Analyzing the state of an agentless connection

The status of an agentless connection can be diagnosed by the color of the shield and notebook icons:

  • If the shield is green, the registered asset can be scanned by Cyberwatch;
  • If the notebook is green, Cyberwatch can deploy patches on the registered asset.

Troubleshoot errors encountered when adding an agentless connection

This table references the procedure for resolving the most common errors encountered when adding an agentless connection.

ConnectorErrorResolution
Allgetaddrinfo: Name or service not knownThe Cyberwatch instance fails to resolve the IP address associated with the entered hostname. In this case, it is sufficient to configure the DNS entries to fully resolve the asset’s IP address and hostname.
WinRMConnection refused- The WinRM service is not activated on 5985 target’s port. This service can be activated by running the following command in a administrator PowerShell:Enable-PSRemoting -Force.

- A firewall configuration or third party equipment blocks incoming flow from Cyberwatch. To allow incoming WinRM flows through the machine’s firewall, it is sufficient to execute:netsh advfirewall firewall add rule name="WinRM-HTTP" dir=in localport=5985 protocol=TCP action=allow.
WinRMWinRM::WinRMAuthorizationErrorThe chosen user does not have the necessary rights to perform WinRM connection, like it’s by defaults the case of all local users. Running the following command in an administrator PowerShell solves it, by enabling the registry key that allows local users to do WinRM:New-ItemProperty -Name LocalAccountTokenFilterPolicy -path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -propertyType DWord -value 1.
SSHsudo command not foundThe ssh connection between Cyberwatch and the asset is effective, but the sudo command used to scan the asset through the ss and dmidecode commands is not installed. Installing it solves the problem and allows the asset to be fully scanned.
SSHcould not settle on host_key algorithmThe key exchange algorithms version of the monitored system are not supported by Cyberwatch. An update of the openssh version is sufficient for Cyberwatch supported OS. A version higher than openssh 3.9 is required, but a version higher than 5.7 is recommended for optimal security.
SSHauthentication failedThe login credentials entered are invalid. In this case, just change them to the correct ones.
SSHCould not identify the operating system (uname:id …)Cyberwatch is unable to identify the OS version name to monitor. In this case, you need to ensure that we support this OS by referring to the list of supported operating systems. If it’s the case feel free to contact us at support@cyberwatch.fr for telling us about the encountered error.
SNMPTimeout after 2 secondsThis message may indicate network latency, SNMP bad configuration, or incorrect credentials. In this case, it is advisable to restart the connection test after checking the equipment’s SNMP configuration and credentials used for connection.
SNMPNo method for Nil::classCyberwatch does not support this equipment for agentless scan (list of supported OS). In this case, an e-mail with a complete SNMPWalk of the equipment can be sent to support@cyberwatch.fr, in order to study an evolution about it.