Agent Smith configuration overview

Agent Smith consists of three main components:

  • An Open Source agent written in Python in the Rewst GitHub

  • The Microsoft Azure IoTHub service

  • Rewst Crates to configure the IoTHub and interact with agents

Agent Smith operates as an Azure IoT Hub instance, integrated with Rewst workflows for command communication to endpoint agents. The agent software, running as a Windows Service on devices, registers via a webhook trigger in Rewst, creating an IoT Hub entry and receiving configuration data.

Set up Agent Smith

For the Azure Integration to work, you’ll need to have an Azure Subscription that includes a Keyvault.

The Rewst integration user setup for the Microsoft Cloud Bundle may require you to adjust permissions for your Azure subscription.

  1. Install and authorize our Microsoft Cloud Integration Bundle by navigating to Configuration > Integrations in the Rewst platform. This bundle contains an integration for Microsoft Azure.

    1. Our setup instructions for the bundle can be found here.

    2. Setup instructions for just the Azure integration can be found here.

  2. Navigate to Crates > Crate Marketplace in the Rewst platform. NOTE: You'll need to install the below Crates in order for Agent Smith setup to complete.

    1. Search for and install the Agent Smith: Device Provisioning Crate.

    2. Search for and install the Agent Smith: Service Provisioning Crate. Unpacking this Crate will install a form named Agent Smith: Service Configuration.

  3. Navigate to the live Agent Smith: Service Configuration form and choose Action: Create IoT Hub Instance from the Action drop down menu.

  4. Select the proper Azure Subscription, Azure Location, type in a unique IoT Hub Name, and select the desired IoT Hub Service Tier.

  5. Submit the form and monitor workflow results for success.

4. Workaround for installation bug

  • Agent Registration Workflow: Update the secret key in the trigger configuration.

    • Open Agent Smith: Agent Registration Workflow.

    • Update the Agent Smith Registration Webhook Trigger.

  • In the dropdown selector for Secret Key choose iothub_registration_secret

Provision agents

  1. Return to the same Agent Smith: Service Configuration form and choose Display Agent Configuration Instructions.

  2. Choose your Registration Organization. The form will display instructions for using PowerShell to configure the Agent for that organization. It also shows how the ORG ID is filled in. If desired, you could use an existing RMM to deploy the agent using variables.

Only Up-to-date versions of PowerShell have been tested to work. Make sure your devices are updated! We suggest you provision one or a few agents to test with before doing mass provisioning.

Test Agent Smith

  1. Return to the form and choose Run PowerShell Code on Agent

  2. Type some PowerShell code into the Type your PowerShell Here field, or use what's pre-filled.

  3. Monitor the workflow status to see the agent return data.

  • Agent Smith uses the Microsoft Azure integration. You'll need to add that as an integration override to any workflows which will use it.

  • This includes anything that calls the Run PowerShell subworkflows, such as New Employee, etc.

Agent Smith: Track Agent Inventory In Azure Tables Crate

This Crate will add some additional capabilities to your Agent Smith Deployments. Using it is optional.

Crate features include:

  • Using Azure Tables to store additional information about your agent endpoints

  • Automatic agent data collection check-ins including installed applications and service, via Task Scheduler

  • Automatic restart of the agent if the Service stops, via Task Scheduler

Uninstall Agent Smith

Windows

Agent Smith installs itself as a service. You can use PowerShell or the SC command to modify or remove the service. Application logs and data are installed in C:\ProgramData\RewstRemoteAgent or whatever root path you've overridden in your environment. Application Program files are in %ProgramFiles%\RewstRemoteAgent folders.

Troubleshoot Agent Smith

  • Ensure admin-level account setup, so the service will install as SYSTEM.

  • Verify the recent MS PowerShell version on your devices.

  • Ensure that no firewalls are preventing communications with Rewst or your IoT Hub. Check our Rewst Security Configuration Page for details.

  • Ensure that endpoint security software is not preventing executions or comms.

  • Check device connectivity to Azure IoT Hub via MQTT: <your_iothub_name>.azure-devices.net:8883.

  • Get packet captures from the agent while workflows are running. This can help us determine if the agent is properly communicating with the IoT Hub and/or the Rewst engine.

Agent Smith Support

In your Discord server, the #agent-smith channel is your first stop for help with setting up and running Agent Smith. Post your questions and share your successes for how you're using Agent Smith to save time.

Agent Smith FAQs

  • Am I allowed to customize Agent Smith?

  • Will new features be added? Can you add Feature X?

    • Our focus for Agent Smith is on simplicity. Consider adding additional functionality by writing a PowerShell script and kicking it off with a workflow.

  • Does Rewst provide Agent Smith support for older operating systems?

    • No, support for outdated OS is not available.

  • Will there be MacOS and Linux support?

    • Eventually! If you feel strongly about the timeline for this, add it to our Canny feature request form here.

  • I want to deploy agents to my endpoints in bulk. How should I prepare?

    • View the separate guide for how to do this here.

PreviousAgent SmithNextDeploy Agent Smith with ImmyBot

Last updated

Was this helpful?