3.15.7 JP1/IM agent base

JP1/IM agent base manages agent, delegates communication between the Integrated manager host and integrated agent host, executes commands, and so on.

JP1/IM agent base consists of modules that run on the Integrated Manager host included with JP1/IM - Manager and modules that run on integrated agent host provided as a JP1/IM - Agent.

Organization of this subsection

(1) Common capabilities

JP1/IM agent base is built into the Integrated manager host and integrated agent host and can send integrated agent host operational information to the Integrated manager host or execute commands on integrated agent host at the direction of the Integrated manager host.

JP1/IM agent base running on the Integrated manager host side is called "JP1/IM agent management base". JP1/IM agent base running on integrated agent is called "JP1/IM agent control base".

JP1/IM agent base's common functions provides the following features that are commonly used by JP1/IM agent base functions (such as command-execution and agent administration):

HTTP authentication (Communicating and authentication with Intelligent Integrated Management Base and JP1/IM agent control base on the Integrated manager host)
Cryptographic communication (TLS)
Log output of Programs That Configure JP1/IM agent base
Command execution function

The following are JP1/IM agent base process names and roles:

Base name	Process name	Role
JP1/IM agent management base	imbase	Managing the Enrollment agent Relay Communication Between the Integrated manager host and integrated agent host Transferring Files Between the Integrated manager host and integrated agent host REST API with a small amount of data-forwarding (e.g. event-forwarding)
JP1/IM agent management base	imbaseproxy	Relay Communication Between the Integrated manager host and integrated agent host For transferring data-intensive REST API (transferring trend data (RemoteWrite))
JP1/IM agent control base	imagent	Relay Communication Between the Integrated manager host and integrated agent host Transferring Files Between the Integrated manager host and integrated agent host Command-Execution in integrated agent host REST API proxies for services running on the Integrated manager host REST API with a small amount of data-forwarding (e.g. event-forwarding)
	imagentproxy	Relay Communication Between the Integrated manager host and integrated agent host For transferring data-intensive REST API (transferring trend data (RemoteWrite))
	imagentaction	Realize the command execution function

(a) HTTP authentication

JP1/IM agent base provides HTTP authentication (authentication by RFC 7235, HTTP authentication framework) with the following communications:

Communication	Authentication Info	Supported HTTP authentication schemes
From JP1/IM agent management bases (imagent, imagentproxy) to Between HTTP proxy server	User password registered on HTTP-Proxy server	Basic authentication

Refer to the individual Exporter description for HTTP authentication that Exporter performs.

(b) Authentication with initial secret

JP1/IM agent control base connects using initial secret when accessing JP1/IM agent management base for the first time. You should then have JP1/IM agent management base distribute agent client secret and then use the licensing credentials to access it.

JP1/IM agent control base manages initial secret and license information in secret obfuscation capabilities. For details about secret obfuscation capabilities, see 3.15.10 Secret obfuscation function.

In addition, if you have changed initial secret after you installed JP1/IM agent control base on integrated agent host and before the first boot of JP1/IM agent control base, you must either update initial secret registered with integrated agent or uninstall and reinstall integrated agent. For details about updating initial secret registered in integrated agent, see step 4 in 1.21.2(2)(a) Change Integrated manager to connect to (for Windows) (optional) in the JP1/Integrated Management 3 - Manager Configuration Guide.

(c) Encrypted communication

This section describes encrypted communication between JP1/IM agent management base (imbase, imbaseproxy) and JP1/IM agent control base (imagent, imagentproxy).

For details on the cryptographic communication performed by Exporter, see each Exporter specifications.

■ Supported certificate files

You provide a public key certificate for use with JP1/IM agent base.

The file format of the certificate and key file to be prepared is shown below.

File	Type
CA certificate file Server certificate file	A X509 public key certificate in pkcs7 format, encoded in PEM format.
Server certificate key file	The private key in pkcs1 or pkcs8 format encoded in PEM format. Password-protected items cannot be used.

File

Type

CA certificate file
Server certificate file

A X509 public key certificate in pkcs7 format, encoded in PEM format.

Server certificate key file

The private key in pkcs1 or pkcs8 format encoded in PEM format.

Password-protected items cannot be used.

For encrypted communication, the server certificate file and server certificate key file on JP1/IM agent management base side are required. If you are verifying the server certificate, JP1/IM agent control base must have a CA certificate file.

You obtain CA certificate from authentication authority (CA: Certificate Authority). For details on how to create a server certificate file and a server certificate key file, see the JP1/Base User's Guide.

The public key cryptographic algorithms supported by JP1/IM agent base listed in the certificate are as follows:

RSA
ECDSA
Ed25519

The signing algorithms that JP1/IM agent base supports for signed certificates are as follows:

Digital signature algorithm for the certificate	Assignment Code	Remarks
rsa_pss_rsae_sha256	0x0804	Cryptography: RSA(PSS) Hashing technology: SHA256
rsa_pss_rsae_sha384	0x0805	Cryptography: RSA(PSS) Hashing technology: SHA384
rsa_pss_rsae_sha512	0x0806	Cryptography: RSA(PSS) Hashing technology: SHA512
rsa_pkcs1_sha256	0x0401	Cryptography: RSA(PKCS1) Hashing technology: SHA256
rsa_pkcs1_sha384	0x0501	Cryptography: RSA(PKCS1) Hashing technology: SHA384
rsa_pkcs1_sha512	0x0601	Cryptography: ECDSA Hashing Technology: SHA512
ecdsa_secp256r1_sha256	0x0403	Cryptography: ECDSA Hashing Technology: SHA256
ecdsa_secp384r1_sha384	0x0503	Cryptography: ECDSA Hashing Technology: SHA384
ecdsa_secp521r1_sha512	0x0603	Cryptography: ECDSA Hashing Technology: SHA512
ed25519	0x0807	Cryptography: EdDSA Hashing Technology: SHA512

Server authentication cannot be performed using certificates that the host name is not listed in the Subject Alternative Name field.

■ Supported Cipher Suites

TLS Versioning

It supports 1.2~1.3.

It does not support 1.0 and 1.1.

Cipher suite

"TLS_AES_128_GCM_SHA256" (TLS 1.3 only)
"TLS_AES_256_GCM_SHA384" (TLS 1.3 only)
"TLS_CHACHA20_POLY1305_SHA256" (TLS 1.3 only)
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA" (before TLS 1.2)
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA" (before TLS 1.2)
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA" (before TLS 1.2)
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA" (before TLS 1.2)
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" (TLS 1.2 only)
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" (TLS 1.2 only)
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" (TLS 1.2 only)
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" (TLS 1.2 only)
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY 1305_SHA256" (TLS 1.2 only)
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY 1305_SHA256" (TLS 1.2 only)

■ TLS renegotiation

Re-negotiation of encrypted communication (TLS communication) is not accepted.

(d) Log output

Outputs the log to the specified directory according to the log definition settings.

When reached to the maximum file size specified in the log definition, the log file is switched rotating within the range of the number of file sectors specified in the log definition.

The following shows how to set the log level, maximum file size, and number of file sectors.

Host	Program	Setting method
Integrated manager host	JP1/IM agent management base (imbase)	Set in log of imbase configuration file (jpc_imbase.json) ^#.
Integrated manager host	JP1/IM agent management base (imbaseproxy)	Set in log of imbaseproxy configuration file (jpc_imbaseproxy.json) ^#.
Integrated agent host	JP1/IM agent control base (imagent)	Set in log of imagent configuration file (jpc_imagent.json) ^#.
	JP1/IM agent control base (imagentproxy)	Set in log of imagentproxy configuration file (jpc_imagentproxy.json) ^#.
	JP1/IM agent control base (imagentaction)	Set in log of imagentaction configuration file (jpc_imagentaction.json) ^#.

#

For details about configuration file, see the description of the appropriate file in Chapter 2. Definition Files in the JP1/Integrated Management 3 - Manager Command, Definition File and API Reference.

Every configuration file is loaded when the process starts.

(e) Command execution function

For details about the command execution function, see 3.15.7(3)(g) Command execution function in 3.15.7(3) Integrated agent Action Execution Function.

(f) Password obfuscation

Store the proxy server authentication passwords in JP1/IM agent control base definition-file obfuscated. For details, see 3.15.10 Secret obfuscation function.

