Agent Client Collector installation

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Agent Client Collector installation

    The Agent Client Collector (ACC) can be installed on any supported host machine to enable data collection via a connection to a MID Server using HTTP/S. This connection remains active, allowing one MID Server to manage multiple agents simultaneously, while each agent connects to only one MID Server at a time with automatic failover capabilities. The system supports scalable deployment through configurable agent limits per MID Server and the use of multiple MID Servers to increase capacity.

    Show full answer Show less

    Key Features

    • Connection and Failover: Agents connect to MID Servers based on a predefined list and switch MID Servers if needed, ensuring continuous operation.
    • Capacity and Scaling: Default maximum agents per MID Server is 4,000 (configurable). For example, a 1 GiB MID Server supports 700 agents, while an 8 GiB MID Server supports up to 8,000 agents, with the option to scale out across multiple MID Servers.
    • User Permissions: The default local user account is servicenow, with basic permissions. Specific permissions vary by operating system and agent feature, such as running processes, mapping TCP connections, or package upgrades.
    • Agent Management: Reinstalling an agent creates a new record; old agents must be manually deleted or will be auto-deleted after 30 days based on configurable settings.
    • Secure Communication: Supports mutual TLS (mTLS) for secure authentication between the MID Web Server and the agent.
    • Special Environments: Supports deployment in air-gapped environments with documented procedures and configurations.
    • Golden Image Mode: Enables cloning of agent instances; configuration details differ by operating system.
    • Domain Separation: Agents inherit the domain of their connected MID Server, and user domains must be leaf domains to enable certain Websocket extensions.

    Practical Considerations for ServiceNow Customers

    • Ensure the MID Server's snagent.mid.maxallowedagents property is configured to meet your scale requirements.
    • Plan MID Server resource allocation (heap size) based on the number of agents to be supported concurrently.
    • Use domain separation appropriately to manage agent and Configuration Item (CI) domains effectively.
    • Regularly clean up agent records after reinstallations to avoid duplication and confusion.
    • Leverage mTLS for securing agent to MID Server communications to meet security compliance.
    • Consult the respective installation guides for Windows, Linux, or macOS to properly set up the agent, including prerequisites like golden image mode if cloning is needed.

    You can install the Agent Client Collector on any supported host machine. The Agent Client Collector connects to a MID Server using the HTTP/S protocol, and the connection remains active after being established. One MID Server may handle several agents simultaneously, while a single agent works with one MID Server at a time and switches to a different MID Server when necessary to provide failover protection.

    When an agent's IP address changes, it selects a MID Server to connect to based on the agent's MID Server list.

    The maximum number of agents that can be connected to a single MID Server is configurable in the sn_agent.mid.max_allowed_agents MID Server property. The default value is 4,000.

    For ACC-VC, a default 1 GiB MID Server can support 700 agents concurrently. An 8 GiB configuration for a MID Server can support 8,000 agents concurrently. You can also scale out. For example, 5 MID Servers with 8 GiB of heap size can handle up to 40k agents.

    The default user account is a local user called servicenow. This user has basic level permissions.

    The following table describes the permissions required to work with various features associated with the agent, per OS. An asterisk (*) indicates that no special permissions are required.
    Table 1. Agent on Endpoints Deployment
    Feature Windows Linux macOS
    Basic inventory * * *
    Serial number(s) *

    sudo

    dmidecode

    		 *
    Running processes Debug programs * *
    Mapping TCP connections to running processes * sudo ss *
    Storage devices LOCAL SYSTEM * *
    Logged-in users LOCAL SYSTEM * *
    Package self-upgrade LOCAL SYSTEM sudo rpm/dpkg Not supported

    If you completely reinstall the agent on a single host server, a second agent record registers on the instance. Delete the original agent on the Agent Client Collectors page (All > Agent Client Collector > Agents).

    Agents whose Status = Down or Disconnected which haven't been deleted are deleted automatically after 30 days. You can modify this setting on the Autoflush form page (see Autoflush form).

    Use the Manual Transport Layer Security protocol (mTLS) for secure authentication between your MID Web Server and the agent (the client). For details, see Connect the agent to the MID Server using mTLS.

    For details on using Agent Client Collector in an air-gapped environment, see the Agent Client Collector Framework Air Gapped Configuration Item Management Solution [KB1585753] article in the Now Support Knowledge Base.

    Golden image mode enables cloning of additional instances. Setting golden image mode is described in the installation procedure prerequisites for each OS. For information on the structure and modularity of the golden image plugin by operating system, see Golden image structure and modularity.

    Agent Client Collector supports domain separation. The domain of the agent and the CIs it creates is determined by the domain of the MID Server that the agent is connected to. The user's domain must be the lowest domain level (known as a leaf domain) to enable creating a Websocket endpoint extension for the MID Server.