CLI
In some cases, we don't have an extension for installing and running Cimon. This is either due to a lack of infrastructure or to the requirement to install it manually. In such cases, we've provided methods for installing and executing Cimon. Our extensions (GitHub Actions and Azure Pipelines) do precisely that behind the scenes.
Installation Cimon CLI
The quickest way to install Cimon CLI is with the install script. It will automatically select the latest version according to the architecture. The default folder for the installation is ./bin:
curl -sSfL https://cimon-releases.s3.amazonaws.com/install.sh | sh -s -- -h
sh: download go binaries for Cimon
Usage: sh [-b] bindir [-d] [tag]
-b sets bindir or installation directory, Defaults to ./bin
-d turns on debug logging
[tag] is a tag from
https://github.com/cycodelabs/cimon-releases/releases
If tag is missing, then the latest will be used.
Examples
Fetching the latest version to ./bin
curl -sSfL https://cimon-releases.s3.amazonaws.com/install.sh | sh
Installing Cimon to a path that is already included in the PATH variable, but it will require higher privileges:
curl -sSfL https://cimon-releases.s3.amazonaws.com/install.sh | sudo sh -s -- -b /usr/local/bin
cimon -h
Fetching a specific version tag
curl -sSfL https://cimon-releases.s3.amazonaws.com/install.sh | sh -s -- v0.10.0
Available Sub-commands
cimon agent start- Start the Cimon agent in the foreground.cimon agent start-background- Start Cimon agent in the background.cimon agent stop- Stop Cimon agent and print logs
Parameters
Here are the parameters that are supported:
| Environment Variable | Default | Description |
|---|---|---|
CIMON_CLIENT_ID | Cimon client ID for authentication | |
CIMON_SECRET | Cimon secret for authentication | |
CIMON_URL | Cimon endpoint for authentication | |
CIMON_PREVENT | false | Enable prevention mode |
CIMON_ALLOWED_IPS | A comma or white space separated list of allowed IP addresses | |
CIMON_ALLOWED_HOSTS | A comma or white space separated list of allowed domain names. The left-most label can be the wildcard character (*) to match multiple subdomains (e.g. *.example.com) | |
CIMON_IGNORED_IP_NETS | A comma or white space separated list of ignored IP networks in CIDR notation, e.g. 10.0.0.0/8, 172.16.0.0/12. This setting is mandatory if your workflow runs containers attached to a custom network with configured sub-range. In other words, inter-container networking is usually ignored by Cimon. Cimon implicitly ignores 10.0.0.0/8 and 172.16.0.0/12 networks. | |
CIMON_REPORT_PROCESS_TREE | false | Enable to report the process tree |
CIMON_SLACK_WEBHOOK_ENDPOINT | Slack webhook endpoint to report security events | |
CIMON_LOG_LEVEL | info | Log level (Used for debugging) |