DocsSKOOR Engine agent jobs
The SKOOR Engine agent is used to transfer local information measured locally on a device to the SKOOR Engine server. The SKOOR Engine agent is an executable program. It can be run as a service and it will listen for connections from the SKOOR Engine on a TCP port (default 52998).
The SKOOR Engine agent software is available for the following operating systems:
- AIX 4.33, 5.1, 5.2 & 5.3
- HP-UX 11.23
- Linux (Red Hat, Centos, Fedora, Debian, Ubuntu)
- FreeBSD
- Solaris
- Windows (2000, XP, 2003, Vista, 7, 7 64 bit, 2008, 2008 64 bit, 10)
The following plugins are common to all versions of the agent software:
- Agent Process
- Agent Disk
- Agent NW-Interface
- Agent OSQuery (requires Osquery to be installed)
The Windows WinAgent allows using the following plugins additionally:
- Agent Execute
- Agent Fetchfile
- Agent Putfile
- Agent Eventlog
- Agent Service
For the SKOOR Engine collector, the client acts as a remote plug-in that connects via TCP port (default 52998).
SKOOR Engine WinAgent (Windows)
Please refer to the separate manual: SKOOR Engine WinAgent users guide for further details.
WinAgent test with browser
Show the version of an agent:
http://winagent:52998/eranger/client/version
Response:
i.e. “version=3.5.4.1”
HTTP response codes:
200 If everything is ok
50x In case of an error
WinAgent specific settings
Device properties
Each of the devices that use agent jobs can have the following connection-specific properties, configured in the device's Properties section. These settings must match with the settings used in the configuration of the WinAgent.
WinAgent settings
| Configuration parameter | Description |
|---|---|
| Listen on port | TCP port to listen for connections from a SKOOR Engine collector (default is 52998). Must correspond to the Agent port property defined on the device. |
| Username | Username for authentication to the WinAgent. Must correspond to the Agent username property defined on the device. Authentication is available for Windows agents only. |
| Password | Password for authentication to the WinAgent. Must correspond to the Agent password property defined on the device. Authentication is available for Windows agents only. |
| Use secure connection (SSL) | Enables a secured connection using SSL 256 bit encryption. Available for Windows agents only. There is no encrypted communication option for agents running on Linux |
Fetch device info
Configuring SKOOR Engine WinAgent jobs of type Agent Disk, Agent Process, Agent Service, Agent NW-Interface requires additional information about the Windows host to be monitored. For convenience it is possible to fetch a list with all that basic information directly into SKOOR Engine. Prerequisites are:
- WinAgent version 3.5.4 or higher
- Agent username and Agent password properties must be defined on the device and on the WinAgent
Once these are met, a new button Fetch info appears in the Common parameters section, when selecting Show details on the device:
Choose the appropriate collector, then click Fetch info:
The information will then be available in the link Device info file.
The content of the file typically looks like this:
Information generated: 06.12.2017 21:05 CET
version=3.6.5.3 (x64)
==================================
===== Operating system =====
==================================
ProductName=Windows Server 2012 R2 Standard
BuildLab=9600.winblue_ltsb.170204-0600
BuildLabEx=9600.18589.amd64fre.winblue_ltsb.170204-0600
==================================
===== WinAgent configuration =====
==================================
config_file=C:\Program Files\Junisphere\ErangerAgent.ini
running_as_service=1
allow_file_receiving=0
allow_file_sending=1
C:\Junisphere\*
C:\Junisphere\logs\*
D:\backupdev\*
allow_program_execution=1
C:\Junisphere\script\*
local_windows_user=
default_execution_timeout=60s
default_terminate_timeout=10s
write_log_file=1
logfile_path=C:\Program Files\Junisphere\ErangerAgent.log
log_level=Debug
max_file_size=10240kB
==================================
===== Disks =====
==================================
C:=Fixed NTFS total: 278GB, free: 184GB
D:=Fixed NTFS Volume total: 2514GB, free: 1462GB
E:=CD-ROM
F:=Fixed NTFS Backup_Disk_2 total: 1862GB, free: 727GB
==================================
===== Network interfaces =====
==================================
#1=isatap.{A62EADCD-E501-45AC-A027-F3EDDF73B0A4}
#2=HP Ethernet 1Gb 4-port 331i Adapter _4
===== Network interface #1 =====
bandwidth=100000
bytes_received=0
bytes_sent=0
errors_in=0
errors_out=0
packets_received=0
packets_sent=0
timebase=2341036
timestamp=8823079458028
===== Network interface #2 =====
bandwidth=1000000000
bytes_received=3248485542
bytes_sent=431103999295
errors_in=0
errors_out=0
packets_received=23898123
packets_sent=408433988
timebase=2341036
timestamp=8823079517156
==================================
===== Process list =====
==================================
ApacheMonitor
DbServer
HpAmsStor
Idle
LogonUI
...
==================================
===== Service list =====
==================================
ADWS=Active Directory-Webdienste
ALG=Gatewaydienst auf Anwendungsebene
AMS=Acronis Management Server Service
ARSM=Acronis Removable Storage Management Service
...
============= EOF ===============
The list shows disks, network interfaces, processes and services currently running on the remote host.
SKOOR Engine agent (Unix/Linux)
Unix/Linux agent test with netcat command
$ nc -v4 127.0.0.1 52998 Connection to 127.0.0.1 52998 port [tcp/*] succeeded! add 0 all 0 all cpu=98.000000&mem=874976&count=108 0 all cpu=98.000000&mem=874976&count=108 0 all cpu=98.200000&mem=874976&count=108 ^C add 1 mountpoint:/ add 2 #1
Compile the agent
agent.c.gz contains the source.
To be able to compile the code, some minimal prerequisites must be met. E.g. on a Debian Linux, the packages gcc and libc6-dev must be installed.
Extract and compile with:
$ gunzip agent.c.gz $ gcc -Dlinux -static -o eranger-agent agent.c $ gcc -DHPUX -static -o eranger-agent agent.c $ gcc -DSUSE -o eranger-agent agent.c $ gcc -DREDHAT -o eranger-agent agent.c
Start the agent
eranger-agent [-d] [-u user] [-b address] [-p port]
Aix client
LC_NUMERIC="C" ./eranger-agent -d