Install an Engine - Install a Cortex XSOAR engine. - Administrator Guide - 8 - Cortex XSOAR - Cortex - Security Operations

Create an engine.

1. Select Settings & Info → Settings → Integrations → Engines → Create New Engine.

2. In the Engine Name field, add a meaningful name for the engine.

3. Select one of the installer types from the dropdown list.

   • Shell

   • DEB

   • RPM

   • Configuration

   Tip

   For Linux systems it is recommended to use the Shell installer. If using Amazon Linux 2, use the Zip installer (see step 4).

4. (Optional) (Shell only) Select the checkbox to enable multiple engines to run on the same machine.

   If you have an existing engine and did not select the checkbox and you want to install another engine on the same machine, you need to delete the existing engine.

5. (Optional) Add any required configuration in JSON format.

6. Click OK.

For Shell installation, do the following:

1. Move the .sh file to the engine machine using a tool like SSH or PuTTY.

2. On the engine machine, grant execution permission by running the following command:

   chmod +x <engine-file-path>

3. Install the engine by typing one of the following commands:

   With tools: sudo ./d1-<engine-name>-<XSOAR-version>-xxxxxxx.sh

   Without tools: sudo ./d1-<engine-name>-<XSOAR-version>-xxxxxxx.sh -- -tools=false

   For example: sudo ./d1-enginename-8.2-250000.sh -- -tools=false

For RPM/DEB installation, do the following:

1. Move the file to the required machine using a tool like SSH or PuTTY.

2. Type one of the following installation commands:

   Machine Type	Install Command
   RHEL (RPM)	sudo rpm -Uvh d1-2.5_15418-1.x86_64.rpm
   Ubuntu (DEB)	sudo dpkg --install d1_xxx_amd64.deb

3. Start the engine by running one of the following commands:

   Machine Type	Start Command
   RHEL (RPM)	sudo systemctl start d1
   Ubuntu (DEB)	sudo service d1 restart

For Zip installation on Amazon Linux 2, run the following commands:

1. Create the engine folder.

   mkdir /usr/local/demisto

2. Unzip the engine files to the folder created in the previous step.

   unzip ./d1.zip -d /usr/local/demisto

3. Allow the process to bind to low numbered ports.

   setcap CAP_NET_BIND_SERVICE=+eip /usr/local/demisto/d1_linux_amd64

4. Change the owner of /usr/local/demisto to the demisto user.

   chown -R demisto:demisto /usr/local/demisto

5. In /etc/systemd/system edit the d1.service file las follows (adjust the directory and the name of the binaries file if needed).

    [Unit]
   Description=Demisto Engine Service
   After=network.target
   [Service]
   Type=simple
   User=demisto
   WorkingDirectory=/usr/local/demisto
   ExecStart=/usr/local/demisto/d1_linux_amd64
   EnvironmentFile=/etc/environment
   Restart=always
   [Install]
   WantedBy=multi-user.target

6. Give the service execution permissions and change the owner to demisto.

   chmod -x d1.service chown demisto:demisto d1.service

7. Run the engine process.

   systemctl start d1

8. Verify that the engine is running.

   systemctl status d1

Use an Engine in an Integration.