Recently SentinelOne started to sign the RPM agent package. This is good if you like to use dnf for package management.
I did small changes to the Ansible script provided by S1, so it can work with dnf instead of rpm command.
Ansible is a great way to manage our SentinelOne agents on medium to large deployments.

This Playbook support the following OS:

  • Red Hat
  • CentOS
  • Rocky Linux
  • Fedora
  • Debian
  • Ubuntu
- hosts: s1-endpoints
  name: Install SentinelOne Linux agent
  vars:
    rpm_agent_installer_url: URL_TO_SIGNED_RPM_AGENT_PACKAGE
    registration_token: "YOUR_TOKEN"

  tasks:
  - name: Get dmesg
    ansible.builtin.command: dmesg
    register: dmesg_output

  - name: Assert that host is stable
    ansible.builtin.assert:
      that:
        - "'FUNCTION TRACING IS CORRUPTED' not in dmesg_output.stdout"
      fail_msg: 'System Instability Detected'

  - name: Check that the sentinelctl exists
    ansible.builtin.stat:
      path: /opt/sentinelone/bin/sentinelctl
    become: true
    register: sentinelctl_exists

  - name: Create temporary folder to place the installer
    file:
      path: /tmp/sentinel_installer
      state: directory
      mode: '0755'
    when: sentinelctl_exists.stat.exists == False

  - name: Get SentinelAgent RPM package from remote location
    get_url:
      url: "{{ rpm_agent_installer_url }}"
      dest: "/tmp/sentinel_installer/sentinelone_installer.rpm"
      mode: '0777'
    when: sentinelctl_exists.stat.exists == False and (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == "Rocky") and ansible_facts['distribution_version'] is version( '6.4', '>=')

  - name: Install the Linux Agent on Red Hat based distro
    dnf:
      name: /tmp/sentinel_installer/sentinelone_installer.rpm
      state: present
    become: true
    become_user: root
    become_method: sudo
    when: sentinelctl_exists.stat.exists == False and (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == "Rocky") and ansible_facts['distribution_version'] is version( '6.4', '>=')

  - name: Apply the registration token to the agent
    command: /opt/sentinelone/bin/sentinelctl management token set {{ registration_token }}
    become_user: root
    become_method: sudo
    become: true
    when: sentinelctl_exists.stat.exists == False

  - name: Start the SentinelOne agent
    command: /opt/sentinelone/bin/sentinelctl control start
    become_user: root
    become_method: sudo
    become: true

  - name: Delete the installer folder
    file:
      path: /tmp/sentinel_installer
      state: absent
    become_user: root
    become_method: sudo
    become: true

And you can easily run the script like:

ansible-playbook -i hosts s1-deployment.yml

Remember to specify the endpoints in the hosts file within the s1-endpoints group.

If you need support or licenses in US and Germany you can always contact us support@gonkar.com.