Add Custom Agent Tags

Overview

In addition to importing cloud native tags from AWS, Azure, and Google Cloud, you can add custom agent tags to Windows agents. You can use the tags to quickly identify critical assets in the Lacework Console. You can also use the filters in the Lacework Console to review only the assets or applications running on the assets that use a specific tag.

For the Windows agent to be able to retrieve externally-created tags from your AWS EC2 instances, perform the steps in Configure Access to Tags in AWS.

For the Windows agent to be able to retrieve user-defined labels on your Google Compute Engine (GCE) instances, perform the steps in Configure Access to Labels in Google Cloud.

No special configuration is required to enable import of tags from Azure.

Add Custom Agent Tags

To add custom agent tags, add the new tag entries in the config.json file.

1. Log in to your Windows host machine as administrator.
2. Navigate to the C:\ProgramData\Lacework folder and open the config.json file in a text editor.
3. Use the tags property to add your custom agent tags to the config.json file as shown below. If you have previously edited your config.json, you may see more lines than indicated below.

   {
       "tokens": {
           "accesstoken": "Your_Access_Token"
      },
      "serverurl": "Your_API_Endpoint",
      "tags": {
            "test_01": "Value_01",
           "test_02": "Value_02"
      }
   }
4. Save the config.json file.
5. Restart the Windows agent to enable the configuration file changes. For instructions, see Restart Windows Agent.