Linux Binary
This guide provides a secure, best-practice approach to installing and configuring the Qtap agent on Linux systems, independent from Qplane.
Prerequisites
Before installation, verify your environment's compatibility:
curl -sSL https://github.com/qpoint-io/preflight/releases/latest/download/preflight.sh | sudo bashRequirements:
Linux host with kernel version 5.10+
x86_64 or arm64 architecture
Root/sudo access
Installation Methods
Automated Installation
The quickest way to install or update Qtap is via our installation script, which places Qtap into your path:
curl -s https://get.qpoint.io/install | sudo shQuick test (runs with default settings):
sudo qtapRunning sudo qtap without a configuration file starts Qtap with default settings (captures all egress traffic to stdout). This is useful for quick tests, but not recommended for production. You'll want to create a configuration file to:
Control what traffic to capture (filters, endpoints, direction)
Configure storage destinations (S3, Axiom, etc.)
Set up selective capture with rules (errors only, specific domains)
Define processing plugins and capture levels
See Configuration below and Configuration Documentation for details.
Manual Installation
For more control, you can manually install the binary:
Download the appropriate binary for your architecture:
Extract and install the binary:
Test the installation:
This runs Qtap with default settings. Press
Ctrl+Cto stop.
Default behavior: Running sudo qtap without arguments uses built-in defaults (captures all egress traffic to stdout). While this works for testing, you should create a configuration file before production use to control capture behavior, storage destinations, and processing rules.
Configuration Setup
Why you need a configuration file:
Qtap's configuration file (qpoint.yaml) allows you to:
Control what to capture: Filter by process, domain, direction (egress/ingress)
Define storage: Send data to S3, Axiom, or other destinations instead of stdout
Selective capture: Use rules to capture only errors, specific endpoints, or traffic patterns
Processing control: Choose capture levels (summary/details/full) and formats (text/json)
Without a config file, Qtap captures everything to stdout with no filtering - rarely what you want in production.
Configuration resources:
Quick start configs: 5-Minute Quickstart
Progressive tutorial: Complete Guide: Hello World to Production
Full reference: Configuration Documentation
Examples: Configuration Examples
Creating Your Configuration File
Create a standard configuration directory with appropriate permissions:
Create your configuration file:
Set appropriate permissions:
For sensitive credentials (if applicable), create a separate environment file:
Add any sensitive environment variables to this file:
Running as a Systemd Service
Create a systemd service file:
Reload systemd, enable and start the service:
Verification
Check the service status:
Verify the running version:
Monitor the logs:
Updating Qtap Service
Installation Script
The quickest way to update Qtap is via our installation script:
Stop the service:
Download and install the new version:
Restart the service:
Verify the update:
Manually
Stop the service:
Download and install the new version:
Restart the service:
Verify the update:
Configuration Management Best Practices
Version Control: Track configuration changes in a version control system
Regular Backups: Include
/etc/qtapin your backup strategyConfiguration Reviews: Implement a review process for configuration changes
Automation: Consider using configuration management tools (Ansible, Chef, Puppet) for deployment
Remember that Qtap requires root permissions to work properly due to its use of eBPF for traffic monitoring.
Last updated