What is the meaning of the different Socket Filter Agent's statuses?
Article ID: 130944
Updated On:
Products
CA Privileged Access Manager (PAM)
Issue/Introduction
Looking at the 'Devices / Socket Filter Agent' pane within the PAM Client we can see that the list of Socket Filter Agents can show different statuses: Active, Inactive and Unknown.
This document tells about the situations that lead to these different statuses.
What is the meaning of the different Socket Filter Agent's statuses?
This document tells about the situations that lead to these different statuses.
What is the meaning of the different Socket Filter Agent's statuses?
Environment
Any PAM server installation having the Socket Filter Agent software integrated in the endpoints.
Resolution
In order to properly report the Socket Filter Agents status, there is a process in the PAM server that checks their connections at regular intervals.
- When it can connect to a given host on port 8550, it adds an entry in the DB with the current timestamp, and the Socket Filter Agent status is shown as Active.
- If the Socket Filter Agent was found to be active in the past, but not in the last XX minutes, then the Socket Filter Agent status is shown as Inactive.
- If the Socket Filter Agent was active in the distant past, but not for an extended period of time, then the Socket Filter Agent status is shown as Unknown, as at that point, we do not know whether it is just turned off, disabled or even uninstalled.
Feedback
Yes
No
Powered by