(g) Communication function

- Communication through a HTTP proxy server

JP1/IM agent base allows JP1/IM agent management base (imbase, imbaseproxy) and JP1/IM agent control base (imagent, imagentproxy) to communicate through a HTTP proxy server.

HTTP Proxy authentication supports Basic authentication only. ^#

#: HTTP proxy authentication communication is outside the scope of encryption with HTTPS (TLS) communication, so it should be connected on a trusted network between JP1/IM agent control base (imagent,imagentproxy) and HTTP proxy.

Make the following settings on HTTP proxy server so that communication from JP1/IM agent control base (imagent, imagentproxy) can be received.

User stings for HTTP proxies available for HTTP authentication from JP1/IM agent control base
Allow the Integrated manager host to Communicate to JP1/IM agent management base Communication Ports

On HTTP proxy server, if you configure 80 or 443 ports as shown below, and if imbase and imbaseproxy communication ports are not allowed, or if communication to the Integrated manager host is not allowed, you need to configure the above settings.

- IP Address for Network Binding

All JP1/IM agent base processes listen for connectivity in listening status of TCP.

By default, listen ports use the ports listed in C.1(2) Port numbers used by JP1/IM - Agent". You can change which port to use in the settings.

IP address to bind, on the other hand, gets IP address from the hostname and binds it with IP address obtained. Therefore, you cannot change IP address to be bound.

JP1/IM agent base process obtains and binds IP address in the following way:

JP1/IM agent management base process works as follows:

Standard configuration (non-cluster configuration)

Assuming that the hostname is JP1_DEFAULT, perform the steps from step 2 under "For a clustered configuration" below.

For a cluster configuration

Obtain logical host names in the following order of precedence: If not set, assume JP1_DEFAULT as a logical hostname.
- Obtain the logical host name using the program start parameter (command line option).
- Gets the specified value of environment variable JPC_HOSTNAME as a logical hostname.
Use the obtained hostname to obtain the binding method from JP1/Base common info definition.
If the binding method is ANY, bind with ANY binding.
If the binding method is IP, IP address-list is obtained program from the obtained host name (or if not obtained, the local host name is obtained from OS). jp1hosts and jp1hosts2.conf are supported. If both are defined, jp1hosts2.conf takes precedence.
IP binding is performed with IP address of the acquired IP address list. The numbers of IP addresses to be bound follow the common information definition.

The logical hostname is specified in the jco_start.cluster parameter or in the startup parameter of Windows service.

JP1/IM agent control base process works as follows:

Standard configuration (non-cluster configuration)

Get JP1_BIND_ADDR of jpc_imagent.json, jpc_imagentproxy.json, and jpc_imagentaction.json.
If JP1_BIND_ADDR is ANY, do ANY binding
If JP1_BIND_ADDR is IP, the local hostname is obtained from OS and IP address list is obtained.
Binds with IP address of the acquired IP address list. ^#1

For a cluster configuration

Get JP1_BIND_ADDR of jpc_imagent.json, jpc_imagentproxy.json, and jpc_imagentaction.json.
If JP1_BIND_ADDR is ANY, do ANY binding.
If JP1_BIND_ADDR is IP, get the logical hostname in the program startup parameters (command line options).
Get IP address list in the program from the obtained host name.
Binds with IP address of the acquired IP address list. ^#

The logical hostname is specified in the jco_start.cluster parameter or in the startup parameter of Windows service.

#

When COM_LISTEN_ALL_ADDR of jpc_imagent.json, jpc_imagentproxy.json, or jpc_imagentaction.json is 1, IP address is bound with COM_MAX_LISTEN_NUM addresses from the beginning of the address list. Otherwise, bind with the first IP address in IP address list.

IP address to be bound is logged in the settings at integrated agent startup. For details, see 12.2.2(7)(b) Log of setting values at startup in the JP1/Integrated Management 3 - Manager Administration Guide.

- Host-name resolution

Integrated agent performs IP address-translation from the hostname as follows:

Programs running on the manager host (JP1/IM agent management base)

Find and retrieve IP address corresponding to the hostname in the following order:

Priority	Where to Refer
1	jp1hosts2 definition file
2	jp1hosts definition file
3	OS info (hosts files, DNS, etc.) NOTE: The precedence follows OS specifications.

Priority

Where to Refer

jp1hosts2 definition file

jp1hosts definition file

OS info (hosts files, DNS, etc.)

NOTE: The precedence follows OS specifications.

JP1/Base library is used for name resolution.

Programs running on agent host (JP1/IM agent control base, Prometheus server, and the other Exporter, Alertmanager, and Fluentd)

Find and retrieve IP address corresponding to the hostname from OS info (hosts file, DNS, etc.). Name resolution is done within Go library.

To Page Top

(2) Agent management function

The Integration Manager records information about integrated agent in integrated agent host managed database, including the host on which agent resides and the version and add-on program information.

Administrators can view a list of recorded integrated agent information in the List of Integrated Agents window that can be displayed from integrated operation viewer. You can do the following:

View integrated agent info from integrated operation viewer.

If you want to know which integrated agent host system administrator manages in Intelligent Integrated Management Base and the add-on features that are available with that host, you can list integrated agent in the List of Integrated Agents window

in integrated operation viewer. Integrated agent information is displayed by browsing integrated agent host administration database.
Instructs integrated operation viewer to remove a particular integrated agent information.

You can instruct integrated operation viewer to remove a particular integrated agent information from the List of Integrated Agents window. Issue a JP1 event (event ID = 0007631) for agent deletion when prompted to do so.

For details on the List of Integrated Agents window, see 2.2.1 List of Integrated Agents window in the JP1/Integrated Management 3 - Manager GUI Reference.

To Page Top

(3) Integrated agent Action Execution Function

Integrated agent action execution function is a function that executes the following actions and returns the results of executing the actions in the instructions of functions of where the action execution request sends (JP1/IM - Manager's auto response Action, manual response Action, or definition file manipulation function):

Execute the command on integrated agent host.
Retrieves a list of definition files.
Get the definition-file on integrated agent host.
Deletes the definition-file on integrated agent host.
Updates the definition-file on integrated agent host.
Action execution status and execution results are saved in the ResponseAction results-management database. For details of ResponseAction results-management database, see 2.7.7 Response Action results management database in JP1/IM - Manager.

(a) Auto response Action

The following table shows the action types for auto response Action and whether actions can be executed concurrently.

Function Type	Action type	Action concurrency
Auto response Action	Command execution	No (default) / Yes

Accept Action Execution Request

If you are satisfied with the content of the action execution request, integrated agent host registered status, and integrated agent host connectivity status, you will accept the action regardless of the action max execution concurrency.

Execute action (action concurrency: No)

Actions are processed sequentially in the order in which they are accepted.

If the previously accepted action is terminated, the next accepted action is made executable.

If the previously accepted action is not finished, the later accepted action is not executed until the previous accepted action is finished executing. After the execution of the previously accepted action has finished, the action that was accepted later becomes ready for execution.

See 3.15.7(3)(e) Maximum concurrent actions for details on executing an action that has become ready.

Execute action (action concurrency: Yes)

Parallel processing of actions is performed in the order in which the actions are accepted.

Makes the action executable in the order in which the actions are accepted. See 3.15.7(3)(e) Maximum concurrent actions for details on executing an action that has become executable.

Unlike the executing actions not allow execute concurrently, the order in which the actions are executed is not guaranteed, because the results of the actions are returned in order, starting with the action that finished executing.

(b) Manual response Action

The following table shows the action types for manual response Action and whether actions can be executed concurrently.

Function Type	Action type	Action concurrency
Manual response Action	Command execution	Yes

Accept Action Execution Request: Same as auto response Action.
Performing Actions: This is the same as auto response Action (action concurrency: Yes).

(c) Action execution of the definition file manipulation function

The following table shows the action types and whether actions can be executed concurrently of the definition file manipulation function and:

Function Type	Action type	Action concurrency
Definition file manipulation function	Obtaining a list of definition files	Yes
	Retrieving the definition file	Not possible
	Deleting the definition file	Not possible
	Updating the definition file	Not possible

Accept Action Execution Request

Same as auto response Action.

