Follow

Info: Venafi Server Agent Basics and Troubleshooting

 

 

 

1. What processes are associated with the Venafi Server Agent?

a. Windows?

vagent.exe which is found by default under C:\Program Files\Venafi\Platform

b. Linux?

/opt/venafi/agent/bin/vagent

 

2. How do we verify that the Venafi Server Agent is available and operational on the server after the deployment?

a. Windows?

Check that vagent.exe process is running

Check that Windows Application logs show that Agent called home

Check that Aperture shows the Agent last seen time updated

 

b. Linux?

Check that vagent process is running

Check that syslogs logs show that Agent called home

Check that Aperture shows the Agent last seen time updated

 

3. What services are associated with the Venafi Server Agent as listed in Task Manager? What state should services be in when properly functioning?

a. Windows?

Venafi Server Agent set to Automatic startup type

 

b. Linux?

/etc/init.d/vagent

 

4. What configuration files are associated with the Venafi

Server Agent? What should they contain?

a. Windows?

config.sq3 found under C:\Program Files\Venafi\Agent\Data.

Contains the Agent settings that are listed when running “vagent -l all”

 

b. Linux?

config.sq3 found under /var/opt/venafi/agent/data.

Contains the Agent settings that are listed when running “vagent -l all”

 

5. What log files are associated with the Venafi Server Agent? What should they contain?

a. Windows?

events.sq3 found under C:\Program Files\Venafi\Agent\Data.

Contains Debug logs. These logs will be dumped to stdout when using the -v switch with the vagent command.

 

b. Linux?

events.sq3 found under /var/opt/venafi/agent/data.

Contains Debug logs. These logs will be dumped to stdout when using the -v switch with the vagent command.

 

6. What certificate file(s) are associated with the Venafi Server Agent? What should they contain?

a. Windows?

C:\Program Files\Venafi\Agent\Data\curl-ca-bundle.crt

Stores trust anchors used to validate the Trust Protection Platform server SSL certificate (and possibly certificate presented by other network devices while calling home to the Venafi server).

 

b. Linux?

/var/opt/venafi/agent/data/curl-ca-bundle.crt

Stores trust anchors used to validate the Trust Protection Platform server SSL certificate (and possibly certificate presented by other network devices while calling home to the Venafi server).

 

7. What other procedures do you follow/recommend to ensure the Venafi Server Agent is fully operational and functioning as expected?

a. Windows?

Monitoring Windows Application logs for errors logged by Venafi Server Agent.

Monitor Venafi logs for error events starting with “ClientRest”

Check that the Aperture shows the Agent has been seen recently

Check that we have discovery results from the Agent

 

b. Linux?

Monitoring syslog for errors logged by Venafi Server Agent.

Monitor Venafi logs for error events starting with “ClientRest”

Check that the Aperture shows the Agent has been seen recently

Check that we have discovery results from the Agent

 

8. Please provide the instructions for Repair (Uninstall and Reinstall) of the Venafi Server Agent?

a. Windows?

Uninstall Agent from add/remove programs

Delete C:\Program Files\Venafi\Agent\Data folder

Delete Agent registration from Aperture

Install using the Agent MSI installer with correct configuration options

 

b. Linux?

Uninstall Agent using --uninstall option with the installer bundle

Delete /var/opt/venafi/agent/data folder

Delete Agent registration from Aperture

Install using the Agent installer bundle with correct configuration options

 

9. Please provide the instructions for Rollback to previous version (Uninstall and install n-1) of the Venafi Server Agent?

a. Windows?

Uninstall Agent from add/remove programs

Delete C:\Program Files\Venafi\Agent\Data folder

Delete Agent registration from Aperture

Install using the Agent MSI installer with correct configuration options

 

b. Linux?

Uninstall Agent using --uninstall option with the installer bundle

Delete /var/opt/venafi/agent/data folder

Delete Agent registration from Aperture

Install using the Agent installer bundle with correct configuration options

 

10. Where are the Agent logs?

a. Windows?

Debug logs are available in the events.sq3 found under C:\Program Files\Venafi\Agent\Data.

We also log to the Windows event log by default at a Info level, but is configurable.

 

b. *nix systems?

Debug logs are available in the events.sq3 found under /var/opt/venafi/agent/data.

We also log to the system log by default a the info level, but can be configured to other levels. 

 

11. How do I set the logging level that is written to the system log?

Please refer to this KB: https://support.venafi.com/hc/en-us/articles/215913287-Info-Venafi-Agent-Logging

Was this article helpful?
2 out of 2 found this helpful

Comments