What is Expanso and how does it work?

Expanso is a managed platform for deploying intelligent data pipelines at the edge. It processes data where it's generated - reducing bandwidth, latency, and costs. You deploy lightweight agents on your infrastructure, build pipelines using our visual builder or YAML, and control everything from a central SaaS platform.

Can I run AI/ML models directly in my data pipelines?

Yes! Expanso supports running ONNX, TensorFlow Lite, and other models as native pipeline steps. Execute low-latency inference on streaming data, enrich events with model outputs (like risk scores), and make decisions at the edge without cloud round-trips.

How many pre-built components are available?

Expanso provides 200+ pre-built components including inputs (Kafka, HTTP, files), processors (transformations, filtering, PII masking, aggregations), and outputs (S3, Snowflake, Datadog, Splunk). Browse the complete catalog in our Component Reference.

Do I need to write code to build pipelines?

No - use our drag-and-drop visual pipeline builder to create sophisticated pipelines without code. For advanced use cases, you can also write pipelines in YAML or use the Bloblang transformation language for complex data mappings.

How does Expanso help with data governance and compliance?

Expanso includes built-in governance features: automatic PII detection and masking, policy enforcement at the edge, RBAC, SSO integration, and comprehensive audit trails. Mask sensitive data before it ever leaves your network.

Permission Denied After Bootstrap

Getting errors like "can't write to /var/lib/expanso/edge" when running the edge agent? This usually means you bootstrapped with sudo but are trying to run without it.

Why This Happens

The edge agent stores credentials in system directories that require elevated permissions:

/var/lib/expanso/edge - Main data directory
/var/lib/expanso/edge/state - Pipeline state
/var/lib/expanso/edge/metrics - Metrics storage
/var/lib/expanso/edge/temp - Temporary files
/var/lib/expanso/edge/auth - Authentication credentials
/var/lib/expanso/edge/config.d - Configuration files

Solutions

Option 1: Use sudo consistently

Run both bootstrap and run with sudo:

sudo expanso-edge bootstrap --token YOUR_TOKEN
sudo expanso-edge run

Best for: Running as a system service or system-wide installation.

Option 2: Use --data-dir for a user directory

Specify a writable location in your home directory:

# Bootstrap with custom directory
expanso-edge bootstrap --token YOUR_TOKEN --data-dir ~/.expanso/edge

# Run with same directory
expanso-edge run --data-dir ~/.expanso/edge

Best for: Running as regular user, development, or testing.

tip

Set the EXPANSO_DATA_DIR environment variable to avoid repeating the flag:

export EXPANSO_DATA_DIR=~/.expanso/edge
expanso-edge bootstrap --token YOUR_TOKEN
expanso-edge run

Option 3: Fix permissions manually

Create directories with proper ownership:

# Create directories
sudo mkdir -p /var/lib/expanso/edge/{state,metrics,temp,auth,config.d}

# Change ownership to your user
sudo chown -R $USER:$USER /var/lib/expanso/edge

# Now you can run without sudo
expanso-edge run

Best for: Using system directory but running as regular user.

Re-bootstrapping

If you already bootstrapped with wrong permissions, you may need to re-bootstrap:

# Option 1: Bootstrap to new location
expanso-edge bootstrap --token NEW_TOKEN --data-dir ~/.expanso/edge

# Option 2: Fix permissions and keep existing credentials
sudo chown -R $USER:$USER /var/lib/expanso/edge
expanso-edge run

note

Bootstrap tokens are typically single-use. Generate a new token from Expanso Cloud if needed.

Automatic Credential Detection

The edge agent detects if credentials exist in a different data directory. Instead of a generic "bootstrap required" error, you'll see where the credentials were found:

Error: credentials not found in /home/user/.expanso/edge, but exist in /var/lib/expanso/edge
Hint: Either run with: expanso-edge run --data-dir /var/lib/expanso/edge
      or re-bootstrap with: expanso-edge bootstrap --token ... --data-dir /home/user/.expanso/edge

Why This Happens​

Solutions​

Option 1: Use sudo consistently​

Option 2: Use --data-dir for a user directory​

Option 3: Fix permissions manually​

Re-bootstrapping​

Automatic Credential Detection​