Execute action (action concurrency: No)

This is the same as auto response Action (action concurrency: No).

For example, the action accepted later (updating the definition file) is not executed until the action accepted earlier (deleting the definition file) has finished executing. After the execution of the previously accepted action (deleting the definition file) is completed, the lately accepted action (updating the definition file) is placed in the executable state. See 3.15.7(3)(e) Maximum concurrent actions for details on executing an action that has become executable.

Execute action (action concurrency: Yes)

This is the same as auto response Action (action concurrency: Yes).

Supplementary information

In addition to processing actions in the order they are accepted, there are no dependencies on concurrent executable and not concurrent executable actions.

(d) Changing the concurrency of actions in auto response Action

Set auto response Action concurrency (default: action concurrency: No) to integrated agent host units. To change auto response Action concurrency, in imagent configuration file (jpc_imagent.json), change auto response Action concurrency to disable (default) to Concurrency, and restart JP1/IM agent control base. For details about imagent configuration file (jpc_imagent.json), see imagent configuration file (jpc_imagent.json) in Chapter 2. Definition Files in the JP1/Integrated Management 3 - Manager Command, Definition File and API Reference.

Note that even if you change the action concurrency of auto response Action from concurrent execution to concurrent disabled, actions that become executable when the action concurrency is concurrent execution enabled are processed in parallel.

(e) Maximum concurrent actions

Executes an action that is in executable state, in up to the maximum number of concurrent actions. If the maximum concurrency executable actions is full, the action remains executable until the maximum concurrency executable action is free.

Sets the maximum concurrency executable action for the following per integrated agent host:

Max Concurrent of auto response Action and manual response Action
Max concurrent of the definition file manipulation function

The action max concurrency for integrated agent host is the sum of the following concurrency: Note that the number of concurrent executions for an action not with a concurrency is 1.

Max Concurrent auto response Action and manual response Action

Concurrent auto response Action Command-Execution Counts
Concurrent manual response Action Command Execution Counts

Maximum concurrent actions of the definition file manipulation function

Number of concurrent executions for acquiring a list of definition files for the definition file manipulation function
Number of Concurrent executions of acquiring definition files for the definition file manipulation function
Number of Concurrent executions of deleting definition files for the definition file manipulation function
Number of Concurrent executions of updating definition files for the definition file manipulation function

Action To change the max concurrency, in imagent configuration file (jpc_imagent.json), change the following settings and restart JP1/IM agent control base:

Max Concurrent auto response Action / manual response Action
Max Concurrent actions of the definition file manipulation function

For details about imagent configuration file (jpc_imagent.json), see imagent configuration file (jpc_imagent.json) in Chapter 2. Definition Files in the JP1/Integrated Management 3 - Manager Command, Definition File and API Reference.

(f) User performing the action

Here is the user who performs the action:

Action	User performing the action
Executing Commands from JP1/IM - Manager's auto response Action, or manual response Action	For each integrated agent host, one user that executes command can be defined. Set it on the imagent configuration file (jpc_imagent.json) in each integrated agent host. For Windows: Set user name, domain name, and password. The password is registered using the `jimasecret` command. The defined user is must be able to be signed in. The home directory of the defined user has to exist. (The home directory is created once you sign in to Windows.) Allow log on locally security policy setting for the defined user is necessary. For Linux: Set user name and shell. The defined user is must be able to be signed in. The home directory of the defined user has to exist.
Actions other than the above	For Windows: SYSTEM (fixed) For Linux: root (fixed)

Action

User performing the action

Executing Commands from JP1/IM - Manager's auto response Action, or manual response Action

For each integrated agent host, one user that executes command can be defined. Set it on the imagent configuration file (jpc_imagent.json) in each integrated agent host.

For Windows:

Set user name, domain name, and password.
The password is registered using the jimasecret command.
The defined user is must be able to be signed in.
The home directory of the defined user has to exist. (The home directory is created once you sign in to Windows.)
Allow log on locally security policy setting for the defined user is necessary.

For Linux:

Set user name and shell.
The defined user is must be able to be signed in.
The home directory of the defined user has to exist.

Actions other than the above

For Windows: SYSTEM (fixed)

For Linux: root (fixed)

(g) Command execution function

When the action execution function receives the "Execute command" action execution request, the command on integrated agent is executed.

- Host where the command is executed

Specify integrated agent host as the target host for executing the command.

If the specified integrated agent host is not managed by JP1/IM agent management base, an error occurs, and the command-execution-request is not accepted.

If the connection of the specified integrated agent host cannot be confirmed, an error occurs, and the command-execution-request is not accepted.

If disconnection or deletion of integration agent host is detected after a command execution request has been received, the action execution status of the command that has not started is "execution failed", and a KNBC00612-E is output to the command execution result, the action execution status of the running command is unknown, and a KNBC00625-E is output to the command execution result.

- User executing the command

See 3.15.7(3)(f) User performing the action.

- Commands that can be executed

The following types of commands can be executed:

When the command-executing host is Windows

Executable file (.com,.exe)
Batch file (.bat)
JP1/Script script file (.spt) (but the association must be set so that .spt file can be executed)
A data file (such as .vbs) with a file type (extension) associated with an application that can be executed by an automated action
In the Japanese environment, a command that outputs the contents of the standard output or standard error output of the command in ShiftJIS character code.
In the Chinese environment, a command that outputs the contents of the standard output or standard error output of the command in GB18030 character code.

When the command-executing host is UNIX

UNIX Commands
Shell script

However, the following commands cannot be executed.

Commands that require interaction
Command to display the screen
Commands with escape sequences or control codes
Commands that do not terminate, such as daemons
Commands that require interaction with desktop, such as Windows messaging or DDE (for Windows)
Commands that shutdown OS, such as shutdown and halt

If the command that creates a child process is executed, the action execution become terminated no matter whether the child process terminated or nots.

- How to execute commands

The command execution function of integrated agent executes the command by the following processing.

For Windows

cmd.exe /c command to execute

For UNIX

Use OS user's login shell.

The following shows a sample for login shell is /bin/sh.

/bin/sh -c command to execute

Notes

When "/sbin/false", "/bin/false", "/bin/true", "/sbin/nologin" etc. are set as the login shell, it cannot be executed normally.

Commands that cannot be executed with the "cmd.exe /c Execute Command" or "Shell -c Execute Command" cannot be executed with integrated agent command executable function.

The current directory is home directory of executing user.

- Environment Variables

If Environment variable file is not specified when the command is executed, the following environment variables are used:

For Windows: Windows system environment variable is used as the environment variable when the command is executed. OS profile is not loaded.
For UNIX: The environment variable of the imagent process is used as the environment variable when the command is executed. OS profile is not loaded.

If Environment variable file is specified when the command is executed, the environment variable set by Environment variable file is used as the environment variable when the command is executed. For the environment variable file, see Environment variable file (any file name) in Chapter 2. Definition Files in the JP1/Integrated Management 3 - Manager Command, Definition File and API Reference.

If Environment variable file is specified when the command is executed, the specified Environment variable file on integrated agent host is read and set in the command execution environment variable. If Environment variable file does not exist, an error message (KNBC20032-E) is issued, and the command is not executed. If the content of the specified Environment variable file cannot be read, a warning message (KAVB2065-W) is displayed, and the command is executed. In this situation, the content of Environment variable file is not valid.

- About character codes

The character encoding for JP1/IM agent management base is UTF-8. The following character codes are supported by JP1/IM agent control base command-execution facility:

For details about changing the locale, see 2.10 Tasks to be performed when changing the locale of integrated agent host in the JP1/Integrated Management 3 - Manager Administration Guide.

OS	System locale	Character code
Windows	Japanese	SJIS
	English	C (ISO-8859-1)
	Chinese	GB18030
	Other than the above	C (ISO-8859-1)
Linux	-	UTF-8

The following must operate with the character codes listed in the table above.

Command to execute

The command to be executed must be output as standard output and standard error output using the character codes described in the above table.
Environment variable file

Environment variable file must be defined using the character codes listed in the above table.

