywords: microsoft, defender, atp, linux, installation, deploy, uninstallation, puppet, ansible, linux, redhat, ubuntu, debian, sles, suse, centos search.product: eADQiWindows 10XVcnh search.appverid: met150 @@ -18,15 +18,15 @@ ms.collection: M365-security-compliance ms.topic: conceptual --- -# Ansible based deployment +# Install Microsoft Defender ATP for Linux with Ansible **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Linux](microsoft-defender-atp-linux.md) -This topic describes how to deploy Microsoft Defender ATP for Linux through Ansible. A successful deployment requires the completion of all of the following steps: +This topic describes how to install Microsoft Defender ATP for Linux using Ansible. A successful installation requires the completion of all of the following tasks: -- [Download onboarding package](#download-onboarding-package) +- [Download the onboarding package](#download-the-onboarding-package) - [Create Ansible YAML files](#create-ansible-yaml-files) - [Deployment](#deployment) - [References](#references) @@ -35,14 +35,14 @@ This topic describes how to deploy Microsoft Defender ATP for Linux through Ansi Before you get started, please see [the main Microsoft Defender ATP for Linux page](microsoft-defender-atp-linux.md) for a description of prerequisites and system requirements for the current software version. -- Ansible needs to be installed at least on one computer (we will call it master) -- Passwordless SSH must be configured for root user between the master and all clients +- Ansible needs to be installed on at least on one computer (we will call it master). +- Passwordless SSH must be configured for the root user between the master and all clients. - The following software must be installed on all clients: - - python-apt - - curl - - unzip + - Python-apt + - Curl + - Unzip -- All host must be listed in the following format in `/etc/ansible/hosts` file: +- All host must be listed in the following format in the `/etc/ansible/hosts` file: ```bash [servers] @@ -50,19 +50,19 @@ Before you get started, please see [the main Microsoft Defender ATP for Linux pa host2 ansible_ssh_host=51.143.50.51 ``` -- Ping test +- Ping test: ```bash $ ansible -m ping all ``` -## Download onboarding package +## Download the onboarding package Download the onboarding package from Microsoft Defender Security Center: 1. In Microsoft Defender Security Center, go to **Settings > Machine Management > Onboarding**. -2. In the first drop down, select **Linux Server** as the operating system. In the second drop down, select **Your preferred Linux configuration management tool** as the deployment method. -3. Click on **Download onboarding package**. Save the file as WindowsDefenderATPOnboardingPackage.zip. +2. In the first drop-down menu, select **Linux Server** as the operating system. In the second drop-down menu, select **Your preferred Linux configuration management tool** as the deployment method. +3. Select **Download onboarding package**. Save the file as WindowsDefenderATPOnboardingPackage.zip. ![Microsoft Defender Security Center screenshot](images/atp-portal-onboarding-linux-2.png) @@ -79,9 +79,9 @@ Download the onboarding package from Microsoft Defender Security Center: ## Create Ansible YAML files -Create subtask / role files which contribute to an actual task. Create the below files under the `/etc/ansible/roles` directory. +Create subtask or role files that contribute to an actual task. Create the below files under the `/etc/ansible/roles` directory. -- Copy onboarding package to all client machines: +- Copy the onboarding package to all client machines: ```bash $ cat /etc/ansible/roles/copy_onboarding_pkg.yml @@ -94,7 +94,7 @@ Create subtask / role files which contribute to an actual task. Create the below mode: '0644' ``` -- Create a `setup.sh` script which operates on the onboarding file: +- Create a `setup.sh` script that operates on the onboarding file: ```bash $ cat /root/setup.sh @@ -127,7 +127,7 @@ Create subtask / role files which contribute to an actual task. Create the below script: /root/setup.sh ``` -- Add the Microsoft Defender ATP repository and key +- Add the Microsoft Defender ATP repository and key. Microsoft Defender ATP for Linux can be deployed from one of the following channels (denoted below as *[channel]*): *insider-fast* or *prod*. Each of these channels corresponds to a Linux software repository. @@ -137,7 +137,7 @@ Create subtask / role files which contribute to an actual task. Create the below Note your distribution and version and identify the closest entry for it under `https://packages.microsoft.com/config/`. - In the below commands, replace *[distro]* and *[version]* with the information identified in the previous step. + In the below commands, replace *[distro]* and *[version]* with the information you've identified. > [!NOTE] > In case of Oracle EL and CentOS 8, replace *[distro]* with “rhel”. @@ -173,7 +173,7 @@ Create subtask / role files which contribute to an actual task. Create the below enabled: Yes ``` -- Create the actual install / uninstall YAML files under `/etc/ansible/playbooks` +- Create the actual install/uninstall YAML files under `/etc/ansible/playbooks`. - For apt-based distributions use the following YAML file: @@ -225,28 +225,28 @@ Create subtask / role files which contribute to an actual task. Create the below ## Deployment -Now run the tasks files under `/etc/ansible/playbooks/` +Now