Perform the following procedure to install YARA Manager.

Procedure

  1. Install the CbOpenSource repository: 
    cd /etc/yum.repos.d
curl -O https://opensource.carbonblack.com/release/x86_64/CbOpenSource.repo
  2. Use Yum to install YARA Manager: 
    yum install python-cb-yara-manager
  3. Copy the example config file: 
    cp /etc/cb/integrations/cb-yara-manager/config.py.example /etc/cb/integrations/cb-yara-manager/config.py
  4. Verify the config file.
  5. Create an authentication configuration file at /etc/cb/integrations/cb-yara-manager/auth.conf . Add the following lines to the file: 
    [auth]
api_token=adequately_long_and_complex_password_or_token
  6. Replace adequately_long_and_complex_password_or_token with a passphrase or token.
  7. Start the YARA Manager.
  8. Add the configured API token and YARA Management support to cb.conf : 
    YaraManagerEnabled=true
YaraManagerToken=adequately_long_and_complex_password
    For information about cb.conf, see the Carbon Black EDR Server Configuration Guide.
  9. Restart cb-coreservices to apply the changes: 
     /usr/share/cb/cbservice cb-coreservices restart
  10. Log in to your Carbon Black EDR console and browse to https://<cb_server_url>/connectors/yara, or click YARA Manager on the navigation bar.