- The result of the command

The command execution results are managed by Response Action results-management database on JP1/IM agent management base (Integrated manager host or lower manager host) that accepts the command execution request. It is not managed on JP1/IM agent control base (integrated agent host). JP1/IM agent control base outputs command execution logs (command strings and command execution results that combine the command name and command arguments) in a format that can be referenced by users. It does not provide a function to check the contents of the log file as a command execution result.

If any of the problems in 3.15.7(3)(j) Troubleshooting occur, Response Action results-management database does not manage the outcome of executing the command. Outputs to the command execution log of JP1/IM agent control base that the command execution result could not be stored in Response Action results-management database (except when JP1/IM agent control base is terminated forcibly).

- Handling of the running command when the imagent service terminated

When imagent service terminated when a command process is executing action, the force termination of the command process is attempted to.

Even if the force termination failed, it is not retried.

(h) Definition file manipulation function

For details about the definition file manipulation function, see 3.6.5 Definition file manipulation function.

(i) Action result saving function

Saves the execution status and execution results of the action to Response Action results-management database. For details on Response Action results-management database, see 2.7.7 Response Action results management database in JP1/IM - Manager. For response action SID, see the section describing "response action SID" in 7. Automatic execution and manual execution of response action (JP1/IM - Agent linkage).

■ Action common data

Table 3‒54: Action common data
Item number	Item	Description
1	Response action SID	Within Response Action results-management database, manage strings that uniquely identify actions.
2	Action acceptance date and time	Manages the date and time that JP1/IM agent management base accepted the action-request.
3	Action execution start date and time	JP1/IM agent control base manages the date and time that the action began executing.
4	Action execution end date and time	JP1/IM agent control base manages the date and time that the action finished executing.
5	Function Type	Manages the function type of the action execution request source function. Identifier for auto response Action Identifier for manual response Action Identifier of the definition file manipulation function
6	Action type	Manage action types. Identifier of the command execution Identifier of the definition file list retrieval Identifier for obtaining the definition file Identifier for deleting the definition file Identifier for the updating the definition file
7	Action execution destination host name	Manage integrated agent host that execute the action.
8	Action	Manages the contents of the action. For command execution Command string that contains the command name and command argument For acquiring a list of definition files None (blank) For acquiring a definition file None (blank) When deleting a definition file None (blank) For updating a definition file None (blank)
9	Action execution state	Manages the execution state of an action. Accepted identifier Identifier of the waiting for previous end Queuing identifier Executing identifier Identifier of the end of execution Identifier of execution failure
10	End code	Manages the exit code for an action. For command execution End code of the command / End code of the action For acquiring a list of definition files End code of the action For acquiring a definition file End code of the action For deleting a definition file End code of the action For updating the definition file End code of the action
11	Action execution request source host name	Manage the Integrated manager host name that requested you to perform the action.
12	JP1 Username	Reserved field
13	OS Username	Reserved field

■ Action details (command execution)

Table 3‒55: Action details (command execution)
Item number	Item	Description
1	Response action SID	Within Response Action results-management database, you manage strings that uniquely identify actions.
2	Environment variable file Name	Manages Environment variable file names.
3	Process ID	Process ID of the command.

■ Action details (Get list of definition files)

None

■ Action Details (Get Definition File)

None

■ Action details (delete definition file)

None

■ Action details (update definition file)

None

■ Execution result data

Table 3‒56: Execution result data
Item number	Item	Description
1	Response action SID	Within Response Action results-management database, you manage strings that uniquely identify actions.
2	Serial number	Manages message numbers.
3	Date and time the message occurred	Manage the date and time that the message was written to Response Action results-management database.
4	Message type	Manages message types. Identifier for command execution request acceptance Identifier representing the start of command execution Identifier representing the standard output / standard error output of the command Identifier representing the end of command execution Identifier for others
5	Message	Manages the messages that are output when the action is executed. For command execution Standard output / standard error output of the command or an action message For acquiring a list of definition files Action message For acquiring a definition file Action message For deleting a definition file Action message For updating the definition file Action message

(j) Troubleshooting

After receiving an action execution request from the action execution requester function, the following problems may occur in the Unified Agent action execution function. This section describes how to troubleshoot when such troubles occur.

Table 3‒57: Possible troubles
Possible troubles		System Status
Case 1	Automatic response actions occurred more than expected at the time of system design, and many unnecessary countermeasure actions accumulated.	Situation at the time of the occurrence of the rubble Many queued and ongoing corrective actions are stagnant. Situation after the trouble is resolved The stagnant response action becomes in the terminal state (execution failure from queuing, status unknown from execution), and the newly generated response action can be executed.
Case 2	The executed command process does not terminate. You accidentally ran a command that you could not execute (see 3.15.7(3)(g) Command execution function), and the command did not exit while it was running. The command executed by the auto-execute action function hangs or takes longer than expected, preventing subsequent action from being executed.	Situation at the time of the occurrence of the rubble The command process is running and does not terminate (the corrective action remains in progress). Situation after the trouble is resolved The executing action becomes in the terminal state (running → execution ends) and subsequent action actions can be performed.
Case 3	A failover occurred on the cluster configuration integrated agent host (Integrated agent control base) while performing corrective actions. The JP1 event does not confirm the outage of the integrated agent control base.	Situation at the time of the occurrence of the rubble The execution action remains running. The JP1 event cannot confirm the outage of the integrated agent control base. Situation after the trouble is resolved The action will be in the terminal state (execution failure from queuing, status unknown from execution), and the newly generated response action can be executed.
Case 4	The following event or system error occurred: You have deleted the integrated agent host. The integrated agent control base has stopped. Network connectivity from the integrated agent control base to the integrated agent management base (network error).	Situation at the time of the occurrence of the rubble The response action is in the end state (queueing to execution failure, execution to unknown state). Situation after the trouble is resolved You will be available to perform new response actions.
Case 5	The following system error occurred while performing the response action: Integrated agent management base (JP1/IM - Manager) has stopped. The Intelligent integrated management base has stopped.	Situation at the time of the occurrence of the rubble The response action will remain in progress. Situation after the trouble is resolved After starting the integrated agent management base (JP1/IM - Manager), when the connection of the integrated agent control base can be confirmed, and the operation of the response action cannot be confirmed, the response action becomes an end state (the state is unknown from the execution) and subsequent response action can be executed. When the response action is in operation, it remains running. After starting the integrated agent management base (JP1/IM - Manager), if the integrated agent management base cannot confirm the connection of the integrated agent control base, the response action becomes an end state (failed execution from queuing, state unknown from execution), and new response actions can be performed.

Describes the expected trouble and what to do with the user. In dealing with the user, it is necessary to check the status of the command process on the integration agent host to determine whether to rerun the command (response action) after the trouble is resolved.

- Case 1

Description

Users deal with problems by stopping the integrated agent control base on the integrated agent host.

When the integrated agent control base is stopped, the integrated agent management base detects the suspension of the integrated agent control base, and the execution state of the response action transitions as follows.

Transitions from running to state unknown.
Transitions from queuing to execution failure.

When the integrated agent control base is stopped, the execution state of CMD.EXE and running commands in Windows and shells in UNIX may remain running. In that case, wait for the process to terminate naturally, or kill the process manually.

User response

On the List of Response Action Results window of the integrated operation viewer, narrow down the queueing and running actions to identify the integrated agent host that is in trouble.
Log in to the integrated agent host and stop the integrated agent control base.
On the List Response Action Results window of the integrated operation viewer, check the PID of the action that is running but not known.
Check the step 3. PID process on the integrated agent host and wait for the process to terminate naturally, or kill the process manually.
Launch the integrated agent control base on the integrated agent host.

- Case 2

Description

Deal with the problem by manually terminating the command process. When you kill a command process, the execution state of the response action transitions to the end of execution.

User response

On the Response Action Results window of the integrated operations viewer, check the PID of the command process that does not terminate.
Log in to the integrated agent host and kill the command process for the PID of step 1.

Supplement 1

Imagent executes user-defined command line as following:

For Linux

/bin/sh -c user-specified command line
For Windows

CMD C:\>"user-specified command line"

The process ID of the KNBC00622-I message output in the Message column of the Response Action Results window in the Integrated Operation Viewer window displays following contents:

For Linux

When a user-specified command line runs one command, the PID of the command process is output.

When a user-specified command line runs more than one command, the PID of /bin/sh is output.
For Windows

The process ID of CMD process is output.

