I would like to get some explanations about the outputs I receive when executing Venafi Agent’s “vagent -s -1” command in Windows command prompt.
The command and its output looks like this (the same command twice in a row):
C:\Program Files\Venafi\Platform>VAgent.exe -s -1
Informational: Venafi Agent Library: assignment "c2a8bfd7-0af5-4911-996d-2d59a6aaa77a" for service module "VED Agent KeyStore Scanner" scheduled to run at Thu Jan 30 15:38:45 2014.
Informational: Venafi Agent Library: assignment "d09adc79-d4bf-4a74-9cca-dd4fb63baf91" for service module "VED Agent SSH Scanner" scheduled to run at Thu Jan 30 15:38:45 2014.
Informational: Venafi Agent Library: assignment "5c3a694a-671b-47d5-8f84-6cef755a27ce" for service module "Venafi Agent Library" scheduled to run at Thu Jan 30 15:38:45 2014.
Informational: Venafi Agent Library: assignment "aa2fb1a3-574d-4581-ba86-48fc0c142cd6" for service module "Venafi Agent Library" scheduled to run at Thu Jan 30 15:38:45 2014.
Warning: Venafi Agent Library: Run once incomplete, scheduled to recheck at Thu Jan 30 15:38:51 2014.
Warning: Venafi Agent Library: Unable to check-in with the Product Server, call incomplete, scheduled to recheck at Thu Jan 30 15:38:49 2014.
Informational: Venafi Agent Library: service module "VED Agent SSH Scanner" assignment processing started at Thu Jan 30 15:38:46 2014.
Informational: Venafi Agent Library: service module "VED Agent SSH Scanner" assignment processing concluded at Thu Jan 30 15:38:46 2014.
Informational: Venafi Agent Library: service module "VED Agent KeyStore Scanner" assignment processing started at Thu Jan 30 15:38:47 2014.
Informational: Venafi Agent Library: service module "VED Agent KeyStore Scanner" assignment processing concluded at Thu Jan 30 15:38:48 2014.
Informational: Venafi Agent Library: director exchange started at Thu Jan 30 15:38:49 2014.
Informational: Venafi Agent Library: Connect to "10.68.5.248" succeeded.
Informational: Venafi Agent Library: director exchange concluded at Thu Jan 30 15:38:52 2014.
Warning: Venafi Agent Library: Run once incomplete, scheduled to recheck at Thu Jan 30 15:38:58 2014.
Venafi Agent: Setting exit on "Run Once" flag.
C:\Program Files\Venafi\Platform>VAgent.exe -s -1
Informational: Venafi Agent Library: assignment "c2a8bfd7-0af5-4911-996d-2d59a6aaa77a" for service module "VED Agent KeyStore Scanner" scheduled to run at Thu Jan 30 15:39:03 2014.
Informational: Venafi Agent Library: assignment "d09adc79-d4bf-4a74-9cca-dd4fb63baf91" for service module "VED Agent SSH Scanner" scheduled to run at Thu Jan 30 15:39:03 2014.
Informational: Venafi Agent Library: assignment "5c3a694a-671b-47d5-8f84-6cef755a27ce" for service module "Venafi Agent Library" scheduled to run at Thu Jan 30 15:39:03 2014.
Informational: Venafi Agent Library: assignment "aa2fb1a3-574d-4581-ba86-48fc0c142cd6" for service module "Venafi Agent Library" scheduled to run at Thu Jan 30 15:39:03 2014.
Warning: Venafi Agent Library: Run once incomplete, scheduled to recheck at Thu Jan 30 15:39:09 2014.
Warning: Venafi Agent Library: Unable to check-in with the Product Server, call incomplete, scheduled to recheck at Thu Jan 30 15:39:07 2014.
Informational: Venafi Agent Library: service module "VED Agent SSH Scanner" assignment processing started at Thu Jan 30 15:39:04 2014.
Informational: Venafi Agent Library: service module "VED Agent SSH Scanner" assignment processing concluded at Thu Jan 30 15:39:04 2014.
Informational: Venafi Agent Library: service module "VED Agent KeyStore Scanner" assignment processing started at Thu Jan 30 15:39:04 2014.
Informational: Venafi Agent Library: service module "VED Agent KeyStore Scanner" assignment processing concluded at Thu Jan 30 15:39:07 2014.
Warning: Venafi Agent Library: Unable to check-in with the Product Server, call incomplete, scheduled to recheck at Thu Jan 30 15:39:10 2014.
Warning: Venafi Agent Library: Run once incomplete, scheduled to recheck at Thu Jan 30 15:39:14 2014.
Informational: Venafi Agent Library: director exchange started at Thu Jan 30 15:39:11 2014.
Informational: Venafi Agent Library: Connect to "10.68.5.248" succeeded.
Informational: Venafi Agent Library: director exchange concluded at Thu Jan 30 15:39:13 2014.
Venafi Agent: Setting exit on "Run Once" flag.
1) What are the “Venafi Agent Library” assignments and why there are two of them?
2) Why are there a few “Run once incomplete” warnings? Are they significant? How could I avoid them?
3) The same with “Unable to check-in with the Product Server” – what do the warnings mean? Are they significant? How could I avoid them?
4) Why are the “VED Agent SSH Scanner” assignments run if “Module VED Agent SSH Scanner” in “vagent -l all” command is shown as disabled?
5) It seems that the discovered certificates get uploaded to VED only when I run the “vagent -s -1” command twice in a row. Is this the correct way of running the Agent? Or am I doing something wrong?
6) Is there a way to delete uploaded certificates from VED in results of “Certificate Module Discovery”? I do not want to store, for example, test certificates which I discovered and uploaded into VED while playing with the Agent.
=========================
1) What are the “Venafi Agent Library” assignments and why there are two of them?
When you do run once you get a library assignment for initial call home and another to handle the run-once job. This is normal and expected.
2) Why are there “Run once incomplete” warnings? Are they significant? How could I avoid them?
Insignificant. Change the log level
3) The same with “Unable to check-in with the Product Server” – what do the warnings mean? Are they significant? How could I avoid them?
This issue you see here is cosmetic and only seen during a manual scan. The best thing to do is ignore the message for the time being. Look for a message that says :Venafi-Agent[3670]: Venafi Agent Library: Connect to "198.190.131.2" succeeded.: I have created an enhancement to have this message removed from the manual scan.
4) Why are the “VED Agent SSH Scanner” assignments run if “Module VED Agent SSH Scanner” in “vagent -l all” command is shown as disabled?
The is a base Agent that has no knowledge of the scanners state, being disabled or otherwise.
The base Agent starts the scanner(s) up at the scheduled time and it is the scanners job to know that it is disable and to abort the assignment.
5) It seems that the discovered certificates get uploaded to VED only when I run the “vagent -s -1” command twice in a row. Is this the correct way of running the Agent? Or am I doing something wrong?
You are running the agent correctly. The first time the agent is run it calls home to gets its configuration. The next time you manually run it, it will scan and then call in to the server to deliver the scan results along with getting any changes to the configuration. In short, two runs of the agent are necessary.
6) Is there a way to delete uploaded certificates from VED in results of “Certificate Module Discovery”? I do not want to store, for example, test certificates which I discovered and uploaded into VED while playing with the Agent.
The only way to delete those certificates is to delete the agent out of the base agent results.
Comments