To install and configure the Yara Manager to manage the Yara Connector in the EDR Console.

• Carbon Black EDR Server: 7.7.x
• Yara Connector: 2.2.0
• Yara Manager: 2.2.0

The Yara Connector can operate on the EDR server independently. The Yara Manager (optional) provides an easy user interface in the EDR Console to operate the Yara Connector.

1. Install the Yara Connector first
2. Install Yara Manager (derived from the EDR User Guide)
   1. Create the Carbon Black open source repo: 

      cd /etc/yum.repos.d
      curl -O https://opensource.carbonblack.com/release/x86_64/CbOpenSource.repo

   2. Install the cb-yara-manager: 

      yum install python-cb-yara-manager

   3. Configure Yara Manager - Optional (derived from User Guide)
   4. Create the configuration file. 

      cd /etc/cb/integrations/cb-yara-manager 
      cp config.py.example config.py

   5. Create the authentication file (where adequately_long_and_complex_password_or_token is any passphrase.)

      vi /etc/cb/integrations/cb-yara-manager/auth.conf
      [auth]
      api_token=< create a unique adequately_long_and_complex_password >

   6. Add to /etc/cb/cb.conf 

      YaraManagerEnabled=true
      YaraManagerToken=< insert the unique adequately_long_and_complex_password >

   7. To invoke the new cb.conf changes run

      /usr/share/cb/cbservice cb-coreservices restart

   8. Start the service. 

      systemctl start cb-yara-manager

   9. Confirm that it is running. 

      ps -ef | grep -i manager (there should be 2 instances running)

   10. View Yara Manager in the browser after authenticating to the EDR server.

       https://<EDR server IP>/connector/yara