Therefore, there are cases in which it is necessary to check a parent-child relationship of the process in order to detect the command process.

Supplement 2

When the file that is not associated with file name extension is executed, the response action terminated, but there are cases in which the OpenWith.exe process remains.

When OpenWith.exe remains, force it to terminate manually.

Supplement 3

When you run a background execution of Linux or a BAT file that uses START command in Windows, the response action terminated, but there are cases in which the child process executed by command process.

When process remains, force it to terminate manually as needed.

- Case 3

Description

When a failover occurs on an integrated agent host (integrated agent control base) in a cluster configuration for reasons such as power down, the integrated agent management base cannot detect the outage of the integrated agent control base, and if the integrated agent control base is activated, the execution state of the response action remains in progress.

#: The JP1 event cannot confirm the outage of the integrated agent control base.

Users deal with problems by stopping the integrated agent control base on the integrated agent host.

User response

On the List of Response Action Results window of the integrated operations viewer, narrow down the actions that are in progress to identify the integration agent host that is in trouble.
Log in to the integrated agent host and stop the integrated agent control base.
Launch the integrated agent control base on the integration agent host.

- Case 4

Description

When the integrated agent management base detects the deletion of the integrated agent host and the disconnection of the integrated agent host (integrated agent control base), the execution state of the response action transitions as follows.

Transitions from running to state unknown.
Transitions from queuing to execution failure.

In the case of Windows, CMD.EXE and running commands, in UNIX, the execution state of the shell and running commands may remain running. In that case, wait for the process to terminate naturally, or kill the process manually.

User response

On the List of Response Action Results window of the Integrated Operations Viewer, narrow down the execution failure, execution, and unknown state actions to identify the integrated agent host that is in trouble.
Address system errors

In the case of a network error, we will deal with it so that the network can be connected from the integrated agent control base to the integrated agent management base.
If you log in to the integrated agent host and the integrated agent control base is not stopped, stop the integrated agent control base.
On the List of Response Action Results window of the Integrated Operations Viewer, check the PID of the action that is running but not known.
Check the step 4. PID process on the integrated agent host and wait for the process to terminate naturally or kill the process manually.
Launch the integrated agent control base on the integrated agent host.

- Case 5

Description

If you stop the Intelligent Integration Management database or the Integrated Agent Management base (JP1/IM - Manager) while the action is running, the execution state of the response action remains in progress.

Address the problem by starting the Integrated Agent Management base (JP1/IM - Manager).

After the system starts the integrated agent management base, it confirms the connection of the integrated agent control base and transitions the execution state of the response action according to the connection status.

When the integrated agent management base can confirm the connection of the integrated agent control base, the operation status of the action is inquired to the integrated agent control base for the action that is left running, and when the response action is not working, the execution state of the response action transitions as follows. When the response action is in operation, it remains running.

Transitions from running to state unknown.

When the integrated agent management base cannot confirm the connection of the integrated agent control base, the execution state of the response action transitions as follows.

Transitions from running to state unknown.
Transitions from queuing to execution failure.

User response

If the Intelligent Integration Management database is stopped, start the Intelligent Integration Management database.
Start JP1/IM - Manager
On the List of Response Action Results window of the Integrated Operations Viewer, narrow down the actions that fail to execute, are running, and are not known, and identify the integrated agent host.
On the List of Response Action Results window of the Integrated Operations Viewer, check the PID of the action that is running but not known.
Log in to the integration agent host, check the process with the PID of step 4., wait for the process to terminate naturally, or kill the process manually.

(k) Planning outage of the integrated agent control base

Here is the flow of planned outages for the integrated agent control base:

Define the planned down-to-plan integrated agent control base (integrated agent host) in the common exclusion conditions of JP1/IM -Manager to prevent response actions from being performed automatically.
Verify that there are no actions being taken on the planned down integration agent control base (integrated agent host). If there is an action that has already been introduced, wait for the action to finish.
Plan and stop the integrated agent control base.

(l) Notes on Executing REST API from response actions

When executing a response action in response action type restApi, a REST API request that includes binary data cannot be executed.

To Page Top

(4) Event-forwarding relay function in JP1/Base

(a) Function Overview

Event-forwarding relay function is a feature that enables JP1/IM - Manager to manage JP1 events that occur in an on-premises deployment, running in the cloud.

Enabling event-forwarding relay function allows JP1 events that occur in your on-premises environment to be forwarded to JP1/Base in your cloud environment without using a dedicated line, such as a VPN.

JP1/IM - Manager (Intelligent Integrated Management Base) in a cloud environment creates a IM managed node for JP1/IM - Manager, JP1/Base, remote log monitoring in an on-premises environment and associates JP1 events that occur on-premises.

You can also use JP1/IM - Manager (Intelligent Integrated Management Base) in your cloud environment to centrally manage and monitor JP1 events that JP1/IM-EG for NNMi has converted to JP1 events, as well as NNMi incidents that JP1/AJS have retrieved, without using a dedicated line, such as VPN.

All Systems
 + Hosts in the cloud environment (hosts in JP1 Cloud Service)
 | + Other Applications
 |    + JP1/Base
 + Hosting an On-Premises Environment
   + Other Applications
      + JP1/Base

Note that only JP1 events can be displayed for IM management node created with event-forwarding relay function. You can't use any functionality that assumes IM configuration (you can't include JP1/Base in your on-premises deployment in IM configuration).

The following tables list the pre-existing JP1/IM - Manager features that are available for IM management node and forwarded JP1 events created with this feature when event-forwarding relay function is enabled. The items in this table are based on 2.4.1 JP1/IM - Manager function list.

