FIXEye Agent installation (Linux)
The guide below describes how to install FIXEye Agent on Linux servers using RPM, DEB, or ZIP packages. It also includes optional configuration for Consul integration.
Installation from rpm package (not applicable for RHEL systems)
download latest package from https://clientspace.b2bits.com/product-36 (e.g., fixeye-agent-2.3.0.168-1.el7.x86_64.rpm)
install rpm package on Centos
rpm -i fixeye-agent-2.3.0.168-1.el7.x86_64.rpm
copy your fixeye-agent.license file into /etc/fixeye/ directory
generate Fixeye CA and server certificate and private key and copy them (fixeye.key, fixeye.crt) into /etc/fixeye/ directory
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout fixeye.key -out fixeye.crt -subj '/C=UK/L=London/O=EPAM/OU=BFIX/CN=fixicch2.fixeye'
- replace '/C=UK/L=London/O=EPAM/OU=BFIX/CN=fixicch2.fixeye' with your company identity
edit /etc/fixeye/fixeye-agent.config as follows
-rest-port 8882 -rest-pkey "/etc/fixeye/fixeye.key" -rest-cert "/etc/fixeye/fixeye.crt" --propfile "/etc/fixeye/fixeye-agent.properties" -f "/var/lib/fixedge-java/*.in" "/var/lib/fixedge-java/*.out" --pidfile "/var/log/fixeye/fixeye-agent.pid" -licfile "/etc/fixeye/fixeye-agent.license"
where "/var/lib/fixedge-java/*.in" and "/var/lib/fixedge-java/*.out" are paths to FIXEdge sessions log files. They should be changed if the log files are located in some other directory.
(Only for configuration with Consul) add below in the end of /etc/fixeye/fixeye-agent.properties
Consul.Enabled=true
Consul.Host=localhost
Consul.Port=8501
Consul.ReconnectInterval=1000
Consul.ServerName=ServerA
Consul.Services.Host=localhost
Consul.Services.HealthChecks.Interval=5
Consul.Services.HealthChecks.Timeout=5
Consul.SSL=true
Consul.SSL.CertificateAuthority=/etc/fixeye/consul.crt
(Only for configuration with Consul) copy consul certificate
cp /etc/consul.d/consul.crt /etc/fixeye/consul.crt
chown -R fixeye:fixeye /etc/fixeye/
enable and start fixeye-agent server:
systemctl enable --now fixeye-agent
systemctl start fixeye-agent
Installation from rpm package (for RHEL systems)
download latest package from https://clientspace.b2bits.com/product-36 (e.g., fixeye-agent-2.3.0.168-1.el7.x86_64.rpm)
install rpm package on RHEL
rpm -i fixeye-agent-2.3.0.168-1.el7.x86_64.rpm
copy your fixeye-agent.license file into /etc/fixeye/ directory
generate Fixeye CA and server certificate and private key and copy them (fixeye.key, fixeye.crt) into /etc/fixeye/ directory
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout fixeye.key -out fixeye.crt -subj '/C=UK/L=London/O=EPAM/OU=BFIX/CN=fixicch2.fixeye'
- replace '/C=UK/L=London/O=EPAM/OU=BFIX/CN=fixicch2.fixeye' with your company identity
edit /etc/fixeye/fixeye-agent.config as follows
-rest-port 8882 -rest-pkey "/etc/fixeye/fixeye.key" -rest-cert "/etc/fixeye/fixeye.crt" --propfile "/etc/fixeye/fixeye-agent.properties" -f "/var/lib/fixedge-java/*.in" "/var/lib/fixedge-java/*.out" --pidfile "/var/log/fixeye/fixeye-agent.pid" -licfile "/etc/fixeye/fixeye-agent.license"
where "/var/lib/fixedge-java/*.in" and "/var/lib/fixedge-java/*.out" are paths to FIXEdge sessions log files. They should be changed if the log files are located in some other directory.
