Running Cbinit in Non-Interactive Mode

Products

Carbon Black EDR

Issue/Introduction

How to run cbinit in non-interactive mode.

Environment

Carbon Black EDR Server: All Versions

Resolution

Create a configuration file on the EDR server. The name of the file can be anything.

Enter the following into the configuration file, insert your information but do not include the < > symbols. Modify the other fields as needed (see additional notes for config info).

[Config]
unattended_install=True
root_storage_path=/var/cb/data
svc_user=cb
svc_group=cb
admin_username=<username>
admin_first_name=<user>
admin_last_name=<lastuser>
admin_email=<[email protected]>
admin_password=<mypassw>
manage_iptables=1
cluster_node_id=0
has_solr_events=0
service_autostart=1
force_reinit=1
redis_use_password=True
redis_password=<MyRandomPassword>
redis_use_ssl=1
default_sensor_server_url=https://<serveraddress_or_fqdn>
alliance_thirdparty_binaries_enabled=0
alliance_comms_enabled=0
alliance_statistics_enabled=0
alliance_bit9_hashes_enabled=0
alliance_bit9_binaries_enabled=0

Run cbinit
```
/usr/share/cb/cbinit <configfile>
```
Delete the configuration file when done.

Additional Information

This is for non-interactive mode on the primary/standalone server. For clusters, add-node from the primary automatically does a non-interactive cbinit on the minion node.
In the example, Redis has been set to use SSL and a Password.
- Redis Password can be any random string of characters.
- This will not enable these Redis feature in the cb.conf but it will enter the info. To enable it please run the following and restart services.
```
sed -i -E 's/(^#\s)(SSLRedis.*\=)/\2/g' /etc/cb/cb.conf && sed -i -E 's/(^#\s)(Redis.*\=)/\2/g' /etc/cb/cb.conf
```
- To run this fully interactive in one command, set service_autostart=0 in your configuration file. Then run this single command to initialize, enable those configs then start services.
```
/usr/share/cb/cbinit <configfile> && sed -i -E 's/(^#\s)(SSLRedis.*\=)/\2/g' /etc/cb/cb.conf && sed -i -E 's/(^#\s)(Redis.*\=)/\2/g' /etc/cb/cb.conf && /usr/share/cb/cbservice cb-enterprise start
```

Config Table

Bool is 0 (false) or 1 (true)

Config Name	Setting Type	Info	Default
unattended_install	True/False	Enable unattended/non-interactive installation	True
root_storage_path	String	Path of data storage.	/var/cb/data
svc_user	String	No shell user for EDR services.	cb
svc_group	String	No shell user group for EDR services.	cb
admin_username	String	First global admin's username
admin_first_name	String	First global admin's first name
admin_last_name	String	First global admin's last name
admin_email	String	First global admin's email
admin_password	String	First global admin's password
manage_iptables	Bool	Allow EDR to add firewall rules to the local server	Recommended at 1
cluster_node_id	Int	Primary or Standalone ID	0
has_solr_events	Bool	Will this primary have Solr event storage	1
service_autostart	Bool	Auto start the EDR services after cbinit completes	1
force_reinit	Bool	Removes existing data. Cbinit will not continue otherwise if data exists.	1
redis_use_password	True/False	Enable Redis to use a password through Redis requirepass configuration.	True
redis_password	String	Any random password of your choice.
redis_use_ssl	Bool	Enable Redis to use SSL Certificates. Cbinit will generate the certs required	1
default_sensor_server_url	String	IP or FQDN Address of the primary server. FQDN is recommended	https://<ip_or_fqdn>
alliance_thirdparty_binaries_enabled	Bool	Enable sharing binaries (.zip) with third party feed partners.	This setting along with the settings below can be controlled through the console's Sharing Settings page. For more info, see the EDR Server User Guide
alliance_comms_enabled	Bool	Enable Alliance Communication. Disabling this will not get threat intel feeds.
alliance_statistics_enabled	Bool	Enable Sharing Statistics with Alliance for Support
alliance_bit9_hashes_enabled	Bool	Enable Sharing Hashes and Binary Metadata with Alliance
alliance_bit9_binaries_enabled	Bool	Enable Sharing Binary (.zip) with Alliance