Table 3‒58: Availability and scope of JP1/IM - Manager functions (when event-forwarding relay function is enabled)
Pre-Existing Features of JP1/IM - Manager		Availability	Functional scope
Intelligent Integrated Management Base	System management based on the system configuration information and JP1 events	N	When event-forwarding relay function is enabled, IM managed nodes for event-forwarding relay original JP1/IM - Manager, JP1/Base, and remote log monitoring are automatically created and associated with JP1 events. For IM management node that is automatically created, you can determine the status by the colors displayed, and you can check the list of JP1 events. However, you cannot check the Job flow tab, Related node tab, and Trends tab. IM management node of the other components is not created in event-forwarding relay function.
	Integrated system monitoring using IM management nodes	Y	Can be used without restriction.
	Dashboard Visualizing IT SystemHealth	N	You can view the number of events, including events relayed in event-forwarding relay function, in the dashboard. Performance data cannot be displayed.
	Event display	Y	Can be used without restriction.
	Related node indicator	Y	If JP1/IM - Manager exists on the event-forwarding relay host, JP1/IM - Manager of the source host is displayed as related node. If JP1/IM - Manager not exists on the event-forwarding relay host, JP1/Base of the source host is displayed as related node.
	Trend information indicator	--	Cannot be used.
	Linkage with other products	N	You can monitor from JP1 events forwarded by event-forwarding relay function or launch custom user-defined UI. However, you must be able to access the operation target from the operation terminal. If you start with an inaccessible operation terminal, a connection error may occur.
	Response action	N	If you use suggestion function, you cannot execute commands from event-forwarding relay destination to event-forwarding relay source. You can response action(auto) and manually run JP1/IM - Agent that are connected to JP1/IM - Manager of event-forwarding relay destination.
	Managing integrated agent	Y	Event-forwarding relay destination can manage JP1/IM - Manager connected to JP1/IM - Agent.
Central Console	Centralized monitoring using JP1 events	N	The following functions can be used without restrictions: Monitoring with the Central Console Filtering JP1 Events Issuing correlated events Monitoring Repeating Events Event guide function Memo entries configuration features Viewing user-defined event attributes CSV out of JP1/IM-View view The following functions are limited: Event Search You can search for events stored in the integrated monitoring DB of the forwarding destination. Event-forwarding relay source for original event database cannot be searched. You cannot search for events in the event DB of the event-forwarding relay source. Opening a monitor of linked products and integration function menu You can launch applications and Web windows from JP1 events forwarded by event-forwarding relay function. However, you must be able to access the operation target from the operation terminal. If you start with an inaccessible operation terminal, a connection error may occur. Executing Commands from JP1/IM-View Cannot be used. Referencing and restricting operations of business groups Events from the event-forwarding relay source cannot be restricted by business group.
	JP1 event management	N	Same as described in Centralized monitoring using JP1 events.
	JP1 event filtering	Y	Can be used without restriction.
	Automated actions	--	You cannot perform an automated action from event-forwarding relay destination to event-forwarding relay source JP1/Base.
	Issue of correlation events	Y	Can be used without restriction.
	Event conversion	Y	Can be used without restriction.
	Display of user-defined event attributes	Y	Can be used without restriction.
	Event guide function	Y	Can be used without restriction.
	CSV output of information displayed in JP1/IM - View	Y	Can be used without restriction.
	System operation	N	Same as described in Centralized monitoring using JP1 events.
Central Scope	Tree monitoring	N	The monitoring tree cannot be automatically generated by collecting event-forwarding relay source host-information (including collaboration products) from event-forwarding relay destination. You can create it manually.
	Visual monitoring	Y	Can be used without restriction.
	Guide function	Y	Can be used without restriction.
IM Configuration Management	Host management	--	You cannot perform event-forwarding relay source host management from event-forwarding relay destination.
	System hierarchy management	--	You cannot manage event-forwarding relay source system hierarchy from event-forwarding relay destination.
	Management of virtualization configuration information	--	You cannot manage event-forwarding relay source virtualization system configuration from event-forwarding relay destination.
	Business group management	--	You cannot manage event-forwarding relay source business groups from event-forwarding relay destination.
	Profile management	--	You cannot manage event-forwarding relay source profiles from event-forwarding relay destination.
	Management of service activity information	--	You cannot manage event-forwarding relay source service activity information from event-forwarding relay destination.
	Import/export of IM Configuration Management information	--	You cannot import/export administrative data from event-forwarding relay destination to event-forwarding relay source IM configuration management.
Core functionality	Process management	Y	Can be used without restriction.
	Health check	--	You cannot perform health checks from event-forwarding relay destination to the services from which you event-forwarding relay.
	Hitachi Network Objectplaza Trace Library (HNTRLib2)	Y	Can be used without restriction.
	User management	--	You cannot perform event-forwarding relay source user-management from event-forwarding relay destination. If your event-forwarding relay source uses JP1 authentication, you cannot share event-forwarding relay destination and event-forwarding relay original JP1 authentication servers.
	Configuration management^#2	--	You cannot manage event-forwarding relay source configuration from event-forwarding relay destination.
	Service startup control	Y	Can be used without restriction.
	Command execution^#2	--	You cannot execute commands from event-forwarding relay destination to event-forwarding relay source JP1/Base.
	Definition collection and distribution^#2	--	You cannot collect or distribute event service-definition information from event-forwarding relay destination to event-forwarding relay sources.
	Definition file manipulation	Y	You can use event-forwarding relay destination to manipulate definition files for JP1/IM - Manager connected JP1/IM - Agent.

Legend:

Y: Can be used without restrictions

N: Can be used with restrictions

--: Cannot be used

The event forwarding relay function of JP1/Base is disabled by default. To enable it, JP1/IM - Agent and JP1/IM - Manager settings are required. For details about each, see 1.21.2(2)(g) Configuring the event-forwarding relay function (for Windows) (optional) and 1.19.3(1)(b) Change settings of JP1/IM - Agent management base (for Windows) in the JP1/Integrated Management 3 - Manager Configuration Guide.

If you have at least one agent that uses this feature, JP1/IM - Manager you want to connect to must be version 13-10 or later.

If you do not use this feature, it supports connecting JP1/IM - Manager and JP1/IM - Agent in the following combinations:

Connecting JP1/IM - Manager versions earlier than 13-10 and JP1/IM - Agent versions later than 13-10
Connecting JP1/IM - Manager version 13-10 or later and JP1/IM - Agent version earlier than 13-10

(b) Prerequisites

The following are prerequisites for using JP1/Base of event-forwarding relay function:

■Event-forwarding relay destination host

JP1/IM - Manager must be version 13-10 or later
Enabling event-forwarding relay function on a JP1/Base

JP1/Base must be version 13-00 or later
Do not encrypt JP1/Base communication (disable SSL communication)

■Event-forwarding relay source host

OS supported by all JP1/IM - Manager and JP1/Base, devices must be supported.

If JP1/IM - Manager is present, then JP1/IM - Manager must be version 11-00 or later (does not need to be present)

JP1/Base must be version 11-00 or later
Set the event forwarding destination to JP1/IM - Agent.
Do not encrypt JP1/Base communication (disable SSL communication)
Displayed by the jbsrt_get command if IM configuration is managed by event-forwarding relay source (Execute the jbsrt_distrib command and jbsrt_sync command as required)

Important

If JP1/Base installed on the event-forwarding relay source host is older than version 13-00, event-forwarding relay will not succeed after January 19, 2038. Upgrade JP1/Base to 13-00 or later by January 18, 2038.

JP1/IM - Agent must be version 13-10 or later
Enabling event-forwarding relay function on a JP1/Base
Connect to a JP1/IM - Manager on a different host (you cannot connect to a JP1/IM - Manager on the same host)
Character code is UTF-8, SJIS, or GB18030 ambient
Run on the same host as JP1/Base that performs event-forwarding relay (the logical host must run on the same logical host).

(c) Use Case

■ Pattern 1

Use an integrated manager with a single on-premises environment. Introduce a JP1 Cloud Service to monitor AWS and other Internet-based environments.

Use event-forwarding relay function to relay event forwarding for your on-premises environment because you need to monitor both your Internet environment and your on-premises environment.

Leave your on-premises JP1/IM - Manager intact for automated actions, for example.

[Figure]

■ Pattern 2

Migrate only the integration manager from the multi-stage configuration of the on-premises environment to the cloud environment.

Use event-forwarding relay function to relay event forwarding for the on-premises environment because you need to monitor both the Internet environment and the on-premises environment.

Because response action and others run at different locations/relay managers, an integrated manager for the on-premises deployment is no longer required.

When a NNMi or JP1/AJS event occurs, the location is checked by opening GUI of the application by monitoring from the event.

[Figure]

■ Pattern 3

User an integrated manager with a single on-premises environment. Remote log monitoring is also implemented. Introduce Internet-based JP1 Cloud Service.

Use event-forwarding relay function to relay event forwarding for the on-premises environment because you need to monitor both the Internet environment and the on-premises environment.

Because remote log monitoring of hosts in the on-premises environment is not possible from JP1 Cloud Service of your Internet environment , the integrated manager in the on-premises environment remains.

[Figure]

■ Pattern 4

Use an integrated manager with a single on-premises environment. JP1/IM - Manager did not manage events. Introduce Internet-based JP1 Cloud Service and begin event-management.

[Figure]

Important: The Integration Manager host (the Integration Manager host that manages each base/relay manager) in a multi-stage configuration cannot be event-forwarding relay source host. In this case, set each base/relay manager host as event-forwarding relay source host.

(d) Restrictions

Configuration limitations for making manager hosts event-forwarding relay sources

If you event-forwarding relay from the Integration Manager host or lower manager host, JP1/IM - Agent that runs on event-forwarding relay source is connected to JP1/IM - Manager of event-forwarding relay destination, not JP1/IM - Manager from which event-forwarding relay originated. In this situation, event-forwarding relay source JP1/IM - Agent is not considered to be co-resident with JP1/IM - Manager it originated from. Also, because only one JP1/IM - Agent can run on a single host, event-forwarding relay source cannot use all of JP1/IM - Manager features that are co-resident with JP1/IM - Agent.
Restrictions on Relay Destinations

Configurations that make the relay destination the same JP1/Base services the relay source are not supported.

To Page Top

(5) Data delivery function to multiple manager hosts

(a) Function Overview

The data delivery function to multiple manager hosts distributes the operation information and event information sent from JP1/IM - Agent to multiple JP1/IM - Manager.

You can specify up to two JP1/IM - Manager destinations. JP1/IM agent control base is started one-to-one for each JP1/IM agent management base. One is called the primary and the other is called the secondary.