(Only for configuration with Consul) add below in the end of /etc/fixeye/fixeye-agent.properties
Consul.Enabled=true
Consul.Host=localhost
Consul.Port=8501
Consul.ReconnectInterval=1000
Consul.ServerName=ServerA
Consul.Services.Host=localhost
Consul.Services.HealthChecks.Interval=5
Consul.Services.HealthChecks.Timeout=5
Consul.SSL=true
Consul.SSL.CertificateAuthority=/etc/fixeye/consul.crt
(Only for configuration with Consul) copy consul certificate
cp /etc/consul.d/consul.crt /etc/fixeye/consul.crt
chown -R fixeye:fixeye /etc/fixeye/
add fixeye user to the fixedge group
usermod -a -G fixedge fixeye
copy service startup script
cp ./fixeye-agent /etc/init.d/fixeye-agent
chmod +x /etc/init.d/fixeye-agent
remove systemd unit
mv /usr/lib/systemd/system/fixeye-agent.service /usr/lib/systemd/system/fixeye-agent.service_backup
enable fixeye-agent service
chkconfig --add fixeye-agent
start fixeye-agent server and check service status
service fixeye-agent restart
Installation from deb package
download latest package from https://clientspace.b2bits.com/product-36 (fixeye-agent-2.3.0.168-1.el7.x86_64.deb)
install deb package on Ubuntu
sudo dpkg -i fixeye-agent-2.3.0.168-1.el7.x86_64.deb
copy your fixeye-agent.license file into /etc/fixeye/ directory
generate Fixeye CA and server certificate and private key and copy them (fixeye.key, fixeye.crt) into /etc/fixeye/ directory
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout fixeye.key -out fixeye.crt -subj '/C=UK/L=London/O=EPAM/OU=BFIX/CN=fixicch2.fixeye'
- replace '/C=UK/L=London/O=EPAM/OU=BFIX/CN=fixicch2.fixeye' with your company identity
edit /etc/fixeye/fixeye-agent.config as follows
-rest-port 8882 -rest-pkey "/etc/fixeye/fixeye.key" -rest-cert "/etc/fixeye/fixeye.crt" --propfile "/etc/fixeye/fixeye-agent.properties" -f "/var/lib/fixedge-java/*.in" "/var/lib/fixedge-java/*.out" --pidfile "/var/log/fixeye/fixeye-agent.pid" -licfile "/etc/fixeye/fixeye-agent.license"
where "/var/lib/fixedge-java/*.in" and "/var/lib/fixedge-java/*.out" are paths to FIXEdge sessions log files. They should be changed if the log files are located in some other directory.
(Only for configuration with Consul) add below in the end of /etc/fixeye/fixeye-agent.properties
Consul.Enabled=true
Consul.Host=localhost
Consul.Port=8501
Consul.ReconnectInterval=1000
Consul.ServerName=ServerA
Consul.Services.Host=localhost
Consul.Services.HealthChecks.Interval=5
Consul.Services.HealthChecks.Timeout=5
Consul.SSL=true
Consul.SSL.CertificateAuthority=/etc/fixeye/consul.crt
(Only for configuration with Consul) copy consul certificate
cp /etc/consul.d/consul.crt /etc/fixeye/consul.crt
chown -R fixeye:fixeye /etc/fixeye/
enable and start fixeye-agent server:
systemctl enable --now fixeye-agent
systemctl start fixeye-agent
Installation from zip package
download latest package from https://clientspace.b2bits.com/product-36 (e.g., fixeye-agent-2.6.0.201.tar.gz)
unpack it to the required directory
tar -xzvf fixeye-agent-2.6.0.201.tar.gz -C /etc/fixeye/
copy your fixeye-agent.license file into /etc/fixeye/ directory
generate Fixeye CA and server certificate and private key and copy them (fixeye.key, fixeye.crt) into /etc/fixeye/ directory
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout fixeye.key -out fixeye.crt -subj '/C=UK/L=London/O=EPAM/OU=BFIX/CN=fixicch2.fixeye'
- replace '/C=UK/L=London/O=EPAM/OU=BFIX/CN=fixicch2.fixeye' with your company identity
edit /etc/fixeye/fixeye-agent.config as follows
-rest-port 8882 -rest-pkey "/etc/fixeye/fixeye.key" -rest-cert "/etc/fixeye/fixeye.crt" --propfile "/etc/fixeye/fixeye-agent.properties" -f "/var/lib/fixedge-java/*.in" "/var/lib/fixedge-java/*.out" --pidfile "/var/log/fixeye/fixeye-agent.pid" -licfile "/etc/fixeye/fixeye-agent.license"
where "/var/lib/fixedge-java/*.in" and "/var/lib/fixedge-java/*.out" are paths to FIXEdge sessions log files. They should be changed if the log files are located in some other directory.
(Only for configuration with Consul) add below in the end of /etc/fixeye/fixeye-agent.properties
Consul.Enabled=true
Consul.Host=localhost
Consul.Port=8501
Consul.ReconnectInterval=1000
Consul.ServerName=ServerA
Consul.Services.Host=localhost
Consul.Services.HealthChecks.Interval=5
Consul.Services.HealthChecks.Timeout=5
Consul.SSL=true
Consul.SSL.CertificateAuthority=/etc/fixeye/consul.crt
(Only for configuration with Consul) copy consul certificate
cp /etc/consul.d/consul.crt /etc/fixeye/consul.crt
chown -R fixeye:fixeye /etc/fixeye/
start fixeye-agent:
/opt/fixeye/fixeye-agent
Consul configuration
To find the Consul installation instructions, please follow this link.
For non-production use, you can run the Consul in developer mode with the command: consul agent -dev
.
For production use - please follow this link.
To configure the encrypted connection from FIXEye Agent to the Consul on the Consul side, please refer to this link.
Related articles
FIX Engine parameters#Loggingparameters