Please note that platform packages are prepared for Debian Bullseye and x86-64 platform.
All other platforms/architectures are not supported for APT installation.
Issue these commands as root user:
apt-get update
apt-get -y install curl lsb-release gnupg
echo "deb https://box.foresightcyber.com/fcpc/bullseye/ ./" \
| tee /etc/apt/sources.list.d/fcpc.list
curl https://box.foresightcyber.com/fcpc/fcpc.gpg.pub \
| apt-key add
apt-get update
apt-get install -y fcpc fcpd
fcpc help general
You can use our predeployed docker image.
docker run --name fcpc -ti limosek/fcpc daemon
docker exec -ti fcpc fcpc help general
Use this docker-compose.yml file.
Create /etc/fcpc/config.ini with your settings.
Note that this is just example and for persistent storage, you need to change elasticsearch settings!
version: '3.4'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.15.1
hostname: elasticsearch
ports:
- 127.0.0.1:9200:9200
networks:
- fcp
fcpd:
image: limosek/fcpc
hostname: fcpd
environment:
- FCP_CONFIG=/etc/fcpc/config.ini
- FCP_DB_DRIVER=elastic
- FCP_DB_ELASTIC_PREFIX=fcpc
- FCP_DB_ELASTIC_URL=http://elasticsearch:9200/
- HTTP_PORT=8156
- HTTP_LISTEN=0.0.0.0
depends_on:
- elasticsearch
volumes:
- /etc/fcpc:/etc/fcpc
ports:
- 127.0.0.1:8156:8156
networks:
- fcp
networks:
fcp:
For other platforms, you can use pip3 install procedure
pip3 install --extra-index-url=https://box.foresightcyber.com/fcpc/bullseye/simple/ fcpc
fcpc help general
You should get this result if successful
usage: fcpc.py [-c CONFIG] [-l LOGLEVEL] [--logfile LOGFILE] [--modules MODULES] [--timezone TIMEZONE]
[--profiling FILE] [--message MESSAGE] [--locationid LOCATIONID] [--organizationid ORGANIZATIONID]
[--tag TAG] [--cd CD] [--write_exit_code WRITE_EXIT_CODE] [--asset.inactive.days ASSET.INACTIVE.DAYS]
[--asset.nologins.days ASSET.NOLOGINS.DAYS] [--user USER]
[--host.default.name {guess,fqdn,ip,hostname}] [--host.default.domain HOST.DEFAULT.DOMAIN]
[--prev_epoch PREV_EPOCH] [--epoch EPOCH] [--epochs_back EPOCHS_BACK] [--server.url SERVER.URL]
[--client mode] [--help_format {cli,md}] [--input.format FORMAT] [--input.buffering FLAG]
[--input.file FILE] [--output.format FORMAT] [--output.buffering FLAG] [--output.file FILE]
[--output.column COLUMN] [--cli.write.header BOOL] [--cli.dump.columns BOOL]
[--cli.count.column COLUMN] [--cli.shorten.column COLUMN:WIDTH] [--cli.tag.group CLI.TAG.GROUP]
[--cli.tag.show CLI.TAG.SHOW] [--cli.tag.suppress CLI.TAG.SUPPRESS] [--cli.clock.column COLUMN]
[--cli.count.rows BOOL] [--cli.write.type TYPE]
add cache count daemon db del describe diff epoch groupby help hint history job link list show search
select shell tag tag-by-query untag-by-query tag-duplicated-by tag-intersect-by update views ansible
azuread report graph hardenize itop ldap nmap qualys remedy rt skybox zabbix
If you see general help message, you can continue to Configuration guide.
Public key used to sign:
pub rsa3072 2021-10-04 [SC]
1C4B98D612C6899B388771391F7012EC94B3D31D
uid [ultimate] Foresight Cyber Platform <fcp@foresightcyber.com>
sub rsa3072 2021-10-04 [E]