Agent
This page enables you to perform disocvery and agent related operations. It has the following tabs:
- Agent Installation
- Agent Build
- Agent Installation History
- Discovery Agent
- Mobile Agents
- Discovery Poller
- Agent Credential Profile
Agent Installation
Motadata ServiceOps provides you with multiple options to install an agent. They are:
- From the ServiceOps portal
- Using GPO
- Using Utility
- Local Installation
This tab allows you to install an agent in multiple machines that fall in the configured network, using the discovery or poller service.
Before you install or uninstall the agent using poller, check the following:
- Poller is registered with the main server. You can check this from Admin > Asset Management > Asset Discovery > Discovery Poller.
- Ensure that the required build file is uploaded in the Admin > Asset Management > Asset Discovery > Agent Build.
- Ensure that the required config type: VNC, Remotely, and RDP, is enabled from Admin > Asset Management > RDP Configurations.
To create an agent scan, click Create Agent Installation, and a popup appears.
Enter the below details:
- Name: Enter the name of the network scan.
- Fetch from Domain: Enable to discover the agents from the domain. If enabled, enter the domain details. For more details, refer to the link Domain Scan. If disabled enter the below details.
The poller service will execute for all the computers that fall within the configured domain network. Hence, you cannot select specific Computers of the network.
Poller: Select the poller for which you want to create the scan. This can be set at the time of configuration only.
Agent Type: Select the type of agent. The options are:
Discovery
VNC
Discovery with Remotely
RDP
Discovery with RDP
If Discovery is selected, select the Communication Type.
Agent Credential Profile: Select the credential profile to create the scan.
Communication Type: Select the type of agent-server communication using which the assets should be discovered. The options are:
Direct Communication: Select when the agent is installed in a network where the server is directly reachable.
Poller Communication: Select when the agent is installed in a network where the server is not directly reachable. If selected enter the Poller URL.
Syntax: protocol://ip-address:port-number
Example: http://10.20.40.131:8080
noteThe port number should be accessible from both the target and the server side machines.
For HTTP protocol, enter the IP address of the machine in which the poller agent is installed.
For HTTPS protocol, add the host entry in the "C:\Windows\System32\drivers\etc" path on all machines where the agent needs to be installed, including the poller machine. Additionally, add the SSL certificate and key in the poller agent.
Once done, navigate to the "C:\Program Files (x86)\Motadata\poller_service" location, and open the appsettings.json file as shown below.
Now, remove the underscore from CertificateFilePath and KeyFilePath parameters and replace their values with the location of both the files as shown below.
Next, restart the poller service or wait for next scan cycle.
Scan Type: Select the type of IP Range. The options are:
- Entire Network: All the IPs in the whole network will be scanned for the discovery. If selected, enter the IP Range Start.
- Specific IP Range: Select if assets from a specific IP Range is to be scanned. If selected, enter the IP Range Start and IP Range End for discovery. Also, you can enter certain IP addresses to skip the scan in the Exclude IPs field. If required, you can import a list of IP Addresses to exclude from scanning using the Import Exclude IPs link.
- Specific set of IPs: Select if you want to scan only specific IP Addresses for asset discovery. If selected, enter the IP Addresses. You can also import the IP Addresses in bulk using the Import IP Addresses link.
Description: Enter the description about the agent network scan.
Credentials: Select the credentials to be used from the dropdown. You can also create new credentials using the Adding Credential link.
Once all the details are filled, click Save. The created network will appear on the list page. Now, you can do the following:
- Execute Installation: You can install the agent in machines based on the configured domain or network.
- Execute Uninstallation: You can uninstall the agent from machines based on the configured domain or network.
- Edit: You can edit the scan.
- Delete: You can delete the scan if not required.
Agent Build
It displays the list of various platforms with their architecture. Here, you can upload the agent and perform zero-touch Agent package installation in the remote machine. This list shows the various agent builds with their updated status.
Prerequisites
- python3-pip should be installed
- python3 -m pip impacket should be installed
- apt install msitools
- python3 -m pip install smbprotocol
- python3 -m pip install pyreadline
- You can also install the above prerequisites using a script.
- Check whether impacket is available in the Main Server. You can verify the packet from this location “/opt/flotomate/main-server/config/”.
Here, you can edit, and upload the builds using the Edit Icon.
To perform the zero-touch Agent package installation in the remote machine,
- Upload the Agent. Once done, the Download icon appears as shown above.
- Click on it and the following two options will be available:
- Normal Build: This will download only the Agent build.
- Pre-configured Build: This will download a zip file containing the Agent and install.bat/install.sh file. The install.bat file is for Windows and install.sh is for Linux and mac machines.
- Move the install file to the respective machine and run it with Administrator rights.
- The Agent will get directly installed in the remote machine without following the Agent installation steps.
Agent Installation History
This tab enables you to view the complete scan history of the agents.
Here, you can click the View History button to view the history of individual scan as shown below. It displays the total count along with its bifurcation. You can also download the scan report in PDF format using the Download History button.