Figure 3‒38: Data delivery function to multiple manager hosts

(b) imagent group identifier

If you are using the data delivery function to multiple manager hosts, you must use JP1/IM agent control base directories or configuration file for primary and secondary use in the following imagent group identifiers:

imagent group identifier	Description
Not specified	When the destination JP1/IM - Manager is one (normal configuration) Indicates a single JP1/IM agent control base that starts up. When there are two destination JP1/IM - Managers (configuration that uses the data delivery function to connect to two JP1/IM agent management bases) Indicates the primary JP1/IM agent control base when two JP1/IM agent control bases are started.
secondary	When there are two destination JP1/IM - Managers (configuration that uses the data delivery function to connect to two JP1/IM agent management bases), this is the secondary JP1/IM agent control base when launching JP1/IM agent control base.

The following shows imagent group identifier for a configuration that connects to two JP1/IM agent management base using the normal configuration imagent group identifier and the data delivery function:

Figure 3‒39: imagent group identifier in normal configuration

Figure 3‒40: imagent group identifier for a configuration that connects to two JP1/IM agent management bases using the data delivery function

The data delivery function uses imagent group identifiers in the following places:

■ For Windows

Table 3‒59: Where imagent group identifiers are used (other than service-definition)
Classification	imagent group identifier
Classification	Not specified	With specification
Folder	`jp1ima\log\imagent`	`jp1ima\logs\imagent-imagent-group-indentifier`
	`jp1ima\log\imagentproxy`	`jp1ima\logs\imagentproxy-imagent-group-indentifier`
	`jp1ima\log\imagentaction`	`jp1ima\logs\imagentaction-imagent-group-indentifier`
	`jp1ima\tmp\download`	`jp1ima\tmp\download-imagent-group-indentifier`
	`jp1ima\tmp\upload`	`jp1ima\tmp\upload-imagent-group-indentifier`
	`jp1ima\tmp\jbsfwd`	`jp1ima\tmp\jbsfwd-imagent-group-indentifier`
Key of initial secret	`immgr.initial_secret`	`immgr.initial_secret-imagent-group-indentifier`
Key of client secret	`immgr.client_secret`	`immgr.client_secret-imagent-group-indentifier`
Key of HTTP proxy password	`immgr.proxy_user.authentication-ID`	`immgr.proxy_user-imagent-group-indentifier.authentication-ID`

Table 3‒60: Where imagent group identifiers are used (service-definition)
Classification	imagent group identifier
Classification	Not specified	With specification
imagent service ID	`jpc_imagent`	`jpc_imagent-imagent-group-indentifier`
imagent service ID	`jpc_imagent_logical-hostname`	`jpc_imagent-imagent group-identifier-logical-hostname`
imagentproxy service ID	`jpc_imagentproxy`	`jpc_imagentproxy-imagent-group-indentifier`
imagentproxy service ID	`jpc_imagentproxy_logical-hostname`	`jpc_imagentproxy-imagent-group-identifier_logical-hostname`
imagentaction service ID	`jpc_imagentaction`	`jpc_imagentaction-imagent-group-indentifier`
imagentaction service ID	`jpc_imagentaction_logical-hostname`	`jpc_imagentaction-imagent-group-identifier_logical-hostname`
Service definition file of the jpc_imagent	`jpc_imagent_service.xml`	`jpc_imagent-imagent-group-indentifier_service.xml`
Service definition file of the jpc_imagent	`jpc_imagent_service_`logical-host-name.xml	`jpc_imagent-imagent-group-indentifier_`logical-host-name`_service.xml`
Service definition file of the jpc_imagentproxy	`jpc_imagentproxy_service.xml`	`jpc_imagentproxy-imagent-group-indentifier_service.xml`
Service definition file of the jpc_imagentproxy	`jpc_imagentproxy_service_`logical-host-name`.xml`	`jpc_imagentproxy-imagent-group-indentifier_`logical-host-name`_service.xml`
Service definition file of the jpc_imagentaction	`jpc_imagentaction_service.xml`	`jpc_imagentaction-imagent-group-indentifier_service.xml`
Service definition file of the jpc_imagentaction	`jpc_imagentaction_service_`logical-host-name`.xml`	`jpc_imagentaction-imagent-group-indentifier_`logical-host-name`_service.xml`

■ For Linux

Table 3‒61: Where imagent group identifiers are used (other than unit-definition)
Classification	imagent group identifier
Classification	Not specified	With specification
Directory	`jp1ima/log/imagent`	`jp1ima/logs/imagent-imagent-group-indentifier`
	`jp1ima/log/imagentproxy`	`jp1ima/logs/imagentproxy-imagent-group-indentifier`
	`jp1ima/log/imagentaction`	`jp1ima/logs/imagentaction-imagent-group-indentifier`
	`jp1ima/tmp/download`	`jp1ima/tmp/download-imagent-group-indentifier`
	`jp1ima/tmp/upload`	`jp1ima/tmp/upload-imagent-group-indentifier`
	`jp1ima/tmp/jbsfwd`	`jp1ima/tmp/jbsfwd-imagent-group-indentifier`
Key of initial secret	`immgr.initial_secret`	`immgr.initial_secret-imagent-group-indentifier`
Key of client secret	`immgr.client_secret`	`immgr.client_secret-imagent-group-indentifier`
Key of HTTP proxy password	`immgr.proxy_user.authentication-ID`	`immgr.proxy_user-imagent-group-indentifier.authentication-ID`

Table 3‒62: Where imagent group identifiers are used (unit-definition)
Classification	imagent group identifier
Classification	Not specified	With specification
Unit definition file of the jpc_imagent	`jpc_imagent.service`	`jpc_imagent-imagent-group-indentifier.service`
Unit definition file of the jpc_imagent	`jpc_imagent_`logical-host-name`.service`	`jpc_imagent-imagent-group-indentifier_`logical-host-name`.service`
Unit definition file of the jpc_imagent	`jpc_imagentproxy.service`	`jpc_imagentproxy-imagent-group-indentifier.service`
Unit definition file of the jpc_imagent	`jpc_imagentproxy_`logical-host-name`.service`	`jpc_imagentproxy-imagent-group-indentifier_`logical-host-name`.service`
Unit definition file of the jpc_imagentaction	`jpc_imagentaction.service`	`jpc_imagentaction-imagent-group-indentifier.service`
Unit definition file of the jpc_imagentaction	`jpc_imagentaction_`logical-host-name`.service`	jpc_imagentaction`-imagent-group-indentifier_`logical-host-name`.service`

(c) Configuring secondary service startup

■ Service definition file (for Windows)

You create a service definition file for the secondary based on the service definition file of the primary imagent, imagentproxy, and imagentaction.

For details about the service definition file name to be created, see Table 3-60 Where imagent group identifiers are used (service-definition).

In addition, imagent group identifier is described for the service definition file setting items (<id>, <name>, <description>, <logpath>, <arguments>).

The following shows an example of the service definition file for imagent. The descriptive part about imagent group identifier is shown with an underscore.

For normal hosts

<id>jpc_imagent-imagent-group-indentifier</id>
<name>JP1/IM3-Agent imagent-group-indentifier</name>
<description>JPC IM-Agent Service imagent-group-indentifier</description>
<logpath>integrated-agent-installation-folder\jp1ima\logs\imagent-imagent-group-indentifier</logpath>
<arguments> 
-imagid imagent-group-indentifier
</arguments>

For cluster environments

<id>jpc_imagent-imagent-group-indentifier_logical-host-name</id>
<name>JP1/IM3-Agent imagent-group-indentifier logical-host-name</name>
<description>JPC IM-Agent Service imagent-group-indentifier logical-host-name<</description>
<logpath>shared-folder\jp1ima\logs\imagent-imagent-group-indentifier</logpath>
<arguments> 
-imagid imagent-group-indentifier -hostname logical-hostname
</arguments>

■ Unit definition file (for Linux)

You create a unit definition file for the secondary based on the unit definition file of the primary imagent, imagentproxy, and imagentaction.

For details about the unit definition file name to be created, see Table 3-62 Where imagent group identifiers are used (unit-definition).

In addition, add "-imagid imagent-group-indentifier" to ExecStart line of the created the unit definition file.

The following example shows how to add "-imagid imagent-group-indentifier" to ExecStart line of the unit definition file in imagent.

