Skip Navigation

Create a configuration file for the
agent installation

Before you install the
CylancePROTECT Desktop
agent on
devices, you must create configuration file which is used to register the device with your
Cylance Endpoint Security
tenant and define local agent settings.  After the installation of the agent, the configuration file is removed from the device.  
CylancePROTECT Desktop
to only contain line feed as a line ending. If you are creating the file from a DOS/Windows computer, the line ending includes carriage return and line feed. For instructions on how to convert the config_defaults.txt file to a proper format, visit to read article 65749.
  1. In the
    directory, create the
  2. Edit the file with the following information. 
    InstallToken=YOUR_INSTALL_TOKEN SelfProtectionLevel=2 LogLevel=2 VenueZone=ZONE_NAME UiMode=2 AWS=1
    • Replace
      with the installation token from the management console.
    • Replace
      with the name of the zone that you want to add the device to. If the specified zone doesn't exist in the console, it will be automatically created.
    This field is required and specifies the
    Cylance Endpoint Security
    tenant that you want the device to register with. Use the installation token from the
    Settings > Application
    menu in the management console.
    This setting restricts the level of access to the Cylance Service and folders.
    • 1
      : Only Local Administrators can make changes to the registry and services.
    • 2
      : Only the System Administrator can make changes to the registry and services.
    The default setting is "2".
    This setting specifies the level of information gathered in the debug logs.
    • 0
      : Error
    • 1
      : Warning
    • 2
      : Information
    • 3
      : Verbose
    The default setting is "2". If verbose logging is selected, the file size of the log grows quickly.
    This setting specifies the zone that you want to add the device to.
    • If the specified zone name does not exist in the console, the zone is created using the name provided.
    • If the zone name or device name leads or ends with whitespace (for example, " Hello" or  "Hello "), it is removed during device registration. Tabs, carriage returns, newlines, or other invisible characters are not permitted.
    • Zone names cannot contain an equal sign (=). For example, "Hello=World" is not permitted.
    This setting specifies the agent user interface mode when the system starts.
    • 1
      : Minimal user-interface
    • 2
      : Full user-interface
    The default setting is "2".
    This setting specifies that the agent is running on an
    Amazon Web Services
    host. By default, the device's hostname is used as the Device Name in the management console. Enable this setting to allow the agent to capture the Instance ID from the host and store it with the hostname to the Device Name field in the console. This setting makes sure that each agent on a
    Amazon Web Services
    host reports a unique device name to the management console.
    : Enable the agent to capture the Instance ID.
    The Device Name is modified to include Hostname + Instance ID. The instance ID is denoted with the "i-" prefix.
    ABC-DE-123456789_i-0a1b2cd34efg56789 where the device name is ABCDE- 12345678 and the AWS EC2 ID is i-0a1b2cd34efg56789.