9.5.2 JP1/IM agent base

JP1/IM agent base manages agent, delegates communication between the Integrated manager host and integrated agent host, executes commands, and so on.

JP1/IM agent base consists of modules that run on the Integrated Manager host included with JP1/IM - Manager and modules that run on integrated agent host provided as a JP1/IM - Agent.

Organization of this subsection

(1) Common capabilities
(2) Agent management function
(3) Integrated agent Action Execution Function

(1) Common capabilities

JP1/IM agent base is built into the Integrated manager host and integrated agent host and can send integrated agent host operational information to the Integrated manager host or execute commands on integrated agent host at the direction of the Integrated manager host.

JP1/IM agent base running on the Integrated manager host side is called "JP1/IM agent management base". JP1/IM agent base running on integrated agent is called "JP1/IM agent control base".

JP1/IM agent base's common functions provides the following features that are commonly used by JP1/IM agent base functions (such as command-execution and agent administration):

HTTP authentication (Communicating and authentication with Intelligent Integrated Management Base and JP1/IM agent control base on the Integrated manager host)
Cryptographic communication (TLS)
Log output of Programs That Configure JP1/IM agent base
Command execution function

The following are JP1/IM agent base process names and roles:

Base name	Process name	Role
JP1/IM agent management base	imbase	Managing the Enrollment agent Relay Communication Between the Integrated manager host and integrated agent host Transferring Files Between the Integrated manager host and integrated agent host REST API with a small amount of data-forwarding (e.g. event-forwarding)
JP1/IM agent management base	imbaseproxy	Relay Communication Between the Integrated manager host and integrated agent host For transferring data-intensive REST API (transferring trend data (RemoteWrite))
JP1/IM agent control base	imagent	Relay Communication Between the Integrated manager host and integrated agent host Transferring Files Between the Integrated manager host and integrated agent host Command-Execution in integrated agent host REST API proxies for services running on the Integrated manager host REST API with a small amount of data-forwarding (e.g. event-forwarding)
	imagentproxy	Relay Communication Between the Integrated manager host and integrated agent host For transferring data-intensive REST API (transferring trend data (RemoteWrite))
	imagentaction	Realize the command execution function

(a) HTTP authentication

JP1/IM agent base provides HTTP authentication (authentication by RFC 7235, HTTP authentication framework) with the following communications:

Communication	Authentication Info	Supported HTTP authentication schemes
From JP1/IM agent management bases (imagent, imagentproxy) to Between HTTP proxy server	User password registered on HTTP-Proxy server	Basic authentication

Refer to the individual Exporter description for HTTP authentication that Exporter performs.

(b) Authentication with initial secret

JP1/IM agent control base connects using initial secret when accessing JP1/IM agent management base for the first time. You should then have JP1/IM agent management base distribute agent client secret and then use the licensing credentials to access it.

JP1/IM agent control base manages initial secret and license information in secret obfuscation capabilities. For more information about secret obfuscation capabilities, see "9.5.7 Secret obfuscation function".

If you have changed initial secret after you installed JP1/IM agent control base on integrated agent host and before the first boot of JP1/IM agent control base, you must uninstall and reinstall integrated agent.

(c) Encrypted communication

This section describes encrypted communication between JP1/IM agent management base (imbase, imbaseproxy) and JP1/IM agent control base (imagent, imagentproxy).

For details on the cryptographic communication performed by Exporter, see each Exporter specifications.

■ Supported certificate files

You provide a public key certificate for use with JP1/IM agent base.

The file format of the certificate and key file to be prepared is shown below.

File	Type
CA certificate file Server certificate file	A X509 public key certificate in pkcs7 format, encoded in PEM format.
Server certificate key file	The private key in pkcs1 or pkcs8 format encoded in PEM format. Password-protected items cannot be used.

File

Type

CA certificate file
Server certificate file

A X509 public key certificate in pkcs7 format, encoded in PEM format.

Server certificate key file

The private key in pkcs1 or pkcs8 format encoded in PEM format.

Password-protected items cannot be used.

For encrypted communication, the server certificate file and server certificate key file on JP1/IM agent management base side are required. If you are verifying the server certificate, JP1/IM agent control base must have a CA certificate file.

You obtain CA certificate from authentication authority (CA: Certificate Authority). For details on how to create a server certificate file and a server certificate key file, see "JP1/Base Operation Guide".

