Agent Tags Don’t Appear

openNAC web console provides a debug function for openNAC agents. Configuration –> Agent –> Agent Log.

../../../_images/Agent_Log.png

RED: The administrator can start | stop the debug function to validate the activity from agents.

Note

Don’t forget that the debug function needs disk space so don’t leave this function enable to avoid disk space issues.

BLUE: The content can be just the activity or the collected inventory for each entry.

GREEN: Validate the debug status.

In Content column the icon next to eye allows to run a tag simulator, you can verify which tags is going to be added or removed according with current rules.

../../../_images/Tag_Simulator.png
  • You can modify the parameter to force the agent data update interval, for this example the value is set in 120 sec. In this part of postconditions policies:

ON NAC –> Policies

Red: Add custom parameter AGENT_CONFIG_FULL_INTERVAL

Blue: Set the name and the time (sec)

../../../_images/AgentRunTime.png

The administrator can check the agent communication using tcpdump command, however the traffic is being encrypted so the the output will be yes/no communication depends the capture traffic, but using the agent debug collect more information.

tcpdump -i eth0 port 443