Home Services Areas Served Threat Intelligence FAQ Contact Client Login Free Security Check
Documentation

Quick Start Guide

Go from zero to fully protected in under 60 seconds. One command installs the agent, enrolls it, and starts collecting security events.

1. Install the Agent

Choose your platform and run the installer. The agent will download, configure, and start automatically.

Linux (Ubuntu, Debian, CentOS, RHEL, Amazon Linux)

bash 
curl -fsSL https://getprometheus.io/install.sh | sudo bash -s -- \
  --token YOUR_ENROLLMENT_TOKEN \
  --api-url https://api.getprometheus.io

Windows (Server 2016+, PowerShell 5.1+)

powershell 
irm https://getprometheus.io/install.ps1 | iex -Args `
  "-Token YOUR_ENROLLMENT_TOKEN" `
  "-Server https://api.getprometheus.io"

Tip: Get your enrollment token from the admin dashboard under Fleet → Enrollment Tokens. Tokens can be scoped per environment and set to expire.

2. Verify Installation

After installation, verify the agent is running and enrolled:

bash 
# Linux: Check service status
sudo systemctl status prometheus-agent

# Windows: Check service status
sc query prometheus-agent

# Both: Run health check
prometheus-agent --health

You should see the agent in your admin dashboard within 30 seconds. The health score should be 90+ for a healthy agent.

3. Configuration Reference

The agent reads its configuration from agent.env in its installation directory.

Variable Description Default
PROMETHEUS_SERVER API server URL https://api.getprometheus.io
ENROLLMENT_TOKEN Token for initial enrollment
CLIENT_ID Client ID (auto-set after enrollment) Auto-assigned
SECRET_KEY HMAC secret (auto-set after enrollment) Auto-assigned
HEARTBEAT_INTERVAL Heartbeat frequency in seconds 30
COLLECT_INTERVAL Data collection frequency in seconds 10
LOG_LEVEL Logging verbosity (DEBUG, INFO, WARNING, ERROR) INFO
QUEUE_MAX_SIZE Maximum events in offline queue 10000
AUTO_UPDATE Enable/disable automatic updates true

4. API Documentation

The Prometheus API uses HMAC authentication. All endpoints require a valid API key and signature.

Detection API

Query detections, get evidence bundles, submit analyst feedback, and manage threat events.

GET /api/v2/detections

Fleet API

List agents, create enrollment tokens, manage policies, and monitor fleet health.

GET /api/v2/agents

Models API

View model performance, training history, shadow scores, and promote/rollback models.

GET /api/v2/models

Billing API

Manage subscriptions, view invoices, track usage, and access the billing portal.

GET /api/billing/subscription

HMAC Authentication: Every API request must include X-API-Key, X-Timestamp, and X-Signature headers. Signatures use HMAC-SHA256 with a 300-second time window.

5. Troubleshooting

  • Verify your enrollment token hasn't expired (check admin dashboard)
  • Ensure the server URL is reachable: curl -s https://api.getprometheus.io/api/health
  • Check the agent log: journalctl -u prometheus-agent -n 50 (Linux) or Event Viewer (Windows)
  • Verify port 443 outbound isn't blocked by a firewall
  • High queue depth: The agent can't reach the server. Check network connectivity and DNS resolution.
  • Send failures: API returning errors. Check server status page or contact support.
  • Stale heartbeat: The agent process may have stopped. Restart the service.
  • Normal agent CPU usage is <1%. If higher, check if the queue is backed up (large queue = more compaction work).
  • Memory usage should stay under 50 MB. If higher, ensure you're running the latest agent version.
  • Increase COLLECT_INTERVAL to reduce collection frequency on resource-constrained servers.
bash 
# Linux
sudo systemctl stop prometheus-agent
sudo systemctl disable prometheus-agent
sudo rm -rf /opt/prometheus-agent

# Windows (Admin PowerShell)
sc.exe stop prometheus-agent
sc.exe delete prometheus-agent
Remove-Item -Recurse "C:\ProgramData\PrometheusAgent"

Need Help?

Our team is here to help you get set up. Reach out via email or join our community Discord.

Contact Support Join Discord