The public key cryptographic algorithms supported by JP1/IM agent base listed in the certificate are as follows:

RSA
ECDSA
Ed25519

The signing algorithms that JP1/IM agent base supports for signed certificates are as follows:

Digital signature algorithm for the certificate	Assignment Code	Remarks
rsa_pss_rsae_sha256	0x0804	Cryptography: RSA(PSS) Hashing technology: SHA256
rsa_pss_rsae_sha384	0x0805	Cryptography: RSA(PSS) Hashing technology: SHA384
rsa_pss_rsae_sha512	0x0806	Cryptography: RSA(PSS) Hashing technology: SHA512
rsa_pkcs1_sha256	0x0401	Cryptography: RSA(PKCS1) Hashing technology: SHA256
rsa_pkcs1_sha384	0x0501	Cryptography: RSA(PKCS1) Hashing technology: SHA384
rsa_pkcs1_sha512	0x0601	Cryptography: ECDSA Hashing Technology: SHA512
ecdsa_secp256r1_sha256	0x0403	Cryptography: ECDSA Hashing Technology: SHA256
ecdsa_secp384r1_sha384	0x0503	Cryptography: ECDSA Hashing Technology: SHA384
ecdsa_secp521r1_sha512	0x0603	Cryptography: ECDSA Hashing Technology: SHA512
ed25519	0x0807	Cryptography: EdDSA Hashing Technology: SHA512

■ Supported Cipher Suites

TLS Versioning

It supports 1.2~1.3.

It does not support 1.0 and 1.1.

Cipher suite

"TLS_RSA_WITH_AES_128_CBC_SHA" (before TLS 1.2)
"TLS_RSA_WITH_AES_256_CBC_SHA" (before TLS 1.2)
"TLS_RSA_WITH_AES_128_GCM_SHA256" (TLS 1.2 only)
"TLS_RSA_WITH_AES_256_GCM_SHA384" (TLS 1.2 only)
"TLS_AES_128_GCM_SHA256" (TLS 1.3 only)
"TLS_AES_256_GCM_SHA384" (TLS 1.3 only)
"TLS_CHACHA20_POLY1305_SHA256" (TLS 1.3 only)
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA" (before TLS 1.2)
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA" (before TLS 1.2)
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA" (before TLS 1.2)
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA" (before TLS 1.2)
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" (TLS 1.2 only)
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" (TLS 1.2 only)
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" (TLS 1.2 only)
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" (TLS 1.2 only)
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY 1305_SHA256" (TLS 1.2 only)
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY 1305_SHA256" (TLS 1.2 only)

■ TLS renegotiation

Re-negotiation of encrypted communication (TLS communication) is not accepted.

(d) Log output

Outputs the log to the specified directory according to the log definition settings.

When reached to the maximum file size specified in the log definition, the log file is switched rotating within the range of the number of file sectors specified in the log definition.

The following shows how to set the log level, maximum file size, and number of file sectors.

Host	Program	Setting method
Integrated manager host	JP1/IM agent management base (imbase)	Set in log of imbase configuration file (jpc_imbase.json) ^#.
Integrated manager host	JP1/IM agent management base (imbaseproxy)	Set in log of imbaseproxy configuration file (jpc_imbaseproxy.json) ^#.
Integrated agent host	JP1/IM agent control base (imagent)	Set in log of imagent configuration file (jpc_imagent.json) ^#.
	JP1/IM agent control base (imagentproxy)	Set in log of imagentproxy configuration file (jpc_imagentproxy.json) ^#.
	JP1/IM agent control base (imagentaction)	Set in log of imagentaction configuration file (jpc_imagentaction.json) ^#.

#

For more information about configuration file, see the description of the appropriate file in the manual "JP1/Integrated Management 3 - Manager Command, Definition File, and API Reference", (2. Definition File).

Every configuration file is loaded when the process starts.

(e) Command execution function

For details about the command execution function, see (g) Command execution function in 9.5.2(3) Integrated agent Action Execution Function.

(f) Password obfuscation

Store the proxy server authentication passwords in JP1/IM agent control base definition-file obfuscated. For more information, see 9.5.7 Secret obfuscation function.

(g) Communication function

- Communication through a HTTP proxy server

JP1/IM agent base allows JP1/IM agent management base (imbase, imbaseproxy) and JP1/IM agent control base (imagent, imagentproxy) to communicate through a HTTP proxy server.

HTTP Proxy authentication supports Basic authentication only. ^#

#: HTTP proxy authentication communication is outside the scope of encryption with HTTPS (TLS) communication, so it should be connected on a trusted network between JP1/IM agent control base (imagent,imagentproxy) and HTTP proxy.

Make the following settings on HTTP proxy server so that communication from JP1/IM agent control base (imagent, imagentproxy) can be received.

