> ## Documentation Index
> Fetch the complete documentation index at: https://docs.rad.security/llms.txt
> Use this file to discover all available pages before exploring further.

# Standalone RAD Security Runtime Sensor

> Run the RAD Security runtime sensor outside of a Kubernetes cluster

This guide explains how to set up and run `micro-agent` and `micro-exporter` in standalone mode outside a Kubernetes cluster.

## Docker Compose Configuration

Create a `docker-compose.yml` file with the following configuration:

```yaml theme={null}
services:
  agent:
    image: public.ecr.aws/n8h5y2v5/rad-security/rad-runtime:v0.1.2
    entrypoint: micro-agent
    cap_add:
      - BPF
      - PERFMON
      - SYS_ADMIN
      - SYSLOG
      - SYS_PTRACE
      - SYS_RESOURCE
      - IPC_LOCK
      - NET_ADMIN
      - NET_RAW
    security_opt:
      - seccomp:unconfined
      - apparmor:unconfined
    pid: host
    volumes:
      - /bin:/host/bin:ro
      - /etc:/host/etc:ro
      - /opt:/host/opt:ro
      - /usr:/host/usr:ro
      - /proc:/host/proc
      - /run:/host/run
      - /sys/fs/cgroup:/host/sys/fs/cgroup:ro
      - /sys/kernel/debug:/sys/kernel/debug:rw
      - /sys/kernel/tracing:/sys/kernel/tracing:rw
      - /sys/fs/bpf:/sys/fs/bpf:rw
      - /run/systemd:/host/run/systemd
    environment:
      AGENT_LOG_LEVEL: info
      AGENT_PROC_DIR: /host/proc
      AGENT_DOCKER_SOCKET: /host/run/docker.sock
      AGENT_CONTAINERD_SOCKET: /host/run/containerd/containerd.sock

  exporter:
    image: public.ecr.aws/n8h5y2v5/rad-security/rad-runtime:v0.1.2
    entrypoint: micro-exporter
    network_mode: host
    environment:
      EXPORTER_LOG_LEVEL: info
      EXPORTER_PROVIDER_KSOC_ENABLED: "true"
      EXPORTER_PROVIDER_KSOC_API_URL: ${EXPORTER_PROVIDER_KSOC_API_URL}
      EXPORTER_PROVIDER_KSOC_API_ACCESS_KEY_ID: ${EXPORTER_PROVIDER_KSOC_API_ACCESS_KEY_ID}
      EXPORTER_PROVIDER_KSOC_API_SECRET_KEY: ${EXPORTER_PROVIDER_KSOC_API_SECRET_KEY}
```

## Setup Steps

### Step 1: Configure API Credentials

Obtain your access key ID and secret key from the RAD UI, then set the following environment variables:

```bash theme={null}
export EXPORTER_PROVIDER_KSOC_API_URL=https://api.rad.security
export EXPORTER_PROVIDER_KSOC_API_ACCESS_KEY_ID=<your-access-key-id>
export EXPORTER_PROVIDER_KSOC_API_SECRET_KEY=<your-secret-key>
```

<Note>
  Additional configuration options include log level settings (debug, info, error) and enabling stdout logging via `EXPORTER_PROVIDER_STDOUT_ENABLED`.
</Note>

### Step 2: Deploy Services

```bash theme={null}
docker compose up -d
```

### Step 3: Verify Containers

Use `docker ps` to confirm both agent and exporter containers are running:

```bash theme={null}
docker ps
```

### Step 4: Monitor Logs

Use `docker logs` to review container output and verify proper initialization:

```bash theme={null}
docker logs <container-id>
```

You should see logs indicating successful initialization, including diagnostic data, tracer configuration, and gRPC server startup information.