Verifying Symantec Event Agent operation
Article ID: 179522
Updated On:
Products
Security Information Manager
Issue/Introduction
Resolution
Verifying Symantec Event Agent operation
You can verify that the Symantec Event Agent is operating correctly by running the Show Agent Status script.
See Verifying Symantec Event Agent installation.
To run the Show Agent Status script Symantec Event Agent operation
On the collector computer, navigate to the Agent directory as follows:
To access the Collector and Agent Management scripts, at the command prompt, do one of the following steps:
At the SSIM Collector / Agent Management Scripts menu, select the following option:
If the Agent is not running, the following message appears:
The agent command cannot be executed. Failed to make a connection to the agent. The Symantec Event Agent is possibly not running.
If the Agent is running, something imilar to the following message appears:
Symantec Event Agent (v 4.5.0.12) - Copyright(c) - Symantec Corporation Symantec Event Agent status: running Listening on: 172.16.0.1:8086 SSL: Off SESA Manager URL: https://172.16.0.1:443/sesa/servlet/ Outbound Thread State: CONNECTED Java Version 1.6.0
Queue Status Total events accepted: 502 Total events forwarded: 502 Entries waiting in queue: 0 Direct events accepted: 0 Queue File: .\agent.que Flush Size (KB): 2000 Flush Count: 1000 Flush Time (sec): 4 Spool Size (KB): 20000 Max Queue Size (KB): 80000
Forwarding Provider: Symc_SESAEventForwardingProvider Post failures due to unexpected response code: 6 Total number of post failures: 0 Event Acceptor HTTP ThreadPool: Thread 0 state = IDLE Thread 1 state = IDLE Thread 2 state = IDLE Thread 3 state = IDLE
Last state update time: Mon Apr 28 18:24:17 PDT 2008 Last configuration download request time: Mon Apr 28 18:24:17 PDT 2008 Last configuration update invocation time: Mon Apr 28 18:24:17 PDT 2008 Last configuration update completion time: Mon Apr 28 18:24:17 PDT 2008
Feedback
Yes
No
Powered by