User stings for HTTP proxies available for HTTP authentication from JP1/IM agent control base
Allow the Integrated manager host to Communicate to JP1/IM agent management base Communication Ports

On HTTP proxy server, if you configure 80 or 443 ports as shown below, and if imbase and imbaseproxy communication ports are not allowed, or if communication to the Integrated manager host is not allowed, you need to configure the above settings.

- IP Address for Network Binding

All JP1/IM agent base processes listen for connectivity in listening status of TCP.

By default, listen ports use the ports listed in C.1(2) Port numbers used by JP1/IM - Agent". You can change which port to use in the settings.

IP address to bind, on the other hand, gets IP address from the hostname and binds it with IP address obtained. Therefore, you cannot change IP address to be bound.

JP1/IM agent base process obtains and binds IP address in the following way:

JP1/IM agent management base process works as follows:

Standard configuration (non-cluster configuration)

Assuming that the hostname is JP1_DEFAULT, perform the steps from step 2 under "For a clustered configuration" below.

For a cluster configuration

Obtain logical host names in the following order of precedence: If not set, assume JP1_DEFAULT as a logical hostname.
- Obtain the logical host name using the program start parameter (command line option).
- Gets the specified value of environment variable JPC_HOSTNAME as a logical hostname.
Use the obtained hostname to obtain the binding method from JP1/Base common info definition.
If the binding method is ANY, bind with ANY binding.
If the binding method is IP, IP address-list is obtained program from the obtained host name (or if not obtained, the local host name is obtained from OS). Jp1hosts and jp1hosts2.conf are supported. If both are defined, jp1hosts2.conf takes precedence.
IP binding is performed with IP address of the acquired IP address list. The numbers of IP addresses to be bound follow the common information definition.

The logical hostname is specified in the jco_start.cluster parameter or in the startup parameter of Windows service.

JP1/IM agent control base process works as follows:

Standard configuration (non-cluster configuration)

Get JP1_BIND_ADDR of jpc_imagent.json, jpc_imagentproxy.json, and jpc_imagentaction.json.
If JP1_BIND_ADDR is ANY, do ANY binding
If JP1_BIND_ADDR is IP, the local hostname is obtained from OS and IP address list is obtained.
Binds with IP address of the acquired IP address list. ^#1

For a cluster configuration

Get JP1_BIND_ADDR of jpc_imagent.json, jpc_imagentproxy.json, and jpc_imagentaction.json.
If JP1_BIND_ADDR is ANY, do ANY binding.
If JP1_BIND_ADDR is IP, get the logical hostname in the program startup parameters (command line options).
Get IP address list in the program from the obtained host name.
Binds with IP address of the acquired IP address list. ^#

The logical hostname is specified in the jco_start.cluster parameter or in the startup parameter of Windows service.

#

When COM_LISTEN_ALL_ADDR of jpc_imagent.json, jpc_imagentproxy.json, or jpc_imagentaction.json is 1, IP address is bound with COM_MAX_LISTEN_NUM addresses from the beginning of the address list. Otherwise, bind with the first IP address in IP address list.

IP address to be bound is logged in the settings at integrated agent startup. For more information, see "12.2.7 (7) Configuration at Startup log " in "JP1/Integrated Management 3 - Manager Operation Guide" Manual.

- Host-name resolution

Integrated agent performs IP address-translation from the hostname as follows:

Programs running on the manager host (JP1/IM agent management base)

Find and retrieve IP address corresponding to the hostname in the following order:

Priority	Where to Refer
1	Jp1hosts2 definition file
2	Jp1hosts definition file
3	OS info (hosts files, DNS, etc.) NOTE: The precedence follows OS specifications.

Priority

Where to Refer

Jp1hosts2 definition file

Jp1hosts definition file

OS info (hosts files, DNS, etc.)

NOTE: The precedence follows OS specifications.

JP1/Base library is used for name resolution.

Programs running on agent host (JP1/IM agent control base, Prometheus server, and the other Exporter, Alertmanager, and Fluentd)

Find and retrieve IP address corresponding to the hostname from OS info (hosts file, DNS, etc.). Name resolution is done within Go library.

To Page Top

(2) Agent management function

The Integration Manager records information about integrated agent in integrated agent host managed database, including the host on which agent resides and the version and add-on program information.

Administrators can view a list of recorded integrated agent information in the [integrated agent Administration] window that can be displayed from integrated operation viewer. You can do the following:

View integrated agent info from integrated operation viewer.

