Installing a Unix/Linux Agent

This topic describes how to deploy ITM On-Prem (ObserveIT) Agents on Unix/Linux-based system servers which require monitoring.

The Unix or Linux Agent installer is a self-extracting file which includes the package and an installation script.

For a description of the installation script parameters, see Unix Installation Script Parameters.

Unix/Linux Agent installation files are located at /opt/observeit/agent.

The installation of all currently supported Unix/Linux Agents is identical, except for the name of the package; the same installation script can be used for every supported Unix/Linux platform. For a list of currently supported platforms and versions, see Supported Platforms.

The following procedure provides an example of an Ubuntu Linux Agent deployment.

If a security password is required for Agent installation (install -p), you must provide a security password in order to proceed with the installation. For further details, see Enabling Installation Security (in the Configuration Guide).

Installing a Linux Agent

Linux JWT Support

  1. Obtain the ITM On-Prem (ObserveIT) Agent installation file and copy it to the server(s).

  2. Log in to the target server with root permissions; or, alternatively, use the pfexec command.

  3. Run the ls –l command and verify that the file has execute permissions (-rwxr-xr-x). Otherwise, use chmod +x for the Agent’s file name.

  4. Run the command:

    From version 7.13.1, JWT authentication is supported. Before installing Linux agent, you must download a JWT file that you will provide during the installation. This file can be downloaded from the Configuration > Settings > Service Settings. (See Configuring Service Settings.)

    ./ -- -i -s https://<Application-Server-FQDN>/observeitapplicationserver -j <jwt file full path>


    • <jwt file path> is the location of the file

    • <Application-Server-FQDN> is application server fully qualified domain name

    Application server fully qualified domain name must be resolvable.

    For versions previous to 7.13.1, JWT authentication is not supported. To use JWT, you must upgrade to version 7.13.1 or higher.

    If you are installing an earlier version without JWT, run this command: 

    ./ -- -i -s
  5. Installation output example:

    Verifying archive integrity... Done.

    Uncompressing ....

    The oit package was not previously installed; performing clean install

    Installing observeit agent

    Successfully registered this machine and saved configuration

    auditing service started/running

    ssh stop/waiting

    ssh start/running, process 26529

  6. After installing the Agent, you should check the Agent's registration and health status, as described in Checking an Agent's Registration and Health Status.

    In order to verify that user activity recording is working properly after the Agent installation, follow the steps described in Verifying Successful User Activity Recording after Installation.

Important Notes

  • If there are no execute permissions on the /tmp directory, installation will fail when the self-extracting script attempts to deploy the packages. To prevent installation failure in this case, run the installation command using the ––target option, as follows:
    ./ --target /work/install -- -i -s -j /tmp/sesstings.json
  • If there is insufficient space in the /tmp folder, then you need to redirect the installation to another directory. In this case, include the –t option in the installation command, as follows:
    ./ -- -i -s -j /tmp/sesstings.json /work/tmp

    where /work/tmp is the location of the new directory.

    If the /work/tmp directory does not exist, you must create it manually

Excluding Processes for ITM On-Prem (ObserveIT) Agent for Linux

Some antivirus programs detect executable files as unknown and block them by default. To avoid this, it is recommended that you exclude these processes:

  • /opt/observeit/agent/

  • It is also recommended to exclude the logger process from active scans