Skip to content
Start here

Install and First Run

Install InnerWarden on a Linux server with one command and verify it comes up in a safe observe-only, dry-run posture.

Install and First Run

For: a new user who wants InnerWarden running on a Linux server, safely, in the next ten minutes.

InnerWarden installs with one command. It comes up in observe-only, dry-run mode: it watches the machine, explains what it sees, and blocks nothing until you decide it should. You can read this page top to bottom and have a working, healthy install before you ever touch a config file.

curl -fsSL https://innerwarden.com/install | sudo bash

That is the whole install. Linux gets the full feature set (eBPF needs a reasonably recent kernel and root or CAP_BPF); macOS gets a lighter build. No toolchain, no cloud account, no control plane to sign up for. Your data and your audit trail stay on the box.


What the installer does

It is a normal shell script and you can read it before you run it (it is the install.sh published at https://innerwarden.com/install, also in the public releases repo). In order, it:

  1. Downloads the pre-built binaries for your architecture (x86_64 or aarch64), with the eBPF programs embedded, and verifies their SHA-256 before installing them to /usr/local/bin. There is nothing to compile on the box.
  2. Creates a dedicated innerwarden service user (unprivileged) and the data directory at /var/lib/innerwarden.
  3. Writes the config to /etc/innerwarden/ (config.toml for the sensor, agent.toml for the agent).
  4. Installs and starts the two services: innerwarden-sensor and innerwarden-agent (systemd on Linux, launchd on macOS). The agent hosts the dashboard, triage, and notifications.
  5. Provisions the on-device Local Warden model (a ~91 MB classifier) so you get AI triage with no API key and no per-call cost. Opt out with INNERWARDEN_NO_WARDEN=1 if the box has no internet egress.
  6. Drops a copy of the agent guide on-box at /etc/innerwarden/AGENTS.md so a coding agent can read it and help you configure things. See Connect Your Agent.

It deliberately leaves InnerWarden in a safe posture: detection and logging are on, response skills are off, and dry_run = true. Nothing gets blocked, killed, or suspended until you arm it.

Install variants

  • Unattended / scripted: the installer takes flags. See them with curl -fsSL https://innerwarden.com/install | sudo bash -s -- --help.
  • Try the flow without touching the system: bash install.sh --simulate runs the whole thing as a dry run (no install, no service changes).
  • Build from source: available only to customers with a source-access licence; standard installs use the signed pre-built binaries.
  • Remove it later: innerwarden uninstall (add --purge to also drop config and data). The exact command and its flags live in CLI Reference.

Verify it came up clean

Three commands tell you everything:

innerwarden get status      # are both services healthy, what is each one doing
innerwarden get sensors     # which collectors and eBPF programs are live
innerwarden system doctor   # health checks plus a concrete fix hint for anything wrong
innerwarden --version       # confirm the version you installed

innerwarden get status should show the sensor and the agent both running, and report the day's counts. innerwarden system doctor is the one to trust when something looks off: it does not just say "broken", it tells you the fix. Read its output and act on the hints before you start editing config by hand. (Every command and its flags are documented once, in CLI Reference; this page just points you at the few you need on day one.)

The two services are innerwarden-sensor and innerwarden-agent. The sensor only collects (it never calls AI or the network outbound); the agent is the part that triages, decides, and notifies. How the supervisor keeps them alive, the systemd units, and the permissions they need are all covered in Everyday Operations.


Your safe default posture

A fresh install is in observe-only / dry-run. In plain terms:

  • It is watching the host from firmware up through userspace and recording everything it finds.
  • It is explaining each thing it sees in plain language, with the MITRE technique attached.
  • It is not blocking, killing, or suspending anything. Responses are computed and logged as "this is what I would have done", but never executed.

This is on purpose. You want InnerWarden to learn what normal looks like on this particular machine before it is allowed to act, and you want to look at a few days of its decisions before you trust them. Confirm you are in dry-run any time with innerwarden config responder --dry-run.

Do not rush to arm it. The single most common mistake is to "allowlist everything that is running so it stops flagging", which hands an attacker a permanent free pass, because malware already on the box is also "currently running". The safe way to teach InnerWarden what is normal, and only then arm enforcement, has its own page: Safe Observe and Allowlist. Read it before you turn responses on.


The first things to look at

Once status is green, spend a few minutes here:

  1. See what it is finding. innerwarden get incidents --days 1 shows recent incidents in the terminal. Each one carries a plain-language "what happened and why it matters". If the box is internet-facing, you will probably see scanners and password-guessers within the hour. That is normal background noise.
  2. See what it would do. innerwarden get decisions --days 1 shows the agent's decisions. In dry-run these are the actions it would take. This is the log you read over the next few days to decide whether you trust it.
  3. Open the dashboard. It binds to localhost only (the secure default). Run innerwarden dashboard and it prints the URL plus a ready-to-paste SSH-tunnel command for reaching it from your laptop. The dashboard gives you the same incidents and decisions with charts, timelines, and attacker profiles.
  4. Tune it to this machine (optional, when you are ready). innerwarden system scan audits the host, innerwarden system harden applies safe hardening, and innerwarden system calibrate tunes detector thresholds to this host's normal. Walk through these with Everyday Operations.

Where to go next