If you want to know which integrated agent host system administrator manages in Intelligent Integrated Management Base and the add-on features that are available with that host, you can list integrated agent in the [integrated agent Administration] window

in integrated operation viewer. Integrated agent information is displayed by browsing integrated agent host administration database.
Instructs integrated operation viewer to remove a particular integrated agent information.

You can instruct integrated operation viewer to remove a particular integrated agent information from the [integrated agent Administration] window. Issue a JP1 event (event ID = 0007631) for agent deletion when prompted to do so.

For details on the [integrated agent Administration] window, see 2.2.1 [integrated agent list] window in the manual JP1/Integrated Management 3 - Manager GUI Reference.

To Page Top

(3) Integrated agent Action Execution Function

Integrated agent action execution function is a function that executes the following actions and returns the results of executing the actions in the instructions of functions of where the action execution request sends (JP1/IM - Manager's auto response Action, manual response Action, or definition file operation function):

Execute the command on integrated agent host.
Retrieves a list of definition files.
Get the definition-file on integrated agent host.
Deletes the definition-file on integrated agent host.
Updates the definition-file on integrated agent host.
Action execution status and execution results are saved in the ResponseAction results-management database. For details of ResponseAction results-management database, see 2.7.7 Response Action results management database in JP1/IM - Manager.

(a) Auto response Action

The following table shows the action types for auto response Action and whether actions can be executed concurrently.

Function Type	Action type	Action concurrency
Auto response Action	Command execution	No (default) / Yes

Accept Action Execution Request

If you are satisfied with the content of the action execution request, integrated agent host registered status, and integrated agent host connectivity status, you will accept the action regardless of the action max execution concurrency.

Execute action (action concurrency: No)

Actions are processed sequentially in the order in which they are accepted.

If the previously accepted action is terminated, the next accepted action is made executable.

If the previously accepted action is not finished, the later accepted action is not executed until the previous accepted action is finished executing. After the execution of the previously accepted action has finished, the action that was accepted later becomes ready for execution.

See "9.5.2(3)(e) Maximum concurrent actions" for details on executing an action that has become ready.

Execute action (action concurrency: Yes)

Parallel processing of actions is performed in the order in which the actions are accepted.

Makes the action executable in the order in which the actions are accepted. See "9.5.2(3)(e) Maximum concurrent actions" for details on executing an action that has become executable.

Unlike the executing actions not allow execute concurrently, the order in which the actions are executed is not guaranteed, because the results of the actions are returned in order, starting with the action that finished executing.

(b) Manual response Action

The following table shows the action types for manual response Action and whether actions can be executed concurrently.

Function Type	Action type	Action concurrency
Manual response Action	Command execution	Yes

Accept Action Execution Request: Same as auto response Action.
Performing Actions: This is the same as auto response Action (action concurrency: Yes).

(c) Action execution of the definition file operation function

The following table shows the action types and whether actions can be executed concurrently of the definition file manipulation facility and:

Function Type	Action type	Action concurrency
Definition file manipulation facility	Obtaining a list of definition files	Yes
	Retrieving the definition file	Not possible
	Deleting the definition file	Not possible
	Updating the definition file	Not possible

Accept Action Execution Request

Same as auto response Action.

Execute action (action concurrency: No)

This is the same as auto response Action (action concurrency: No).

For example, the action accepted later (updating the definition file) is not executed until the action accepted earlier (deleting the definition file) has finished executing. After the execution of the previously accepted action (deleting the definition file) is completed, the lately accepted action (updating the definition file) is placed in the executable state. See "9.5.2(3)(e) Maximum concurrent actions" for details on executing an action that has become executable.

Execute action (action concurrency: Yes)

This is the same as auto response Action (action concurrency: Yes).

Supplementary information

In addition to processing actions in the order they are accepted, there are no dependencies on concurrent executable and not concurrent executable actions.

(d) Changing the concurrency of actions in auto response Action

Set auto response Action concurrency (default: action concurrency: No) to integrated agent host units. To change auto response Action concurrency, in imagent configuration file (jpc_imagent.json), change auto response Action concurrency to disable (default) to Concurrency, and restart JP1/IM agent control base. For information about imagent configuration file (jpc_imagent.json), see "imagent configuration file (jpc_imagent.json) (2. Definition File)" in "JP1/Integrated Management 3 - Manager Command, Definition File, and API Reference" Manual.

Note that even if you change the action concurrency of auto response Action from concurrent execution to concurrent disabled, actions that become executable when the action concurrency is concurrent execution enabled are processed in parallel.

(e) Maximum concurrent actions

Executes an action that is in executable state, in up to the maximum number of concurrent actions. If the maximum concurrency executable actions is full, the action remains executable until the maximum concurrency executable action is free.

