Original Message:
Sent: 12-07-2023 09:12
From: Seongsu Ryu
Subject: agent critical status with Agent certificate is expired
thx for your response
support case #01850267 requested already before posting here but no promising response yet
------------------------------
Seongsu
Original Message:
Sent: 12-07-2023 08:53
From: Marat Makhlin
Subject: agent critical status with Agent certificate is expired
I would suggest to open case to On-Prem Support and let our engineers to investigate this issue and come to definitive conclusions and recommendations for that specific issue.
------------------------------
Marat Makhlin
Imperva
On-Prem Technical Lead
Original Message:
Sent: 12-06-2023 09:40
From: Seongsu Ryu
Subject: agent critical status with Agent certificate is expired
thx for your response
after testing the other "working" agent with user space monitoring node (on 4th agent and changed back to kernel monitoring mode), I've noticed signifiant less (or almost none) db event captured
these agents are installed/configured in Oracle Exadata X5 (OEL7) with 2 node RAC
here is my current (w/ kernel monitoring mode caused critical Agent certificate is expired) advanced configuration
<agent-config>
<quota>8000</quota>
<files-dir>.</files-dir>
<enable-oracle-aso>true</enable-oracle-aso>
<shared-server-discovery-enabled>true</shared-server-discovery-enabled>
<system-events-data-loss-enable>true</system-events-data-loss-enable>
<external-traffic-monitoring-in-kern>true</external-traffic-monitoring-in-kern>
<collect-Oracle-in-user-space>false</collect-Oracle-in-user-space>
<kernel_support_local_traffic_in_server_side>true</kernel_support_local_traffic_in_server_side>
<system-events-ipv6-listener-identified-enable>0</system-events-ipv6-listener-identified-enable>
<bulk-compression-method>Compression Snappy</bulk-compression-method>
<userspace-oracle-injection-technology>true</userspace-oracle-injection-technology>
</agent-config>
------------------------------
Seongsu
Original Message:
Sent: 12-06-2023 07:45
From: Marat Makhlin
Subject: agent critical status with Agent certificate is expired
User Space (US) mode is preferable option for Imperva agents. It is better to use it rather then Kernel mode.
You specific scenario can be the one described here - https://docs.imperva.com/bundle/v14.7-database-activity-monitoring-user-guide/page/77566.htm
------------------------------
MaratMakhlin
Original Message:
Sent: 12-04-2023 10:10
From: Seongsu Ryu
Subject: agent critical status with Agent certificate is expired
thx for your reply
re-install / re-register all ended up same error
have below in Advanced Configuration based on Professional Service team's advice (when worked on VMs instead of Baremetal Oracle Exadata)
<collect-Oracle-in-user-space>false</collect-Oracle-in-user-space>
after it removed, i.e. changing Monitoring Mode from Kernel to User Space, I don't see that Critical status nor Running with Errors
however same config works just fine in the other agent for 2-node Oracle RAC in Oracle Exadata hosts
wondering I should keep use User Space Monitoring Mode or something missing in specifically in this host
thx for your help
------------------------------
Seongsu
Original Message:
Sent: 12-04-2023 04:22
From: Mitesh Mehta
Subject: agent critical status with Agent certificate is expired
Hi Seongsu,
In order to fix the problem where it says "agent critical status with agent certificate is expired". Re-registering your problematic agent with the gateway is a good idea.
------------------------------
Regards,
ππ’πππ¬π‘ πππ‘ππ
Senior Security Consultant
Mumbai
Original Message:
Sent: 12-01-2023 12:31
From: Seongsu Ryu
Subject: agent critical status with Agent certificate is expired
I've installed imperva agent to Oracle Exadata X5 hosts (please refer below output from which_ragent_package_0286.sh)
OS: OEL
Version: 7
Platform: x86_64
Kernel: UEK-v4
Latest DAM Agent package is: Imperva-ragent-OEL-v7-kUEK-v4-px86_64-b14.6.0.120.0.643876.tar.gz
-------------------------------------
after a few minutes later, agent status changed to critical saying Agent certificate is expired
strangely the other node works just fine with exact same agent version
requested support to provide suggestion to renew certificate but so far no positive solution provided
anyone experienced similar issue and know how to resolve / renew agent certificate issue?
thx for your help!
#DatabaseActivityMonitoring
#ImpervaAgent
------------------------------
Seongsu
------------------------------