Last active
October 12, 2023 15:15
-
-
Save jaycdave88/7c72ce44e36318c9c6a08dd28b5b0b85 to your computer and use it in GitHub Desktop.
PowerShell script to install latest Datadog Windows agent. Enable logs, live process, and configure win32_event_logs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Download agent | |
| (Invoke-WebRequest https://s3.amazonaws.com/ddagent-windows-stable/datadog-agent-7-latest.amd64.msi -OutFile c:\datadog-agent-7-latest.amd64.msi) | |
| # Download .NET Tracer v1.13x64 .msi | |
| [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 | |
| (Invoke-WebRequest https://github.com/DataDog/dd-trace-dotnet/releases/download/v1.13.0/datadog-dotnet-apm-1.13.0-x64.msi -OutFile c:\datadog-dotnet-apm-1.13.0-x64.msi) | |
| # Start the Datadog agent | |
| (Start-Process -Wait msiexec -ArgumentList '/qn /i c:\datadog-agent-7-latest.amd64.msi APIKEY=xxx HOSTNAME="my_hostname" TAGS="mytag1,mytag2"') | |
| # Start .NET Tracer v1.13x64 | |
| (Start-Process -Wait msiexec -ArgumentList '/qn /i c:\datadog-dotnet-apm-1.13.0-x64.msi') | |
| # Enable logs and live process | |
| ((Get-Content -path C:\ProgramData\Datadog\datadog.yaml -Raw) -replace '# logs_enabled: false','logs_enabled: true') | Set-Content -Path C:\ProgramData\Datadog\datadog.yaml | |
| (Add-Content C:\ProgramData\Datadog\datadog.yaml "`nprocess_config:`n enabled: true" ) | |
| # Delete Datadog agent .msi & .NET tracer agent v1.13x64 | |
| (Remove-Item -Path c:\datadog-agent-7-latest.amd64.msi) | |
| (Remove-Item -Path c:\datadog-dotnet-apm-1.13.0-x64.msi) | |
| # Configure win32_event_log | |
| echo "init_config: | |
| instances: | |
| - type: | |
| - Information | |
| - Critical | |
| - Error | |
| - Warning | |
| - Information | |
| - Audit Failure | |
| - Audit Success | |
| log_file: | |
| - Application | |
| - System | |
| - Security | |
| - Application | |
| - Setup | |
| - Symantec Endpoint Protection Client | |
| logs: | |
| - type: windows_event | |
| channel_path: Application | |
| source: Application | |
| service: Application | |
| sourcecategory: windowsevent | |
| - type: windows_event | |
| channel_path: Security | |
| source: Security | |
| service: Security | |
| sourcecategory: windowsevent | |
| - type: windows_event | |
| channel_path: System | |
| source: System | |
| service: System | |
| sourcecategory: windowsevent | |
| - type: windows_event | |
| channel_path: Setup | |
| source: Setup | |
| service: Setup | |
| sourcecategory: windowsevent" > C:\ProgramData\Datadog\conf.d\win32_event_log.d\conf.yaml |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment