Update print usage and readme for install script.

CrowdStrike · Jun 4, 2024 · 1fd2fc0 · 1fd2fc0
1 parent 10bd5c9
commit 1fd2fc0
Show file tree

Hide file tree

Showing 2 changed files with 128 additions and 27 deletions.
diff --git a/bash/install/README.md b/bash/install/README.md
@@ -74,22 +74,77 @@ The installer is AWS SSM aware, if `FALCON_CLIENT_ID` and `FALCON_CLIENT_SECRET`
 ### Install
 
 ```terminal
-FALCON_CID                        (default: auto)
-FALCON_CLOUD                      (default: us-1)
-FALCON_SENSOR_VERSION_DECREMENT   (default: 0 [latest])
-FALCON_PROVISIONING_TOKEN         (default: unset)
-FALCON_SENSOR_UPDATE_POLICY_NAME  (default: unset)
-FALCON_INSTALL_ONLY               (default: false)
-FALCON_TAGS                       (default: unset)
-FALCON_APD                        (default: unset)
-FALCON_APH                        (default: unset)
-FALCON_APP                        (default: unset)
-FALCON_BILLING                    (default: default) possible values: [default|metered]
-FALCON_BACKEND                    (default: auto)    possible values: [auto|bpf|kernel]
-FALCON_TRACE                      (default: none)    possible values: [none|err|warn|info|debug]
-ALLOW_LEGACY_CURL                 (default: false)
-GET_ACCESS_TOKEN                  (default: false)   possible values: [true|false]
-FALCON_REMOVE_HOST                (default: true)
+Installs and configures the CrowdStrike Falcon Sensor for Linux.
+
+The script recognizes the following environmental variables:
+
+Authentication:
+    - FALCON_CLIENT_ID                  (default: unset)
+        Your CrowdStrike Falcon API client ID.
+
+    - FALCON_CLIENT_SECRET              (default: unset)
+        Your CrowdStrike Falcon API client secret.
+
+    - FALCON_ACCESS_TOKEN               (default: unset)
+        Your CrowdStrike Falcon API access token.
+        If used, FALCON_CLIENT_ID and FALCON_CLIENT_SECRET are not needed.
+
+    - FALCON_CLOUD                      (default: unset)
+        The cloud region where your CrowdStrike Falcon instance is hosted.
+        Required if using FALCON_ACCESS_TOKEN.
+        Accepted values are ['us-1', 'us-2', 'eu-1', 'us-gov-1'].
+
+Other Options
+    - FALCON_CID                        (default: auto)
+        The customer ID that should be associated with the sensor.
+    
+    - FALCON_SENSOR_VERSION_DECREMENT   (default: 0 [latest])
+        The number of versions prior to the current release to install.
+
+    
+    - FALCON_PROVISIONING_TOKEN         (default: unset)
+        Theprovisioning token to use for installing the sensor.
+    
+    - FALCON_SENSOR_UPDATE_POLICY_NAME  (default: unset)
+    
+    - FALCON_TAGS                       (default: unset)
+        A comma seperated list of tags for sensor grouping.
+    
+    - FALCON_APD                        (default: unset)
+        Configures if the proxy should be enabled or disabled.
+    
+    - FALCON_APH                        (default: unset)
+        The proxy host for the sensor to use when communicating with CrowdStrike.
+
+    - FALCON_APP                        (default: unset)
+        The proxy port for the sensor to use when communicating with CrowdStrike.
+    
+    - FALCON_BILLING                    (default: default)
+        To configure the sensor billing type.
+        Accepted values are [default|metered].
+    
+    - FALCON_BACKEND                    (default: auto)
+        For sensor backend.
+        Accepted values are values: [auto|bpf|kernel].    
+    
+    - FALCON_TRACE                      (default: none)
+        To configure the trace level.
+        Accepted values are [none|err|warn|info|debug]
+    
+    - FALCON_UNINSTALL                  (default: false)
+        To unsinstall the falcon sensor.
+        
+    
+    - FALCON_INSTALL_ONLY               (default: false)
+        To install the falcon sensor without registering it with crowdstrike.
+    
+    - ALLOW_LEGACY_CURL                 (default: false)
+        To use the legacy version of curl; version < 7.55.0.
+    
+    - GET_ACCESS_TOKEN                  (default: unset)
+        Prints an access token and exits.
+        Requires FALCON_CLIENT_ID and FALCON_CLIENT_SECRET.
+        Accepted values are ['true', 'false'].
 ```
 
 ***Examples***:

diff --git a/bash/install/falcon-linux-install.sh b/bash/install/falcon-linux-install.sh
@@ -2,32 +2,78 @@
 
 print_usage() {
     cat <<EOF
-This script installs and configures the CrowdStrike Falcon Sensor for Linux.
+Installs and configures the CrowdStrike Falcon Sensor for Linux.
 
-CrowdStrike API credentials are needed to download Falcon sensor. The script recognizes the following environmental variables:
+The script recognizes the following environmental variables:
+
+Authentication:
+    - FALCON_CLIENT_ID                  (default: unset)
+        Your CrowdStrike Falcon API client ID.
+
+    - FALCON_CLIENT_SECRET              (default: unset)
+        Your CrowdStrike Falcon API client secret.
 
-    - FALCON_CLIENT_ID
-    - FALCON_CLIENT_SECRET
-    or
     - FALCON_ACCESS_TOKEN               (default: unset)
-    - FALCON_CLOUD                      (default: auto)
+        Your CrowdStrike Falcon API access token.
+        If used, FALCON_CLIENT_ID and FALCON_CLIENT_SECRET are not needed.
+
+    - FALCON_CLOUD                      (default: unset)
+        The cloud region where your CrowdStrike Falcon instance is hosted.
+        Required if using FALCON_ACCESS_TOKEN.
+        Accepted values are ['us-1', 'us-2', 'eu-1', 'us-gov-1'].
 
-Optional:
+Other Options
     - FALCON_CID                        (default: auto)
+        The customer ID that should be associated with the sensor.
+    
     - FALCON_SENSOR_VERSION_DECREMENT   (default: 0 [latest])
+        The number of versions prior to the current release to install.
+
+    
     - FALCON_PROVISIONING_TOKEN         (default: unset)
+        Theprovisioning token to use for installing the sensor.
+    
     - FALCON_SENSOR_UPDATE_POLICY_NAME  (default: unset)
+    
     - FALCON_TAGS                       (default: unset)
+        A comma seperated list of tags for sensor grouping.
+    
     - FALCON_APD                        (default: unset)
+        Configures if the proxy should be enabled or disabled.
+    
     - FALCON_APH                        (default: unset)
+        The proxy host for the sensor to use when communicating with CrowdStrike.
+
     - FALCON_APP                        (default: unset)
-    - FALCON_BILLING                    (default: default) possible values: [default|metered]
-    - FALCON_BACKEND                    (default: auto)    possible values: [auto|bpf|kernel]
-    - FALCON_TRACE                      (default: none)    possible values: [none|err|warn|info|debug]
+        The proxy port for the sensor to use when communicating with CrowdStrike.
+    
+    - FALCON_BILLING                    (default: default)
+        To configure the sensor billing type.
+        Accepted values are [default|metered].
+    
+    - FALCON_BACKEND                    (default: auto)
+        For sensor backend.
+        Accepted values are values: [auto|bpf|kernel].    
+    
+    - FALCON_TRACE                      (default: none)
+        To configure the trace level.
+        Accepted values are [none|err|warn|info|debug]
+    
     - FALCON_UNINSTALL                  (default: false)
+        To unsinstall the falcon sensor.
+        
+    
     - FALCON_INSTALL_ONLY               (default: false)
+        To install the falcon sensor without registering it with crowdstrike.
+    
     - ALLOW_LEGACY_CURL                 (default: false)
-    - GET_ACCESS_TOKEN                  (default: false)   possible values: [true|false]
+        To use the legacy version of curl; version < 7.55.0.
+    
+    - GET_ACCESS_TOKEN                  (default: unset)
+        Prints an access token and exits.
+        Requires FALCON_CLIENT_ID and FALCON_CLIENT_SECRET.
+        Accepted values are ['true', 'false'].
+
 EOF
 }