Analyzing the state of an agentless connection
The status of an agentless connection can be diagnosed by the color of the shield and notebook icons:
- If the shield is green, the registered asset can be scanned by Cyberwatch;
- If the notebook is green, Cyberwatch can deploy patches on the registered asset.
Troubleshoot errors encountered when adding an agentless connection
This table references the procedure for resolving the most common errors encountered when adding an agentless connection.
| Connector | Error | Resolution |
|---|---|---|
| All | getaddrinfo: Name or service not known | The Cyberwatch instance fails to resolve the IP address associated with the entered hostname. In this case, it is sufficient to configure the DNS entries to fully resolve the asset’s IP address and hostname. |
| WinRM | Connection refused | - The WinRM service is not activated on 5985 target’s port. This service can be activated by running the following command in a administrator PowerShell:Enable-PSRemoting -Force.- A firewall configuration or third party equipment blocks incoming flow from Cyberwatch. To allow incoming WinRM flows through the machine’s firewall, it is sufficient to execute: netsh advfirewall firewall add rule name="WinRM-HTTP" dir=in localport=5985 protocol=TCP action=allow. |
| WinRM | WinRM::WinRMAuthorizationError | The chosen user does not have the necessary rights to perform WinRM connection, like it’s by defaults the case of all local users. Running the following command in an administrator PowerShell solves it, by enabling the registry key that allows local users to do WinRM:New-ItemProperty -Name LocalAccountTokenFilterPolicy -path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -propertyType DWord -value 1. |
| SSH | sudo command not found | The ssh connection between Cyberwatch and the asset is effective, but the sudo command used to scan the asset through the ss and dmidecode commands is not installed. Installing it solves the problem and allows the asset to be fully scanned. |
| SSH | could not settle on host_key algorithm | The key exchange algorithms version of the monitored system are not supported by Cyberwatch. An update of the openssh version is sufficient for Cyberwatch supported OS. A version higher than openssh 3.9 is required, but a version higher than 5.7 is recommended for optimal security. |
| SSH | authentication failed | The login credentials entered are invalid. In this case, just change them to the correct ones. |
| SSH | Could not identify the operating system (uname:id …) | Cyberwatch is unable to identify the OS version name to monitor. In this case, you need to ensure that we support this OS by referring to the list of supported operating systems. If it’s the case feel free to contact us at support@cyberwatch.fr for telling us about the encountered error. |
| SNMP | Timeout after 2 seconds | This message may indicate network latency, SNMP bad configuration, or incorrect credentials. In this case, it is advisable to restart the connection test after checking the equipment’s SNMP configuration and credentials used for connection. |
| SNMP | No method for Nil::class | Cyberwatch does not support this equipment for agentless scan (list of supported OS). In this case, an e-mail with a complete SNMPWalk of the equipment can be sent to support@cyberwatch.fr, in order to study an evolution about it. |