How to install Audit Agents

This guide shows you how to deploy an Audit Agent on an endpoint so that AlloyScan can audit a device that lives outside your local network — for example, a laptop, a remote worker's machine, or a host on a network where you cannot install an Audit Service.

Prerequisites

• Site Administrator role to obtain installer downloads.
• An endpoint running a supported operating system:
• Windows 10 or later, Windows Server 2016 or later.
• macOS X 10.7 or later.
• Linux — Debian or Red Hat-derivative distributions.
• Outbound HTTPS (TCP 443) from the endpoint to the AlloyScan instance. No inbound ports are required.

Steps

1. Navigate to Network > Audit agents (or Admin Center > Site Settings > Tasks and services > Audit agents).
2. In the Installing the audit agent section, choose one of four delivery methods:
   • Click Download audit agent for Windows and copy the installer to the endpoint.
   • Click Download audit agent for macOS and copy the installer to the endpoint.
   • Click Download audit agent for Linux and copy the installer to the endpoint.
   • Click the copy link icon next to any platform to copy a downloadable URL, then deploy via your preferred software-distribution channel (for example, an MDM or a configuration management tool).
3. Run the installer on the endpoint with appropriate privileges: | Platform | Installer behavior | |---|---| | Windows | Standard MSI installer; runs as a Windows service. | | macOS | Package installer; runs as a launch daemon. | | Linux | Distribution-specific package; runs as a systemd service. |
4. (Optional) Open Admin Center > Site Settings > Settings > Audit agent settings and configure:
   • Inactivity period (default 30 days) — agents that send no heartbeat for this period are automatically scheduled for deletion.
   • Audit agent auto tag — a tag applied automatically to every agent-audited device.

If a previous agent installation left residual files, run a clean install before retrying.

Verify

The first audit results from a freshly installed agent typically arrive within 10 to 15 minutes. After that:

• The agent appears in Admin Center > Site Settings > Tasks and services > Audit agents with a Last active timestamp and an Audit ID UUID.
• The audited device appears in Inventory under the matching device type.
• If you set an auto tag, the device row shows the tag pill in the Tags column.

Related

• Audit Agent Reference
• How to install Audit Service
• About Discovery and Audit
• Troubleshooting