Sophos Central Linux Endpoint: Automate Sophos Agent deployment to Linux Servers using ANSIBLE

"Disclaimer: Please contact Sophos Professional Services if you require assistance with your specific environment." 

Overview 
 
This article provides a high-level overview on how to deploy Sophos MTR on Linux devices using Ansible. It also includes an example YML playbook to install Sophos. 
The steps below are provided with the assumption that following infrastructure is present on the environment. 

  • Ansible master server 
  • Hosts configured to work with Ansible master server 

 
Applies to the following Sophos product(s) and version(s) 

  • Central Linux (MTR) Endpoint 
  • Central Linux (Legacy) Endpoint 
     

What to do 

Central Linux (MTR) Endpoint deployment using Ansible Playbook: 
 
1) create a YML file named Sophos_Install.yml with following content in Master Node: 
 
--- 
- hosts: Cent_Hosts 
  vars: 
    - sophos_tmp_dir: /tmp/Sophos_Installer 
    - sophos_agent_download_url: api-cloudstation-us-east-2.prod.hydra.sophos.com/.../down$ 
    - downloaded_file_name: SophosSetup.sh 
  tasks: 
    - name: SOPHOS | Create Temporary Work Directory 
      file: 
        path: "{{ sophos_tmp_dir }}" 
        state: directory 
    - name: SOPHOS | Download Sophos Executable 
       get_url: 
           url: "{{ sophos_agent_download_url }}" 
           dest: "{{ sophos_tmp_dir }}/{{ downloaded_file_name }}" 
    - name: "SOPHOS | Making {{ downloaded_file_name }} executable" 
       file: 
          path: "{{ sophos_tmp_dir }}/{{ downloaded_file_name }}" 
          mode: +x 
     - name: Installing Sophos 
       become: true 
        command: sh "{{ sophos_tmp_dir }}/{{ downloaded_file_name }}" 
     - name: SOPHOS | Delete sophos temp folder 
       file: 
         path: "{{ sophos_tmp_dir }}/" 
         state: absent 

2) Please refer to following screenshot for indentation: 

3) Deploy using the following command and provide the configured password

root@Sophos:~/Playbooks# ansible-playbook Sophos_Install.yml -kK 
 
A successful deployment should look like below: 

To move the Linux servers to specific group in mass modify the command line to: 
 
command: sh "{{ sophos_tmp_dir }}/{{ downloaded_file_name }}"  --group=DB_Servers 
 
Please change the group name as per the group name available in central. 

 

Sign up to the Sophos Support Notification Service to get the latest product release information and critical issues. 



Did bold Overview
[edited by: Niranjan Lakra at 12:23 AM (GMT -7) on 1 Sep 2022]