Skip to main content

Hi, everybody! Since announcing our strategic alliance that pairs our two platforms, Automox has developed customized Worklets for SentinelOne that includes pre-built scripts for automatic deployment of the SentinelOne agent across Windows, Linux and macOS devices - without manual intervention or wasted IT cycles. Below you’ll find the worklet for MacOS.

Big thanks to @Zac-Automox  for getting these written. 🤘

 

Worklet Details: Install SentinelOne Agent (MacOS)

 

Evaluation Code

#!/bin/bash

#================================================================
# HEADER
#================================================================
#  SYNOPSIS
#    Installs the SentinelOne agent on the endpoint.
#
#  DESCRIPTION
#    This worklet will check to see if the SentinelOne agent is
#    installed on the target device.
#
#  USAGE
#    ./evaluation.sh
#
#================================================================
#  IMPLEMENTATION
#    version         STRAT-1_install_sentinelone_agent (www.automox.com) 1.0
#    author          Zac Youtz
#
#================================================================
#  HISTORY
#    8/13/2021 : Zac Youtz : Script creation

#================================================================
# END_OF_HEADER
#================================================================

# evaluate the device to see if the SentinelOne agent is installed
if /usr/local/bin/sentinelctl status > /dev/null; then
  echo "Software is already installed"
  exit 0
else
  echo "Software not installed - Flagging for installation"
  exit 1
fi

 

Remediation Code

#!/bin/bash

#================================================================
# HEADER
#================================================================
#  SYNOPSIS
#    Installs the SentinelOne Agent on the target device
#
#  DESCRIPTION
#    This worklet checks to see if the SentinelOne Agent is installed
#    on the target device and if it isn't, installs and registers the
#    SentinelOne Agent on the device.
#
#  USAGE
#    ./remediation.sh
#
#  EXAMPLE
#    filename="SentinelAgent_macos_v21_5_3_5411.pkg"
#    site_token="ABCD123"
#
#================================================================
#  IMPLEMENTATION
#    version         STRAT-1_install_sentinelone_agent (www.automox.com) 1.0
#    author          Zac Youtz
#
#================================================================
#  HISTORY
#     8/13/2021 : Zac Youtz : Script creation
#
#
#================================================================
# END_OF_HEADER
#================================================================

#########################
filename=""
site_token=""
#########################
# CONSTANTS
installer="$(pwd)/$filename"
target="/Library/"
token_file="/tmp/com.sentinelone.registration-token"
#########################

function is_sentinelone_installed() {
  if /usr/local/bin/sentinelctl status > /dev/null; then
    true
  else
    false
  fi
}

# Check if SentinelOne is already installed
if is_sentinelone_installed; then
  echo "Software is already installed"
  exit 0
fi

# Write site token to temp file
echo "$site_token" > "$token_file"

# Install SentinelOne agent
cp "$installer" "/tmp"
tmp_installer="/tmp/$filename"

echo "Installing $installer to $target"
/usr/sbin/installer -pkg "$tmp_installer" -target "$target"

# Cleanup temp file
rm "$tmp_installer" "$token_file"

if is_sentinelone_installed; then
  echo "Software successfully installed"
  exit 0
else
  echo "Software failed to install"
  exit 1
fi

 

Hi! Thanks for sharing. The deployment works fine, but is there a script to give permissions for Full Disk Access to sentineld / sentineld_helper / sentineld_shell and SentinelOne Extensions? Would appreciate all the help possible! Thanks


Reply