Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

App Control: How to Troubleshoot Agent Package Generation Failures

App Control: How to Troubleshoot Agent Package Generation Failures

Environment

  • App Control Server: All Supported Versions

Objective

To troubleshoot cases where Agent Package Generations are failing. This presents itself when https://ServerAddress/InstallerVersions.php
  • Version Installed: Contains a version when Package Generation is Enabled.
  • Package Generation Status: Returns to Disabled after being set to Enabled.

Resolution

  1. Verify the Server Exclusions are added to all other security products on the application server hosting the Console.
  2. Verify no Trusted Directory exists for the /hostpkg/ directory.
  3. Verify the Service Account Windows Permissions have not been modified.
  4. Delete the temp files from the Service Account local temp and Server's local temp directories.
  5. If application server is in a limited or airgapped network, install the Agent Installer certificates locally.
  6. Re-install the relevant Agent Host Package Installer locally.
  7. Start a Procmon capture.
  8. Log in to the Console and navigate to https://ServerAddress/support.php > Diagnostics and choose:
    • Snapshot Server Logs (to write current logs and start a new file)
    • Logging Duration to 30 minutes.
    • Debug Level: Verbose
    • Script Debug Level: Verbose
    • Start Logging
  9. Navigate to https://ServerAddress/shepherd_config.php and set the problematic Package Generation task to true:
    GenerateWindowsInstaller
    GenerateMACInstaller
    GenerateRedhatInstaller
  10. Navigate to https://ServerAddress/support.php > Advanced Configuration > click Regenerate install files.
  11. Verify the relevant Shepherd Config has changed to false again.
  12. Navigate to https://ServerAddress/support.php > Diagnostics > Stop Logging Now.
  13. Complete the Procmon capture.
  14. Navigate to Tools > Requested Files > Diagnostic Files tab and save the files:
    • ServerLog-TIMESTAMP.bt9
    • ReporterLog-TIMESTAMP.log
    • PHPErrors-TIMESTAMP.log
  15. Zip the Procmon and Diagnostic Files together and upload to the Vault for review.

Related Content


Labels (1)
Tags (2)
Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
Creation Date:
‎10-23-2020
Views:
2490
Contributors