1. What processes are associated with the Venafi Server Agent?
a. Windows?
vagent.exe which is found by default under C:\Program Files\Venafi\Platform
b. Linux?
/opt/venafi/agent/bin/vagent
2. How do we verify that the Venafi Server Agent is available and operational on the server after the deployment?
a. Windows?
Check that vagent.exe process is running
Check that Windows Application logs show that Agent called home
Check that Aperture shows the Agent last seen time updated
b. Linux?
Check that vagent process is running
Check that syslogs logs show that Agent called home
Check that Aperture shows the Agent last seen time updated
3. What services are associated with the Venafi Server Agent as listed in Task Manager? What state should services be in when properly functioning?
a. Windows?
Venafi Server Agent set to Automatic startup type
b. Linux?
/etc/init.d/vagent
4. What configuration files are associated with the Venafi
Server Agent? What should they contain?
a. Windows?
config.sq3 found under C:\Program Files\Venafi\Agent\Data.
Contains the Agent settings that are listed when running “vagent -l all”
b. Linux?
config.sq3 found under /var/opt/venafi/agent/data.
Contains the Agent settings that are listed when running “vagent -l all”
5. What log files are associated with the Venafi Server Agent? What should they contain?
a. Windows?
events.sq3 found under C:\Program Files\Venafi\Agent\Data.
Contains Debug logs. These logs will be dumped to stdout when using the -v switch with the vagent command.
b. Linux?
events.sq3 found under /var/opt/venafi/agent/data.
Contains Debug logs. These logs will be dumped to stdout when using the -v switch with the vagent command.
6. What certificate file(s) are associated with the Venafi Server Agent? What should they contain?
a. Windows?
C:\Program Files\Venafi\Agent\Data\curl-ca-bundle.crt
Stores trust anchors used to validate the Trust Protection Platform server SSL certificate (and possibly certificate presented by other network devices while calling home to the Venafi server).
b. Linux?
/var/opt/venafi/agent/data/curl-ca-bundle.crt
Stores trust anchors used to validate the Trust Protection Platform server SSL certificate (and possibly certificate presented by other network devices while calling home to the Venafi server).
7. What other procedures do you follow/recommend to ensure the Venafi Server Agent is fully operational and functioning as expected?
a. Windows?
Monitoring Windows Application logs for errors logged by Venafi Server Agent.
Monitor Venafi logs for error events starting with “ClientRest”
Check that the Aperture shows the Agent has been seen recently
Check that we have discovery results from the Agent
b. Linux?
Monitoring syslog for errors logged by Venafi Server Agent.
Monitor Venafi logs for error events starting with “ClientRest”
Check that the Aperture shows the Agent has been seen recently
Check that we have discovery results from the Agent
8. Please provide the instructions for Repair (Uninstall and Reinstall) of the Venafi Server Agent?
a. Windows?
Uninstall Agent from add/remove programs
Delete C:\Program Files\Venafi\Agent\Data folder
Delete Agent registration from Aperture
Install using the Agent MSI installer with correct configuration options
b. Linux?
Uninstall Agent using --uninstall option with the installer bundle
Delete /var/opt/venafi/agent/data folder
Delete Agent registration from Aperture
Install using the Agent installer bundle with correct configuration options
9. Please provide the instructions for Rollback to previous version (Uninstall and install n-1) of the Venafi Server Agent?
a. Windows?
Uninstall Agent from add/remove programs
Delete C:\Program Files\Venafi\Agent\Data folder
Delete Agent registration from Aperture
Install using the Agent MSI installer with correct configuration options
b. Linux?
Uninstall Agent using --uninstall option with the installer bundle
Delete /var/opt/venafi/agent/data folder
Delete Agent registration from Aperture
Install using the Agent installer bundle with correct configuration options
10. Where are the Agent logs?
a. Windows?
Debug logs are available in the events.sq3 found under C:\Program Files\Venafi\Agent\Data.
We also log to the Windows event log by default at a Info level, but is configurable.
b. *nix systems?
Debug logs are available in the events.sq3 found under /var/opt/venafi/agent/data.
We also log to the system log by default a the info level, but can be configured to other levels.
11. How do I set the logging level that is written to the system log?
Please refer to this KB: https://support.venafi.com/hc/en-us/articles/215913287-Info-Venafi-Agent-Logging
Comments