Agent Client Collector check-allow-list issue with Postgres pattern discovery

Patrick101
Tera Contributor

Hi all,

 

Working with Agent Client Collector pattern discovery here, but am having trouble to add the right parameter in the check-allow-list.json it seems.

 

The command that needs to be executed by the pattern: "/usr/pgsql-16/bin/postgres" -V

I found out the " are key or else it will not correctly include the path in the command and without the path the command execution fails since it returns a 'command not found' error.

 

The log file of the agent states:

check:<command:"postgres\" -V" interval:60 timeout:60 executed:1740676917 ....Sequence:1 ] check command denied by the agent allow list. Context: Asset allow list empty, using agent config file allow list.
Did not find exec entry.

 

Anyone experience with this and knows what I should put in to make it work?

 

Cheers, Patrick

2 REPLIES 2

ZW-C
Tera Contributor

Hello Patrick, you found any solution for this issue?

Patrick101
Tera Contributor

Hi,

 

Unfortunately not really, this is still an open Problem with ServiceNow.

 

They DID offer a workaround “Set PATH via systemd Environment” (when ACC runs as a service)

The Postgress path would have to be added to the PATH variable for the user running the ACC service. Once that is done, you can execute the commands in the '/usr/pgsql-16/bin/' without the need of a path/location which will work.
However, this will mean including it on all your systems.

 

We worked aroud it, since the next challenge turned out even harder, grabbing the datbase info inclusing sizes from the identified Postgres instances.
Our workaround is a custom script with parameters stored in the /usr/local/sbin

Any command that is giving issues is placed in that script and via Puppet placed on the servers.
It now also includes some Oracle commands, to also extract Oracle Catalog info.

 

Maybe this will work for you as well 🙂

 

Cheers, Patrick