Mass installation method for ACC for ACC-V for windows os.

Hank Woo · ‎01-06-2025

Hi all,

For ACC-V, customer have to install more than 4000 agent client collectors.

And also wants to install acc in specific folder.

In this case, I recommend customer to use command line installation by ansible for linux OS hosts.

rpm -i --relocate /etc=<folder name> --relocate /var=<folder name> agent-client-collector-4.0.0-x86_64.rpm

I checked this command and works fine.

But I can't find command for windows OS.

I found "msiexec /i <msi_file_path> /quiet /qn /norestart ACC_API_KEY=<key_value> ACC_MID=wss://<mid_ip>:<websocket_port>/ws/events ACC_ALLOW_LIST=False" in docs but there's no option for destination folder.

Is there any solution for this requirements?

Regards,

Hank Woo.

SK Chand Basha · ‎02-08-2025

Hi @Hank Woo

Silent Installation

This is the single line installation command

# Install Agent Client Collector

# msiexec /i .\agent-client-collector-4.0.0-windows-x64.msi /quiet /qn /norestart ACC_API_KEY=******* ACC_MID=wss://<Ip address>:<port>/ws/events ACC_ALLOW_LIST=TRUE LOCALUSERNAME=SYSTEM

Start-Process msiexec.exe -Wait "/i agent-client-collector-4.0.0-windows-x64.msi /quiet /qn /norestart ACC_API_KEY=******* ACC_MID=wss://<Ip address>:<port>/ws/events ACC_ALLOW_LIST=TRUE LOCALUSERNAME=SYSTEM"

# Install OSQuery

# $msi = "osquery-5.7.0.msi"

# $url = "https://pkg.osquery.io/windows/$msi"

# $dst = "$PSScriptRoot\$msi"

# Write-Host $dst

# Invoke-WebRequest -Uri $url -OutFile $dst

# Start-Process msiexec.exe -Wait "/i $dst /quiet /qn /norestart"

# msiexec /i ".\osquery-5.7.0.msi" /quiet /qn /norestart

Start-Process msiexec.exe -Wait "/i osquery-5.7.0.msi /quiet /qn /norestart"

# Configure osqueryd service

$flags = "--logger_rotate=true

--logger_rotate_size=26214400

--logger_rotate_max_files=1

--watchdog_level=-1

--config_path=C:\Program Files\osquery\osquery-sam.conf"

Set-Content -Path 'C:\Program Files\osquery\osquery.flags.default' -Value "$flags"

$conf = @'

{

"options": {

"config_plugin": "filesystem",

"logger_plugin": "filesystem",

"utc": "true"

},

"schedule": {

"sam_process_info": {

"query": "SELECT name, pid, elapsed_time, start_time, user_time, system_time, username FROM processes p JOIN users u ON u.uid = p.uid WHERE p.elapsed_time != -1 AND u.type != 'special';",

"snapshot" : true,

"interval": 60

},

"system_info": {

"query": "SELECT hostname, cpu_brand, physical_memory FROM system_info;",

"interval": 3600

}

},

"decorators": {

"load": [

"SELECT uuid AS host_uuid FROM system_info;",

"SELECT user AS username FROM logged_in_users ORDER BY time DESC LIMIT 1;"

]

},

"packs": {

"sam-metering": "C:\\ProgramData\\ServiceNow\\agent-client-collector\\cache\\acc-visibility-modules\\bin\\sam-metering.conf"

}

'@

Set-Content -Path 'C:\Program Files\osquery\osquery-sam.conf' -Value "$conf"

cd 'C:\Program Files\osquery'

.\manage-osqueryd.ps1 -uninstall

.\manage-osqueryd.ps1 -install

Restart-Service osqueryd

Mark it helpful and Accept Solution!! If this helps you to understand.

Doci1 · ‎02-11-2025

Hi @SK Chand Basha interesting script, which basically do the same what ACC Agent installation wizard itself, but anyway you did not respond to the question, how to install ACC to different folder.