These docs are for Cribl Edge 4.7 and are no longer actively maintained.
See the latest version (4.14).
Installing Edge on Linux via RPM
If you need to install Edge in a tightly managed Linux environment, use the signed RPM package installation method.
The RPM will create a cribl-edge user and a cribl-edge group. The
cribl-edge user will own the cribl-edge configuration file (stored in the
/etc/sysconfig directory). The config file contains the Leader’s auth token.
To keep the Leader’s auth token secure, only root and the cribl-edge user
can read/modify the config file contents.
RPM Download Links
Cribl Edge Version | RPM Download Link | GPG Key |
|---|---|---|
| 4.7.3 | 4.7.3 RPM Public Key | |
| 4.7.2 | 4.7.2 RPM Public Key | |
| 4.7.1 | 4.7.1 RPM Public Key | |
| 4.7.0 | 4.7.0 RPM Public Key | |
| 4.6.1 | 4.6.1 RPM Public Key | |
| 4.6.0 | 4.6.0 RPM Public Key | |
| 4.5.1 | 4.5.1 RPM Public Key | |
| 4.5 | 4.5.0 RPM Public Key |
Verifying the RPM Package Signature
To verify the RPM package signature, enable local GPG package checking. Next, download and import the GPG key and verify its signature.
Enable Local GPG Package Checking
Your environment may not have the GPG check for local packages enabled by default.
To enable the local package GPG checks for yum or dnf,
add localpkg_gpgceheck=1 to the main stanza in:
/etc/yum/confforyum/etc/dnf/dnf.conffordnf
For example:
[main]
...
localpkg_gpgcheck=1Download and Import the GPG Key
Cribl’s public GPG key ensures the authenticity and integrity of the Cribl RPM package.
Download the GPG key: https://cdn.cribl.io/dl/CRIBL_RPM_PUBLIC_GPG.
Manually import the public GPG key to
rpmusing this command:rpm --import <URL/filepath>For example:
rpm –-import https://cdn.cribl.io/dl/4.5.0/CRIBL_RPM_PUBLIC_GPGVerify the package signature using this command:
rpm -Kv <rpm-file>This command ensures the package’s integrity and authenticity, and returns information about the package. It also checks if anyone has tampered with the package since the original developer or distributor signed it. This helps prevent you from installing potentially malicious or compromised packages.
Installing Edge via RPM
Follow the installation steps to install the RPM package on a Cribl Linux Edge Node.
Out of the box, the RPM will install the software into the
/optdirectory. The RPM package will configure but not enable the Systemd service. You will need to enable the software service separately.
To install Cribl Edge via RPM:
Open a CLI and run one of the commands, depending on the processor:
sudo yum install https://cdn.cribl.io/dl/4.5.0/cribl-edge-4.5.0-1a628515-linux-x64.rpmOr
sudo yum install https://cdn.cribl.io/dl/4.5.0/cribl-edge-4.5.0-1a628515-linux-arm64.rpmThis command does the following:
- Creates the
cribl-edgeuser and group, if it doesn’t exist. - Puts the contents of Cribl’s TGZ into
/opt/cribl-edgeand makesroot/rootthe owner. - Creates the
cribl-edgesystemd service, which is disabled by default. - Creates
/etc/sysconfig/cribl-edge.confowned bycribl-edge:cribl-edgeand only accessible by thecribl-edgeuser. - Creates
/var/lib/cribl-edge/owned bycribl-edge:cribl-edgeand only accessible by thecribl-edgeuser. - Sets
CRIBL_INSTALL_TYPEtoRPMin the service destination, to block distributed upgrades, as upgrading from the Leader bypasses the security of RPM. - Sets
CRIBL_VOLUME_DIRto/var/lib/cribl-edgein the service destination, so configs and logs are saved to thecribl-edgedirectory.
- Creates the
Edit the environment variables in
/etc/sysconfig/cribl.conf, in order for Cribl Edge to connect to a Leader. The RPM installscribl-edgein standalone mode by default (CRIBL_DIST_MODE = edge).
To deploy Edge in a managed deployment, edit these environment variables:CRIBL_DIST_MODE = managed-edgeCRIBL_DIST_LEADER_URL=tls://<authToken>@leader:4200
Enable the service:
systemctl enable cribl-edgeto enable the service on boot.systemctl start cribl-edgeto start it manually.
Upgrading Edge via RPM
Uninstalling Edge via RPM
To remove Cribl that you installed via RPM, use the command line:
sudo yum remove cribl-edgeUninstalling Cribl removes the cribl or cribl-edge service, the cribl binary
from /opt/, and the service file from /lib/systemd/system.
Configuration files are maintained, along with any environment variables you edited when you first installed Cribl. This means you can pull in your previous configuration(s) if you decide to reinstall Cribl via RPM.
The cribl-edge directory is also maintained, along with the data, logs, and
defaults of your configuration.