Chat now with support
Chat with Support

Foglight Agent Manager 6.1.0 - Foglight Agent Manager Guide

Configuring the embedded Agent Manager Installing external Agent Managers
Understanding how the Agent Manager communicates with the Management Server Deploying the Agent Manager cartridge Downloading the Agent Manager installer Installing the Agent Manager Starting or stopping the Agent Manager process Frequently asked questions
Configuring the Agent Manager Advanced system configuration and troubleshooting
Configuring Windows Management Instrumentation (WMI) Configuring Windows Remote Management (WinRM) UNIX- and Linux-specific configuration
Monitoring the Agent Manager performance Deploying the Agent Manager to large-scale environments

Reviewing application event logs

WinRM logs activity to an event log on the target machine. This includes both success and failure messages for authentication.

1
On the target machine, right-click My Computer and select Manage.
2
In the navigation tree on the left, choose System Tools > Event Viewer > Applications and Services Logs > Microsoft > Windows > Windows Remote Management > Operational.
The default Operational log contains the most common events.
1
Click View.
2
Click Show Analytic and Debug Logs.
4
Select Enable Log.

Enabling connection type debugging

If the only information you are interested in is the types of connections that are being established, there is a command-line setting that enables logging the connection types.

Run the Agent Manager with the following switch:

-Dquest.debug.windowsinfo.types

UNIX- and Linux-specific configuration

This contains platform-specific configuration information for configuring the Foglight Agent Manager on UNIX® or Linux®.

If your database is installed on an HP-UX server, regardless of the operating system, see Using the HP patch checking tool .

This section provides solutions for the following issues:

Agent Manager service can't start automatically when the operating system restarts

When the Agent Manager service is running in the following platforms, it might not be able to start automatically when the operating system restarts.

CentOS Linux

8.0

8.1

8.2

Red Hat Linux

8.1

8.2

Oracle Linux

8.0

8.1

8.2

SLES Linux

15

15 SP1

15 SP2

Use the ausearch utility to check the Access Vector Cache (AVC) messages and see if SELinux denies any of the FglAM actions:

# ausearch -m AVC,USER_AVC -ts today
time->Wed Nov 4 11:18:11 2020 type=AVC msg=audit(1604459891.164:117): avc: denied { open } for pid=1311 comm="fglam" path="/root/ 5981fips/jre/1.8.0.265/jre/lib/jce.jar" dev="dm-0" ino=11429653 scontext=system_u:system_r:init_t:s0 tcontext=unconfined_u:object_r:admin_home_t:s0 tclass=file permissive=1

The -m option specifies what kind of information ausearch returns. The -ts option specifies the time stamp. For example, -ts today returns messages from the whole day.

a
Open the /etc/selinux/config file and change SELinux mode to permissive. Using permissive mode will force SELinux to accept all FglAM actions. SELinux will log all the denials regarding to FglAM actions that would have been denied in enforcing mode, by identifying them one at a time as the FglAM gets permissions granted individually.
d
Use the 'journalctl -t setroubleshoot --since= [time]' utility to view more information about the AVC message:
# journalctl -t setroubleshoot --since=11:18
– Logs begin at Tue 2020-11-03 10:37:14 CST, end at Wed 2020-11-04 11:19:27 CST. – Nov 04 11:18:30 centos82-s1 setroubleshoot[1416]: SELinux is preventing quest-fglam from execute access on the file fglam. For complete SELinux messages run: sealert -l 06149362-e530-4f52-a081-53751a98eab7
Replace [time] with the machine restart time.
e
Use the 'sealert -l [AVC message ID]' utility to further inspect the AVC message:
g
Repeat Step e to Step f for all FglAM action denials AVC messages found in Step d.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating