Before beginning this procedure, make sure your machine is Docker-ready, and can be logged in to Chronicle SOAR.

To deploy the Docker container:

  1. Log into the machine using putty.
  2. Enter your username and password.
  3. Log into the Docker hub with the following command. Note that you have to create a user in the Docker hub first and use this name and password to log in here. There is no need for special permissions.
    docker login -u <username> -p <password>
  4. In the platform. navigate to Settings > Advanced > Remote Agents.
  5. Click the plus icon on the top right of the screen to open the Installation process.
  6. Select the option to deploy the Agent on a Docker.
  7. In the first step, add the name of the Agent and choose the environment it will be installed on. Note that if you have configured more than one Publisher, you will be given the option to select the Publisher.
  8. In the second step, double click to copy the Docker command and paste as is into the machine.
  9. When the deployment has finished, click Next in the platform to perform a connectivity check with your new agent. A success screen will display. If something has gone wrong, a failure screen will display instead which provides helpful links for troubleshooting.
  10. Click Done. The Agent is added. (Note that the Send Now column is not relevant for your needs at this time.)