Snare is available as a self installing package that enables it to be installed and removed with relative ease on macOS systems.

There are two methods to install the Snare macOS Agent binary package. The first method uses the graphical macOS environment, the second method uses the command line installer.

To install the Snare for macOS using binary package installer

Right-click the downloaded package Snare-macOS-11-Agent-v5.6.1-Universal.pkg and select Open.
Follow the on screen instructions. This will install Snare for macOS and configure the macOS audit sub-system.
Restart the machine

To install the Snare for macOS using the command line

Logon as root user, i.e. at the command prompt enter the command:
sudo -s
and enter the root password when prompted.
Issue the command, as root:
```
installer -pkg Snare-macOS-11-Agent-v5.6.1-Universal.pkg -target /
```
Note: version <5.6.1
```
installer -pkg Snare-macOS-10.14-SUPP-5.3.0.pkg -target /
```
This will install Snare for macOS and start/restart the audit daemon (auditd).
Restart the machine

Note: default configuration file snare.conf will be created in /etc/security/ directory.

Browser not supported