Sets the maximum concurrency executable action for the following per integrated agent host:

Max Concurrent of auto response Action and manual response Action
Max concurrent of the definition file operation facility

The action max concurrency for integrated agent host is the sum of the following concurrency: Note that the number of concurrent executions for an action not with a concurrency is 1.

Max Concurrent auto response Action and manual response Action

Concurrent auto response Action Command-Execution Counts
Concurrent manual response Action Command Execution Counts

Maximum concurrent actions of the definition file operation facility

Number of concurrent executions for acquiring a list of definition files for the definition file operation facility
Number of Concurrent executions of acquiring definition files for the definition file operation facility
Number of Concurrent executions of deleting definition files for the definition file operation facility
Number of Concurrent executions of updating definition files for the definition file operation facility

Action To change the max concurrency, in imagent configuration file (jpc_imagent.json), change the following settings and restart JP1/IM agent control base:

Max Concurrent auto response Action / manual response Action
Max Concurrent actions of the definition file operation facility

For information about imagent configuration file (jpc_imagent.json), see "imagent configuration file (jpc_imagent.json)" (2. Definition File) in "JP1/Integrated Management 3 - Manager Command, Definition File and API Reference" Manual.

(f) User performing the action

Here is the user who performs the action:

Action	User performing the action
Executing Commands from JP1/IM-Manager's auto response Action, or manual response Action	For each integrated agent host, set one runtime user for the command. For Windows: User-defined OS user For Linux: User-defined OS user
Actions other than the above	For Windows: SYSTEM (fixed) For Linux: root (fixed)

Action

User performing the action

Executing Commands from JP1/IM-Manager's auto response Action, or manual response Action

For each integrated agent host, set one runtime user for the command.

For Windows: User-defined OS user

For Linux: User-defined OS user

Actions other than the above

For Windows: SYSTEM (fixed)

For Linux: root (fixed)

(g) Command execution function

When the action execution function receives the "Execute command" action execution request, the command on integrated agent is executed.

- Host where the command is executed

Specify integrated agent host as the target host for executing the command.

If the specified integrated agent host is not managed by JP1/IM agent management base, an error occurs, and the command-execution-request is not accepted.

If the connection of the specified integrated agent host cannot be confirmed, an error occurs, and the command-execution-request is not accepted.

If a disconnection of integrated agent host is detected after a command execution request has been received, the action execution status of the command that has not started "execution failed", the action execution status of the executing command is unknown, and a KNBC00612-E is output to the command execution result.

- User executing the command

See 9.5.2(3)(f) User performing the action.

- Commands that can be executed

The following types of commands can be executed:

When the command-executing host is Windows

Executable file (.com,.exe)
Batch file (.bat)
JP1/Script script file (.spt) (but the association must be set so that .spt file can be executed)
A data file (such as .vbs) with a file type (extension) associated with an application that can be executed by an automated action

When the command-executing host is UNIX

UNIX Commands
Shell script

However, the following commands cannot be executed.

Commands that require interaction
Command to display the screen
Commands with escape sequences or control codes
Commands that do not terminate, such as daemons
Commands that require interaction with desktop, such as Windows messaging or DDE (for Windows)
Commands that shutdown OS, such as shutdown and halt

Note that if the command creates a child process, integrated agent will not proceed to the next process until the created child process terminates (the command execution status of integrated agent command execution function will remain running).

- How to execute commands

The command execution function of integrated agent executes the command by the following processing.

For Windows

cmd.exe /c command to execute

For UNIX

Use OS user's login shell.

The following shows a sample for login shell is /bin/sh.

/bin/sh -c command to execute

Notes

When "/sbin/false", "/bin/false", "/bin/true", "/sbin/nologin" etc. are set as the login shell, it cannot be executed normally.

Commands that cannot be executed with the "cmd.exe /c Execute Command" or "Shell -c Execute Command" cannot be executed with integrated agent command executable function.

- Environment Variables

If Environment variable file is not specified when the command is executed, the following environment variables are used:

For Windows: Windows system environment variable is used as the environment variable when the command is executed. OS profile is not loaded.
For UNIX: The environment variable of the jpc_imagentaction process is used as the environment variable when the command is executed. OS profile is not loaded.

If Environment variable file is specified when the command is executed, the environment variable set by Environment variable file is used as the environment variable when the command is executed. For Environment variable file, see "Environment variable file (any file name)" (2. definition file) in "JP1/Integrated Management 3 - Manager Command, Definition File and API Reference" manual.

