Install the agent

The agent is a single, dependency-free binary. It only makes outbound connections to your control plane — it never opens a port on the server, so there’s nothing to expose to the network.

Download the binary

Download the signed agent for each platform from your dashboard’s downloads page, then copy it to each server:

# the downloads page provides a per-platform binary:
#   lookout-agent          Linux   (amd64 / arm64)
#   lookout-agent.exe      Windows (amd64)
#   lookout-agent-macos    macOS   (Apple Silicon / Intel)

Linux (systemd)

Works on Ubuntu, Debian, RHEL, Rocky, CentOS, and AlmaLinux. Copy the binary, then create a service:

sudo cp lookout-agent /usr/local/bin/

sudo tee /etc/systemd/system/lookout-agent.service >/dev/null <<'EOF'
[Unit]
Description=Lookout agent
After=network-online.target

[Service]
Environment=LOOKOUT_TOKEN=your-secret
ExecStart=/usr/local/bin/lookout-agent run --server https://monitor.example.com
Restart=always
RestartSec=10
DynamicUser=yes

[Install]
WantedBy=multi-user.target
EOF

sudo systemctl daemon-reload
sudo systemctl enable --now lookout-agent

DynamicUser=yes runs the agent as an unprivileged, isolated user — least privilege by default.

Windows (service)

Run PowerShell as Administrator. Use the built-in service manager:

Copy-Item lookout-agent.exe C:\Program Files\Lookout\lookout-agent.exe

# create the service (set the token as a machine env var first)
[Environment]::SetEnvironmentVariable("LOOKOUT_TOKEN","your-secret","Machine")
sc.exe create LookoutAgent binPath= ""C:\Program Files\Lookout\lookout-agent.exe" run --server https://monitor.example.com" start= auto
sc.exe start LookoutAgent

macOS (launchd)

sudo cp lookout-agent-macos /usr/local/bin/lookout-agent

sudo tee /Library/LaunchDaemons/dev.lookout.agent.plist >/dev/null <<'EOF'
<?xml version="1.0" encoding="UTF-8"?>
<plist version="1.0"><dict>
  <key>Label</key><string>dev.lookout.agent</string>
  <key>ProgramArguments</key>
  <array>
    <string>/usr/local/bin/lookout-agent</string>
    <string>run</string><string>--server</string><string>https://monitor.example.com</string>
  </array>
  <key>EnvironmentVariables</key><dict><key>LOOKOUT_TOKEN</key><string>your-secret</string></dict>
  <key>RunAtLoad</key><true/><key>KeepAlive</key><true/>
</dict></plist>
EOF

sudo launchctl load /Library/LaunchDaemons/dev.lookout.agent.plist

Verify

Within a minute the server appears in your dashboard. To check locally, run a one-off report:

lookout-agent report   # prints the JSON the agent would send

What the agent collects

  • Host: hostname, OS/platform/version, kernel, architecture, uptime.
  • Specs: CPU model + cores, memory, load average, disk usage.
  • Packages: installed packages (dpkg/rpm, Homebrew/pkgutil, Windows registry).
  • Services: running/stopped services (systemd, launchd, Windows services).

It reads OS-native sources only and never collects your secrets or file contents.