立即与支持人员聊天
与支持团队交流

Foglight Agent Manager 7.3.0 - Foglight Agent Manager Guide

Configuring the embedded Agent Manager Installing external Agent Managers Configuring the Agent Manager Advanced system configuration and troubleshooting
Configuring Windows Management Instrumentation (WMI) Configuring Windows Remote Management (WinRM) UNIX- and Linux-specific configuration
Monitoring the Agent Manager performance Deploying the Agent Manager to large-scale environments

Agent Manager service can't start automatically when the operating system restarts

When the Agent Manager service is running in the following platforms, it might not be able to start automatically when the operating system restarts.

CentOS Linux

8.0

8.1

8.2

Red Hat Linux

8.1

8.2

Oracle Linux

8.0

8.1

8.2

SLES Linux

15

15 SP1

15 SP2

Use the ausearch utility to check the Access Vector Cache (AVC) messages and see if SELinux denies any of the FglAM actions:

# ausearch -m AVC,USER_AVC -ts today
time->Wed Nov 4 11:18:11 2020 type=AVC msg=audit(1604459891.164:117): avc: denied { open } for pid=1311 comm="fglam" path="/root/ 5981fips/jre/1.8.0.265/jre/lib/jce.jar" dev="dm-0" ino=11429653 scontext=system_u:system_r:init_t:s0 tcontext=unconfined_u:object_r:admin_home_t:s0 tclass=file permissive=1

The -m option specifies what kind of information ausearch returns. The -ts option specifies the time stamp. For example, -ts today returns messages from the whole day.

a
Open the /etc/selinux/config file and change SELinux mode to permissive. Using permissive mode will force SELinux to accept all FglAM actions. SELinux will log all the denials regarding to FglAM actions that would have been denied in enforcing mode, by identifying them one at a time as the FglAM gets permissions granted individually.
d
Use the 'journalctl -t setroubleshoot --since= [time]' utility to view more information about the AVC message:
# journalctl -t setroubleshoot --since=11:18
– Logs begin at Tue 2020-11-03 10:37:14 CST, end at Wed 2020-11-04 11:19:27 CST. – Nov 04 11:18:30 centos82-s1 setroubleshoot[1416]: SELinux is preventing quest-fglam from execute access on the file fglam. For complete SELinux messages run: sealert -l 06149362-e530-4f52-a081-53751a98eab7
Replace [time] with the machine restart time.
e
Use the 'sealert -l [AVC message ID]' utility to further inspect the AVC message:
g
Repeat Step e to Step f for all FglAM action denials AVC messages found in Step d.

SSH IPv6 connection support

Starting with the Foglight Agent Manager version 5.9.1, the SSH connection with unique local IPv6 Address and link-local IPv6 Address is supported on the Agent Manager running on Windows and Linux.

About supported remote monitoring protocols

The Agent Manager supports the SSH (secure shell) protocol for remote monitoring of hosts running Linux® and UNIX® operating systems. SSH is a protocol which encrypts all traffic between the client and the server, and supports a wide variety of secure authentication mechanisms. SSH is available for installation on all platforms supported for remote monitoring by Foglight.

The Agent Manager does not support the older Telnet protocol for remote monitoring. Telnet is an insecure protocol which does not encrypt traffic, and requires that the passwords used to authenticate collections are sent in the clear. For that reason, supporting Telnet as a remote monitoring protocol potentially exposes monitored systems to trivial network eavesdropping attacks, disclosing passwords to attackers.

While it is possible to create a closed network with strong security boundaries within which it is safe to run the Telnet protocol, this use case is not common, and it is impossible for the Agent Manager to determine if Telnet is safe to use before offering it as an option for connectivity. Further, the effort required on the part of the user to maintain such a secure environment is far less than that required to simply enable SSH connections on a host. For these reasons, the Agent Manager does not support Telnet as a remote monitoring protocol.

Configuring the Agent Manager to run as a daemon

As described in Installing the Agent Manager using the installer interface and Installing the Agent Manager from the command line , you can install an init.d-style script called quest-fglam in the init.d directory on your system. This script is called when the host on which the Agent Manager is installed starts or shuts down, allowing it to run as a daemon.

Even if you choose not to install the init.d script during the installation, or if you do not perform the installation as the root user, the installer generates scripts that can perform the necessary setup.

These scripts are fglam-init-script-installer.sh and fglam-init-script.sh, and they are located in the <fglam_home>/state/default/ directory.

The script fglam-init-script-installer.sh installs the script fglam-init-script.sh into your system’s init.d directory as quest-fglam. Your system’s init.d process then uses quest-fglam to run the Agent Manager as a daemon.

2
Optional. If you want to make any edits to fglam-init-script.sh to customize it for your system, do so prior to running fglam-init-script-installer.sh.
IMPORTANT: Any customizations that you make to the script fglam-init-script.sh are not supported by Quest Software Inc..
4
From the command shell, run the script fglam-init-script-installer.sh with the install option:
The setup script fglam-init-script-installer.sh installs the init.d script quest-fglam. See Locating the init.d script for the location in which it is installed.

To remove the init.d script, follow the instructions in To remove the init.d script used to run the Agent Manager as a daemon on UNIX®: .

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级