If Environment variable file is specified when the command is executed, the specified Environment variable file on integrated agent host is read and set in the command execution environment variable. If Environment variable file does not exist, an error message (KNBC20032-E) is issued, and the command is not executed. If the content of the specified Environment variable file cannot be read, a warning message (KAVB2065-W) is displayed, and the command is executed. In this situation, the content of Environment variable file is not valid.

- About character codes

The character encoding for JP1/IM agent management base is UTF-8. The following character codes are supported by JP1/IM agent control base command-execution facility:

For information about changing the locale, see the manual "JP1/Integrated Management 3 - Manager Operation Guide". "2.10 Tasks to be performed when changing the locale of integrated agent host ".

OS	System locale	Character code
Windows	Japanese	SJIS
	English	C (ISO-8859-1)
	Chinese	GB18030
	Other than the above	C (ISO-8859-1)
Linux	-	UTF-8

The following must operate with the character codes listed in the table above.

Command to execute

The command to be executed must be output as standard output and standard error output using the character codes described in the above table.
Environment variable file

Environment variable file must be defined using the character codes listed in the above table.

- The result of the command

The command execution results are managed by Response Action results-management database on JP1/IM agent management base (Integrated manager host or lower manager host) that accepts the command execution request. It is not managed on JP1/IM agent control base (integrated agent host). JP1/IM agent control base outputs command execution logs (command strings and command execution results that combine the command name and command arguments) in a format that can be referenced by users. It does not provide a function to check the contents of the log file as a command execution result.

If any of the problems in 9.5.2(3)(j) Troubleshooting occur, Response Action results-management database does not manage the outcome of executing the command. Outputs to the command execution log of JP1/IM agent control base that the command execution result could not be stored in Response Action results-management database (except when JP1/IM agent control base is terminated forcibly).

(h) Definition file manipulation function

For details about the definition file manipulation function, see "3.6.5 Definition file manipulation function ".

(i) Action result saving function

Saves the execution status and execution results of the action to Response Action results-management database. For details on Response Action results-management database, see "2.7.7 Response Action results management database" in JP1/IM - Manager. For response action SID, see the section describing "response action SID" in "7. Automatic execution and manual execution of response action (JP1/IM - Agent linkage)".

■ Action common data

Table 9‒17: Action common data
Item number	Item	Description
1	Response action SID	Within Response Action results-management database, manage strings that uniquely identify actions.
2	Action acceptance date and time	Manages the date and time that JP1/IM agent management base accepted the action-request.
3	Action execution start date and time	JP1/IM agent control base manages the date and time that the action began executing.
4	Action execution end date and time	JP1/IM agent control base manages the date and time that the action finished executing.
5	Function Type	Manages the function type of the action execution request source function. Identifier for auto response Action Identifier for manual response Action Identifier of the definition file manipulation function
6	Action type	Manage action types. Identifier of the command execution Identifier of the definition file list retrieval Identifier for obtaining the definition file Identifier for deleting the definition file Identifier for the updating the definition file
7	Action execution destination host name	Manage integrated agent host that execute the action.
8	Action	Manages the contents of the action. For command execution Command string that contains the command name and command argument For acquiring a list of definition files None (blank) For acquiring a definition file None (blank) When deleting a definition file None (blank) For updating a definition file None (blank)
9	Action execution state	Manages the execution state of an action. Accepted identifier Identifier of the waiting for previous end Queuing identifier Executing identifier Identifier of the end of execution Identifier of execution failure
10	End code	Manages the exit code for an action. For command execution End code of the command / End code of the action For acquiring a list of definition files End code of the action For acquiring a definition file End code of the action For deleting a definition file End code of the action For updating the definition file End code of the action
11	Action execution request source host name	Manage the Integrated manager host name that requested you to perform the action.
12	JP1 Username	Reserved field
13	OS Username	Reserved field

■ Action details (command execution)

Table 9‒18: Action details (command execution)
Item number	Item	Description
1	Response action SID	Within Response Action results-management database, you manage strings that uniquely identify actions.
2	Environment variable file Name	Manages Environment variable file names.
3	Process ID	Process ID of the command.