run the tasks files under `/etc/ansible/playbooks/`. -- Installation +- Installation: ```bash $ ansible-playbook /etc/ansible/playbooks/install_mdatp.yml -i /etc/ansible/hosts ``` -- Validation / configuration +- Validation/configuration: ```bash $ ansible -m shell -a 'mdatp --connectivity-test' all $ ansible -m shell -a 'mdatp --health' all ``` -- Uninstallation +- Uninstallation: ```bash $ ansible-playbook /etc/ansible/playbooks/uninstall_mdatp.yml -i /etc/ansible/hosts ``` -## Logging installation issues +## Log installation issues See [Logging installation issues](linux-resources.md#logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs. @@ -258,4 +258,4 @@ See [Logging installation issues](linux-resources.md#logging-installation-issues - [Add and remove APT repositories](https://docs.ansible.com/ansible/latest/modules/apt_repository_module.html) -- [Manage apt-packages](https://docs.ansible.com/ansible/latest/modules/apt_module.html) \ No newline at end of file +- [Manage apt-packages](https://docs.ansible.com/ansible/latest/modules/apt_module.html) From 8ee3e9dbd459ed9df2a44e4d4e1127d2dce87d4e Mon Sep 17 00:00:00 2001 From: Kelly Baker Date: Sat, 22 Feb 2020 20:48:50 -0800 Subject: [PATCH 2/4] Update linux-install-with-ansible.md --- .../microsoft-defender-atp/linux-install-with-ansible.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md index 489504c74a..51aaaf6a64 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md @@ -1,7 +1,7 @@ --- -title: Install Microsoft Defender ATP for Linux with Ansible +title: Deploy Microsoft Defender ATP for Linux with Ansible ms.reviewer: -description: Describes how to install Microsoft Defender ATP for Linux using Ansible. +description: Describes how to deploy Microsoft Defender ATP for Linux using Ansible. keywords: microsoft, defender, atp, linux, installation, deploy, uninstallation, puppet, ansible, linux, redhat, ubuntu, debian, sles, suse, centos search.product: eADQiWindows 10XVcnh search.appverid: met150 @@ -18,13 +18,13 @@ ms.collection: M365-security-compliance ms.topic: conceptual --- -# Install Microsoft Defender ATP for Linux with Ansible +# Deploy Microsoft Defender ATP for Linux with Ansible **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Linux](microsoft-defender-atp-linux.md) -This topic describes how to install Microsoft Defender ATP for Linux using Ansible. A successful installation requires the completion of all of the following tasks: +This topic describes how to deploy Microsoft Defender ATP for Linux using Ansible. A successful deployment requires the completion of all of the following tasks: - [Download the onboarding package](#download-the-onboarding-package) - [Create Ansible YAML files](#create-ansible-yaml-files) From c92dbc70560905ecfb265427d5c0a5fb6c50ddc5 Mon Sep 17 00:00:00 2001 From: Kelly Baker Date: Mon, 24 Feb 2020 07:16:15 -0800 Subject: [PATCH 3/4] Update linux-install-with-ansible.md --- .../microsoft-defender-atp/linux-install-with-ansible.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md index 51aaaf6a64..2ec6fa1eb9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md @@ -248,7 +248,7 @@ Now run the tasks files under `/etc/ansible/playbooks/`. ## Log installation issues -See [Logging installation issues](linux-resources.md#logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs. +See [Log installation issues](linux-resources.md#log-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs. ## References From 54e85741752de588e6275c798ec98fd3588215b4 Mon Sep 17 00:00:00 2001 From: Kelly Baker Date: Mon, 24 Feb 2020 10:30:25 -0800 Subject: [PATCH 4/4] Update linux-install-with-ansible.md --- .../microsoft-defender-atp/linux-install-with-ansible.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md index 2ec6fa1eb9..8eae3591a3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md @@ -35,7 +35,7 @@ This topic describes how to deploy Microsoft Defender ATP for Linux using Ansibl Before you get started, please see [the main Microsoft Defender ATP for Linux page](microsoft-defender-atp-linux.md) for a description of prerequisites and system requirements for the current software version. -- Ansible needs to be installed on at least on one computer (we will call it master). +- Ansible needs to be installed on at least on one computer (we will call it the master). - Passwordless SSH must be configured for the root user between the master and all clients. - The following software must be installed on all clients: - Python-apt @@ -79,7 +79,7 @@ Download the onboarding package from Microsoft Defender Security Center: ## Create Ansible YAML files -Create subtask or role files that contribute to an actual task. Create the below files under the `/etc/ansible/roles` directory. +Create subtask or role files that contribute to an actual task. Create the following files under the `/etc/ansible/roles` directory. - Copy the onboarding package to all client machines: @@ -137,7 +137,7 @@ Create subtask or role files that contribute to an actual task. Create the below Note your distribution and version and identify the closest entry for it under `https://packages.microsoft.com/config/`. - In the below commands, replace *[distro]* and *[version]* with the information you've identified. + In the following commands, replace *[distro]* and *[version]* with the information you've identified. > [!NOTE] > In case of Oracle EL and CentOS 8, replace *[distro]* with “rhel”.