SentinelOne is an """AI""" Powered Antivirus. In case your employer is making you install the agent on your Linux Workstation, here is some info.
Acquisition of Software
The agent software is available for the APT and RPM Package Mangers, meaning the software is packaged for Debian and RedHat Linux, as well as it's derivatives.
The Agent software is not freely available for download, but instead from the Admin Center.
Ask your Admin for a file.
Installation
Ubuntu
Double click and install the .deb file, or use the command
sudo dpkg -i (FILE) Make sure to replace (FILE) with the filename.
RedHat
Don't ask me I don't use RedHat
Arch
Heads up: You need the .deb file for this!
Since there is no native .tar.xz for pacman available, we have to get creative.
Luckily for us, there is a package on the Arch User Repository: https://aur.archlinux.org/packages/sentinelagent.
You can't just autoinstall this with yay or pacaur. You need to clone it and do some modification.
Download the repo by either clicking the Download Snapshot link on the right side of the linked page,
or by cloning it using git: git clone https://aur.archlinux.org/sentinelagent.git.
Go into the directory you just downloaded / cloned, and edit the PKGBUILD file.
Add the following, and make sure to replace FILE with your filename.
source=("FILE")sha256sums=("SKIP")
Then run makepkg and install the resulting package using this command:
sudo pacman -U (FILE).tar.xz
If you have done everything right, there should be a sentinelctl command available now.
On Arch I have found that the antivirus does not seem to actually do much except run a full system scan every now and again.
It doesn't perform any live file checks or behavioral analysis.
As of right now, I don't know how to enable this.
Connecting the agent with the management server
Ask your Admin for a SentinelOne Agent Token. They should know what this means.
Replace TOKEN with the token given to you.
Install the token using the command as follows: sudo sentinelctl management token set TOKEN