For agents to be able to communicate with Lacework, they must be able to connect to the following URLs:
- lacework.net : 443
- S3-us-west-2.amazonaws.com : 443
- amazonaws.com : 443
If required, the agent can be configured to use a network proxy by adding proxy information to the configuration file or by creating a https_proxy environment variable.
To include proxy information, edit the proxy url key:
Adding a https_proxy Environment Variable
From the shell on the host on which the agent resides, use the following command to add your proxy url:
$ export https_proxy=“http:your.proxy.server:port”
Or if your proxy requires a password:
$ export https_proxy=“http://username:[email protected]:port”
Adding a Certificate
Lacework uses GoDaddy as its Certificate Authority. If the GoDaddy certificate is not in trusted root store, the agent will not be able to communicate with Lacework. Most current Linux distributions include the required certificate by default. In certain older distributions, the certificate may need to be added - see Appendix for certificate details.