■ Action details (Get list of definition files)

None

■ Action Details (Get Definition File)

None

■ Action details (delete definition file)

None

■ Action details (update definition file)

None

■ Execution result data

Table 9‒19: Execution result data
Item number	Item	Description
1	Response action SID	Within Response Action results-management database, you manage strings that uniquely identify actions.
2	Serial number	Manages message numbers.
3	Date and time the message occurred	Manage the date and time that the message was written to Response Action results-management database.
4	Message type	Manages message types. Identifier for command execution request acceptance Identifier representing the start of command execution Identifier representing the standard output / standard error output of the command Identifier representing the end of command execution Identifier for others
5	Message	Manages the messages that are output when the action is executed. For command execution Standard output / standard error output of the command or an action message For acquiring a list of definition files Action message For acquiring a definition file Action message For deleting a definition file Action message For updating the definition file Action message

(j) Troubleshooting

After receiving an action execution request from the action execution requester function, the following problems may occur in the Unified Agent action execution function. This section describes how to troubleshoot when such troubles occur.

Table 9‒20: Possible troubles
Possible troubles		System Status
Case 1	Automatic response actions occurred more than expected at the time of system design, and many unnecessary countermeasure actions accumulated.	Situation at the time of the occurrence of the rubble Many queued and ongoing corrective actions are stagnant. Situation after the trouble is resolved The stagnant response action becomes in the terminal state (execution failure from queuing, status unknown from execution), and the newly generated response action can be executed.
Case 2	The executed command process does not terminate. You accidentally ran a command that you could not execute (refer to "9.5.2(3)(g) Command execution function"), and the command did not exit while it was running. The command executed by the auto-execute action function hangs or takes longer than expected, preventing subsequent action from being executed.	Situation at the time of the occurrence of the rubble The command process is running and does not terminate (the corrective action remains in progress). Situation after the trouble is resolved The executing action becomes in the terminal state (running → execution ends) and subsequent action actions can be performed.
Case 3	A failover occurred on the cluster configuration integrated agent host (Integrated agent control base) while performing corrective actions. The JP1 event does not confirm the outage of the integrated agent control base.	Situation at the time of the occurrence of the rubble The execution action remains running. The JP1 event cannot confirm the outage of the integrated agent control base. Situation after the trouble is resolved The action will be in the terminal state (execution failure from queuing, status unknown from execution), and the newly generated response action can be executed.
Case 4	The following event or system error occurred: You have deleted the integrated agent host. The integrated agent control base has stopped. Network connectivity from the integrated agent control base to the integrated agent management base (network error).	Situation at the time of the occurrence of the rubble The response action is in the end state (queueing to execution failure, execution to unknown state). Situation after the trouble is resolved You will be available to perform new response actions.
Case 5	The following system error occurred: Only the integrated agent control base imagentaction service has stopped. The integrated agent control base's imagaction service is no longer able to connect to the imagent service (network error).	Situation at the time of the occurrence of the rubble The response action remains queued and running. Situation after the trouble is resolved The response action is in the end state (queueing to execution failure, execution from execution to unknown state), and the newly occurred response action can be executed.
Case 6	The following system error occurred while performing the response action: Integrated agent management base (JP1/IM - Manager) has stopped. The Intelligent integrated management base has stopped.	Situation at the time of the occurrence of the rubble The response action will remain in progress. Situation after the trouble is resolved After starting the integrated agent management base (JP1/IM - Manager), when the connection of the integrated agent control base can be confirmed, and the operation of the response action cannot be confirmed, the response action becomes an end state (the state is unknown from the execution) and subsequent response action can be executed. When the response action is in operation, it remains running. After starting the integrated agent management base (JP1/IM - Manager), if the integrated agent management base cannot confirm the connection of the integrated agent control base, the response action becomes an end state (failed execution from queuing, state unknown from execution), and new response actions can be performed.

Describes the expected trouble and what to do with the user. In dealing with the user, it is necessary to check the status of the command process on the integration agent host to determine whether to rerun the command (response action) after the trouble is resolved.

- Case 1

Description

Users deal with problems by stopping the integrated agent control base on the integrated agent host.

When the integrated agent control base is stopped, the integrated agent management base detects the suspension of the integrated agent control base, and the execution state of the response action transitions as follows.

Transitions from running to state unknown.
Transitions from queuing to execution failure.

When the integrated agent control base is stopped, the execution state of CMD.EXE and running commands in Windows and shells in UNIX may remain running. In that case, wait for the process to terminate naturally, or kill the process manually.

User response

On the [Response action results] screen of the integrated operation viewer, narrow down the queueing and running actions to identify the integrated agent host that is in trouble.
Log in to the integrated agent host and stop the integrated agent control base.
On the [Response action results] screen of the integrated operation viewer, check the PID of the action that is running but not known.
Check the step 3. PID process on the integrated agent host and wait for the process to terminate naturally, or kill the process manually.
Launch the integrated agent control base on the integrated agent host.

- Case 2

Description

Deal with the problem by manually terminating the command process. When you kill a command process, the execution state of the response action transitions to the end of execution.

User response

On the [Response action results] screen of the integrated operations viewer, check the PID of the command process that does not terminate.
Log in to the integrated agent host and kill the command process for the PID of step 1.

- Case 3

Description

When a failover occurs on an integrated agent host (integrated agent control base) in a cluster configuration for reasons such as power down, the integrated agent management base cannot detect the outage of the integrated agent control base, and if the integrated agent control base is activated, the execution state of the response action remains in progress.

#: The JP1 event cannot confirm the outage of the integrated agent control base.

Users deal with problems by stopping the integrated agent control base on the integrated agent host.

User response

On the [Response action results] screen of the integrated operations viewer, narrow down the actions that are in progress to identify the integration agent host that is in trouble.
Log in to the integrated agent host and stop the integrated agent control base.
Launch the integrated agent control base on the integration agent host.

- Case 4

Description

When the integrated agent management base detects the deletion of the integrated agent host and the disconnection of the integrated agent host (integrated agent control base), the execution state of the response action transitions as follows.

Transitions from running to state unknown.
Transitions from queuing to execution failure.

In the case of Windows, CMD.EXE and running commands, in UNIX, the execution state of the shell and running commands may remain running. In that case, wait for the process to terminate naturally, or kill the process manually.

User response

On the [Response action results] screen of the Integrated Operations Viewer, narrow down the execution failure, execution, and unknown state actions to identify the integrated agent host that is in trouble.
Address system errors

In the case of a network error, we will deal with it so that the network can be connected from the integrated agent control base to the integrated agent management base.
If you log in to the integrated agent host and the integrated agent control base is not stopped, stop the integrated agent control base.
On the [Response action results] screen of the Integrated Operations Viewer, check the PID of the action that is running but not known.
Check the step 4. PID process on the integrated agent host and wait for the process to terminate naturally or kill the process manually.
Launch the integrated agent control base on the integrated agent host.

- Case 5

Description

If only the imagenaction service is stopped or a network error occurs in the imagenaction service, the execution state of the response action remains queued and running.

Users deal with problems by stopping the integrated agent control base on the integrated agent host.

Transitions from running to state unknown.
Transitions from queuing to execution failure.

User response

On the [Response action results] screen of the Integrated Operations Viewer, narrow down the queueing and running actions to identify the integrated agent host that is in trouble.
Address system errors

In the case of a network error, we will deal with the integration agent control infrastructure so that the imagaction service can connect to the imagent service.
If you log in to the integrated agent host and the integrated agent control base is not stopped, stop the integrated agent control base.
On the [Response action results] screen of the Integrated Operations Viewer, check the PID of the action that is running but not known.
Check the step 4. PID process on the integrated agent host and wait for the process to terminate naturally or kill the process manually.
Launch the integrated agent control base on the integrated agent host.

- Case 6

Description

If you stop the Intelligent Integration Management database or the Integrated Agent Management base (JP1/IM - Manager) while the action is running, the execution state of the response action remains in progress.

Address the problem by starting the Integrated Agent Management base (JP1/IM - Manager).

After the system starts the integrated agent management base, it confirms the connection of the integrated agent control base and transitions the execution state of the response action according to the connection status.

When the integrated agent management base can confirm the connection of the integrated agent control base, the operation status of the action is inquired to the integrated agent control base for the action that is left running, and when the response action is not working, the execution state of the response action transitions as follows. When the response action is in operation, it remains running.

Transitions from running to state unknown.

When the integrated agent management base cannot confirm the connection of the integrated agent control base, the execution state of the response action transitions as follows.

Transitions from running to state unknown.
Transitions from queuing to execution failure.

User response

If the Intelligent Integration Management database is stopped, start the Intelligent Integration Management database.
Start JP1/IM - Manager
On the [Response action results] screen of the Integrated Operations Viewer, narrow down the actions that fail to execute, are running, and are not known, and identify the integrated agent host.
On the [Response action results] screen of the Integrated Operations Viewer, check the PID of the action that is running but not known.
Log in to the integration agent host, check the process with the PID of step 4., wait for the process to terminate naturally, or kill the process manually.

(k) Planning outage of the integrated agent control base

Here is the flow of planned outages for the integrated agent control base:

Define the planned down-to-plan integrated agent control base (integrated agent host) in the common exclusion conditions of JP1/IM -Manager to prevent response actions from being performed automatically.
Verify that there are no actions being taken on the planned down integration agent control base (integrated agent host). If there is an action that has already been introduced, wait for the action to finish.
Plan and stop the integrated agent control base.

To Page Top