Discovery Agent
This tab displays the list of the agents which are installed for scanning the network. Thus, the discovery of assets is scanned and fetched by these agents. You can have multiple agents too.
Once the agents are discovered, you can archive them from here if required.
Once archived, you can restore or delete the agents in bulk or individually using the respective options as shown below.
Also, you can perform actions on the agent logs, by clicking the Eye icon. Here, you can request for the logs and then download them.
Mobile Agents
This tab displays the discovered mobile agents.
Once discovered, you can delete them from here if required. Also, you can configure the settings for mobile discovery.
- Mobile Discovery: Enable if you want to discover the mobile devices.
- Discovery Cycle: Set the discovery cycle to run as per the set time in minutes. The default value is 30 minutes. For Example: If 30 minutes is set the the discovery cycle will run after every 30 minutes.
- Refresh Cycle: Set the time in minutes to refresh the cycle. The default value is 5 minutes.
- Scan this QR Code for Mobile Discovery: You need to scan the QR code to discover your mobile.
Once done, click Update.
Discovery Poller
This tab displays the list of pollers which are installed for scanning the network. Thus, the discovery of assets is scanned and fetched by these pollers. You can have multiple pollers too.
Once the pollers are discovered, you can delete them from here if required. You can also set its Refresh Cycle in minutes using the Settings button. The default value is 5 minutes.
This tab is available only for SaaS application.
Agent Credential Profile
The Agent-ServiceOps application communication is enhanced using the Agent Credential Profile. Currently, the communication takes place using the activation code and static client credentials, posing a security risk. Hence, a new approach is introduced to address this, where the Agent Credential Profile must be created to generate an authorization key. This key is then used at the time of installing the Agent (Discovery, RDP, or Poller). However, to support the older versions, activation code functionality also exists.
This functionality is applicable from v8.5.1 onwards.
Working
To understand the working lets consider two scenarios:
- Upgrade Scenario,
If you are upgrading the ServiceOps application from v8.5.0 to 8.5.1, you can use either of the following two options to establish communication with the Agent:
- Secure Communication: Enter the "Secure Auth" key generated from the Agent Credential Profile if enabled. Once enabled, you cannot use the activation code.
- Activation Code: Enter the activation code to continue using the less secure method.
Moreover, you can permanently implement the secure auth approach by enabling the Agent Communication Settings. This is a one-time configuration. Once activated, the agent-server communication will work only with the authorization key. Agent activation code will not work. Additionally, all the agents will no longer communicate with the server, and a re-installation of agents with new secure-auth key will be required.
- New Installation Scenario:
When the application is installed for the first time, you can use the Agent Credential Profile only for Agent-ServiceOps communication. The activation code feature will no longer work. Also, the Agent Communication Settings icon will not be available.
The communication will stop if the profile is deleted or archived from the portal. In such a situation, you can either restore the credential profile or create a new one and then use it for agent installation.
To view the Agent Credential Profile page, navigate to the Admin > Discovery and Agents > Agents > Agent Credential Profile tab and the following page appears.
The page displays the following features:
- Search: You can search for the required credential profiles.
- Filter: You can filter the profiles by selecting the desired option. The options are: All, Enabled, Disabled, and Archived.
- Refresh: You can refresh the credential profiles list to view the latest one.
- Agent Communication Settings: You can configure the client credential based communication between Agent and Server. By default, it is disabled. This is a one-time setting. Hence once enabled, you cannot disable it.
The Agent Communication Settings icon is available only in case of the ServiceOps application upgraded to v8.5.1. It is not available for the application installed for the first time.
- Add Agent Credential Profile: You can add agent credential profiles to establish a secure communication between the ServiceOps server and the agent.
When the ServiceOps application is upgraded to v8.5.1 and the Agent Communication Settings is disabled, the Add Agent Credential Profile button will also be deactivated. To enable it, activate the Agent Communication Settings "Enable Client Credential based Communication between Agent and Server". This is a one-time setting. Hence once enabled, you cannot disable it.
Once the setting is enabled, the Agent Credential Profile button gets activated to add profiles as shown below.
Additionally, when the ServiceOps application is installed for the first time, the Agent Credential Profile button will be enabled by default.
Adding Agent Credential Profile
To add an agent credential profile,
- Click the Add Agent Credential Profile button and the following popup appears.
- Enter the Credential Profile name.
- Enter a brief description about the profile.
- Click Add.
- Once done the profile will be available on the list page as shown below.
- You can now edit this profile and get the Secure Auth key required for agent installation.
Archiving, Restoring, and Deleting Agent Credential Profile
- You can also archive the profile if required. You can archive either using the Bulk Archive option or individually using the Archive option as shown below.
Once the profile is deleted or archived, the communication will stop. In such a situation, you can either restore the agent credential profile or create a new one and then use it for agent installation.
- Once archived, the profile will be moved to the Archived list.
- From the archived list you can either delete or restore the agent credential profile using the respective icons as shown below.