Agent Client collector enable-patterns-on-agent mass update
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-07-2024 06:55 AM
We are setting up Agent Client Collector Visibility.
We will use it for Service mapping as well as horizontal Discovery.
To use patterns you need to set
enable-patterns-on-agent : true
This is not default when installing the agents.
What could be used to set this value?
Replacing the complete acc.yml does not seem an option as the agent id is in there too.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-08-2024 01:30 AM
Pattern Execution with Agent Client Collector (KB1323623):
Prerequisites
- Instance on Utah
- Agent Client Collector Framework and Visibility 3.1.0
- MID server with Agent Client Collector capability and Discovery in supported applications
- MID web server active (listener enabled)
- MID java heap size 1024m minimum, 2048m recommended
- MID properties to force SNC SSH library (j2ssh and maverick unsupported for ACC):
mid.sa.ssh.use_sncssh set to true
mid.ssh.use_snc set to true
- Agent Client Collector version 3.1.0 deployed on the target systems (Linux and Windows servers only)
- plugin signature verification enabled
- check allow list at the responsibility of the customer
- on Linux, sudoers enabled with regular Discovery commands
- on Windows, the agent can be installed either as SYSTEM, or using a local account with the
- following privileges:
- Logon as a Service
- Backup (SeBackupPrivilege)
- Debug Programs
- Agents connected to the MID listener with the agent records up, data collection on, host record
- created, no error in the ECC queue
Activation
1. On ServiceNow instance, enter sys_properties.LIST in the navigation bar and press enter
2. Edit the sn_agent.appl_classification_behavior property: change the value to "full" to enable pattern
execution; confirm
3. If you run horizontal discovery in parallel, set the sys_property
sn_agent.disco_disable_ci_clobber_of_agentless_disco to false
Validation
1. Switch the view on the agent record to Discovery; a new tab "Application Pattern Logs" appears
2. Click on Collect Host Data and trace the agent logs
3. Once the regular ACC enhanced discovery is completed, the pattern associated with each classified
process is executed; the execution logs are available from the agent record
4. Click on View log for the pattern of your choice and confirm the data points have been extracted via
the agent, for example: "2023-05-18 02:32:19: Using ACC connection to execute command on Unix agent
with id: f2a9ade796b52cd7"
5. Refresh the host CI and confirm the application CI and subsequent records have been created
Note: as you explore the pattern logs, you can select a step and open Debug mode. Check the box to use the
ACC connection.
Known Limitations and Additional Notes
The "Put File" operation is currently not supported. Patterns that copy a script to the remote target
for execution will fail with the error message "Put File Operation is not supported on agent"
Top-Down Service Mapping is not supported and the connection extensions are not executed
Probes (Oracle GLAS, File-Based Discovery) are not supported
There is no Discovery Status record, only the pattern execution logs
Some shell commands may have a different behavior when executed on the agent vs. ssh, for
example if the shell is "/bin/sh" running non-interactively and the command contains some shell
scripting operators and built-ins (open defect)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-08-2024 02:11 AM
Yes, I am aware and did all of this.
The question is: how to update the acc.yml file... I guess that will be up to the sysadmin via some tool like powershell or chef. But maybe someone has already done it, maybe in a more efficient way.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-08-2024 02:28 AM
OK, now I understand. Well, based on doc there is not even msi install parameter.
I was changing the acc.yml based via my custom ruby script with cert signature, because I was changing API key and URL for switching between instances. However, SN changed approach and now all those custom plugins cert signatures has to be installed in OS trust store, and basically we dont know how to do that, so I dont know if creating custom plugin with that check is the correct approach.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-22-2025 03:23 AM
I use the following script to achieve any paramater changes to the acc.yaml file. Currently, we use MECM to push changes:
# --- this scripts changes the the parameter in $searchKey to $newValue
# --- if not found, it will be added
# --- a backup of the file acc.yaml file is created. ACC agent restarted to reload configuration
$ErrorActionPreference = "SilentlyContinue"
$searchKey = "enable-patterns-on-agent:"
$newValue = "true"
# ----
stop-service -name agentclientcollector
$target_cnt = 0
$filename = "$($env:ProgramData)\ServiceNow\agent-client-collector\config\acc.yml"
get-item "$($filename)-BAK" | Remove-Item -Force
get-item "$($filename)-NEW" | Remove-Item -Force
get-content $filename | % {
if ($_ -imatch $searchKey)
{
"$($searchKey) $($newValue)"
$target_cnt++
}
else
{
$_
}
} | out-file "$($filename)-NEW"
if ($target_cnt -eq 0)
{
"$($searchKey) $($newValue)" | out-file "$($filename)-NEW" -Append
}
rename-item -path $filename -NewName "$($filename)-BAK" -Force
rename-item -path "$($filename)-NEW" -NewName $filename -Force
# --- Restart the ACC service
start-service -name agentclientcollector