Agent Client Collector check-allow-list issue with Postgres pattern discovery
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-28-2025 12:26 AM
Hi all,
Working with Agent Client Collector pattern discovery here, but am having trouble to add the right parameter in the check-allow-list.json it seems.
The command that needs to be executed by the pattern: "/usr/pgsql-16/bin/postgres" -V
I found out the " are key or else it will not correctly include the path in the command and without the path the command execution fails since it returns a 'command not found' error.
The log file of the agent states:
check:<command:"postgres\" -V" interval:60 timeout:60 executed:1740676917 ....Sequence:1 ] check command denied by the agent allow list. Context: Asset allow list empty, using agent config file allow list.
Did not find exec entry.
Anyone experience with this and knows what I should put in to make it work?
Cheers, Patrick
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago
Hello Patrick, you found any solution for this issue?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Monday
Hi,
Unfortunately not really, this is still an open Problem with ServiceNow.
They DID offer a workaround “Set PATH via systemd Environment” (when ACC runs as a service)
The Postgress path would have to be added to the PATH variable for the user running the ACC service. Once that is done, you can execute the commands in the '/usr/pgsql-16/bin/' without the need of a path/location which will work.
However, this will mean including it on all your systems.
We worked aroud it, since the next challenge turned out even harder, grabbing the datbase info inclusing sizes from the identified Postgres instances.
Our workaround is a custom script with parameters stored in the /usr/local/sbin
Any command that is giving issues is placed in that script and via Puppet placed on the servers.
It now also includes some Oracle commands, to also extract Oracle Catalog info.
Maybe this will work for you as well 🙂
Cheers, Patrick