ExecStart = "...omitted.../jp1ima/bin/imagent"  -imagid imagent-group-indentifier

Similarly, add "imagent-group-indentifier" to Description line.

The following is an example of adding "imagent-group-indentifier" to Description line of service definition file in imagent.

Description = JP1/IM3-Agent imagent-group-indentifier

(d) Configuration file for JP1/IM agent control base

The following shows a sample of the configuration of each configuration file for JP1/IM agent control base.

■ Sample configuration for imagent common configuration file (jpc_imagentcommon.json)

Adds a set of information (underlined part) about connecting to the JP1/IM agent management base for secondary.

{
  "JP1_BIND_ADDR": "ANY",
  "COM_LISTEN_ALL_ADDR": 0,
  "COM_MAX_LISTEN_NUM": 4,
  "JP1_CLIENT_BIND_ADDR": "ANY",
  "http": {
    "max_content_length": 10,
    "client_timeout": 30
  },
  "immgr": {
    "host": "JP1/IM-manager-host-name",
    "proxy_url": "HTTP-proxy-server-URL",
    "proxy_user": "proxy-server-authentication-user-name",
    "//tls_config": {
      "ca_file": "*** CA certificate file path ***",
      "insecure_skip_verify": false,
      "min_version": "TLSv1_2"
    },
    "imbase": {
      "port": connecting-port-of-JP1/IM-agent-management-base (imbase)
    },
    "imbaseproxy": {
      "port": connecting-port-of-JP1/IM-agent-management-base (imbaseproxy)
    }
  }
  , "immgr_add": {
      "secondary": {
        "host": "JP1/IM-manager-host-name",
        "proxy_url": "HTTP-proxy-server-URL",
        "proxy_user": "proxy-server-authentication-user-name",
        "//tls_config": {
          "ca_file": "*** CA certificate file path ***",
          "insecure_skip_verify": false,
          "min_version": "TLSv1_2"
        },
        "imbase": {
          "port": connecting-port-of-JP1/IM-agent-management-base (imbase)
        },
        "imbaseproxy": {
          "port": connecting-port-of-JP1/IM-agent-management-base (imbaseproxy)
        }
      }
    }
  }

■ Sample configuration for imagent configuration file (jpc_imagent.json)

In the listen_add.secondary, add a set of listen port settings (underlined part) for the secondary because the primary and secondary cannot listen on the same port number.

{
  "port": 20726,
  "log": {
     Omitted
  },
  "action": {
     Omitted
  },
  "jp1base_forward_receive": {
    "port": 20733
  }
  , "listen_add": {
    "secondary": {
      "port": JP1/IM-agent-control-base-listen-port,
      "jp1base_forward_receive": {
        "port": listen-port-for-transmission-of-JP1/Base
      }
    }
  }
}

■ Sample configuration for imagentproxy configuration file (jpc_imagentproxy.json) and imagentaction configuration file (jpc_imagentaction.json)

In the listen_add.secondary, add a set of listen port settings (underlined part) for the secondary because the primary and secondary cannot listen on the same port number.

{
  "port": 20727,
  "log": {
    Omitted
  }
  , "listen_add": {
    "secondary": {
      "port": JP1/IM-agent-control-base-listen-port
    }
  }
}

(e) Keys for initial secret, client secret, and HTTP proxy password

The keys for the initial secret used for the initial connection from JP1/IM agent control base to JP1/IM agent management base, the client secret to be used thereafter, and the HTTP proxy password, are registered in the secret management file with the keys "immgr.initial_secret", "immgr.client_secret", and "immgr.proxy_user.authentication-ID" by the secret management command (jimasecret). When using the data delivery function to multiple manager hosts, the key shown below is used as the key for the secret because the combination of JP1/IM agent control base and JP1/IM agent management base results in a shortage of keys.

immgr.initial_secret-imagent-group-identifier
immgr.client_secret-imagent-group-identifier
immgr.proxy_user-imagent-group-identifier.authentication-ID

For details about the secret key, see the explanation of arguments (-key option) in jimasecret in Chapter 1. Commands in the JP1/Integrated Management 3 - Manager Command, Definition File and API Reference.

(f) Send settings for programs other than JP1/IM agent control base

The user adds the secondary sending configuration to every program other than JP1/IM agent control base.

The following is a sample configuration that adds a secondary send configuration to the configuration file for each program.

Note that jp1ima1.example.com in the sample configuration indicates JP1/IM - Agent install host.

■ Sample configuration for Prometheus configuration file (jpc_prometheus_server.yml)

The remote_write shows URL to which trend data is delivered (URL section below).

remote_write:
  - url: http://jp1ima1.example.com:20727/ima/api/v1/proxy/service/promscale/write
    remote_timeout: 30s
    send_exemplars: false
    queue_config:
      capacity: 10000
      max_shards: 4
      min_shards: 4
      max_samples_per_send: 3000
      batch_send_deadline: 10s
      min_backoff: 100ms
      max_backoff: 10s
  - url: http://jp1ima1.example.com:21727/ima/api/v1/proxy/service/promscale/write
    remote_timeout: 30s
    send_exemplars: false
    queue_config:
      capacity: 10000
      max_shards: 4
      min_shards: 4
      max_samples_per_send: 3000
      batch_send_deadline: 10s
      min_backoff: 100ms
      max_backoff: 10s

- Setting based on the jpc_prometheus_server.yml of the default deployment file: Create a second element based on the first element in the remote_write of the jpc_prometheus_server.yml, and set the specified number for the port of the listen_add of imagentproxy configuration file (jpc_imagentproxy.json) to the port-number part of url.

To rewrite the labels for each delivery destination, set the write_relabel_configs for each remote_write as shown below.

remote_write:
  - url: http://jp1ima1.example.com:21727/ima/api/v1/proxy/service/promscale/write
    write_relabel_configs:
      - source_labels: ['__name__']
        regex: '(node_boot_time_seconds|node_context_switches_total)'
        action: 'drop'

■ Sample configuration for Alertmanager configuration file (jpc_alertmanager.yml)

The webhook_configs contains URL (URL section below) to which you want to deliver the alerts.

webhook_configs:
  - send_resolved: true
    url: 'http://jp1ima1.example.com:20726/ima/api/v1/proxy/service/imdd/im/api_system/v1/events/transform'
  - send_resolved: true
    url: 'http://jp1ima1.example.com:21726/ima/api/v1/proxy/service/imdd/im/api_system/v1/events/transform'

- Setting based on the jpc_alertmanager.yml of the default deployment file: Add the first element in the webhook_configs of the jpc_alertmanager.yml, create a second element based on it, and set the port-number part of url to the number you specified port the listen_add of imagent configuration file (jpc_imagent.json).

■ Sample configuration for log monitoring common definition file (jpc_fluentd_common.conf)

This section describes URL of the log monitoring trend data and event data delivery destination (URL section below).

The following shows a sample configuration of the log monitoring common definition file (/opt/jp1ima/conf/jpc_fluentd_common.conf) in a Linux (physical host):

[Remote Write Settings] section

<match jpc_ima_metrics.**>
  @type copy
  <store>
    @type http
    headers {"accept":"application/json"}
    content_type application/json
    json_array false
    endpoint http://jp1ima1.example.com:20727/ima/api/v1/proxy/service/promscale/write
    <buffer>
      flush_interval 60s
      disable_chunk_backup true
    </buffer>
  </store>
  <store>
    @type http
    headers {"accept":"application/json"}
    content_type application/json
    json_array false
    endpoint http://jp1ima1.example.com:21727/ima/api/v1/proxy/service/promscale/write
    <buffer>
      flush_interval 60s
      disable_chunk_backup true
    </buffer>
  </store>
</match>

- Setting based on the jpc_fluentd_common.conf of the default deployment file: In the initial placement of <match jpc_ima_metrics.**> in jpc_fluentd_common.conf, only the inside of the first <store> is listed directly under <match jpc_ima_metrics.**>. Enclose this in <store> and </store> and create another set of the same. Set the number specified in port of the listen_add of imagentproxy configuration file (jpc_imagentproxy) for the second group of port numbers. After that, write "@type copy" in front of the first set of <store>.

[Output Settings] section

<match {tail.*.jp1event,wevt.*.jp1event}>
    @type copy
    copy_mode no_copy
    <store>
      @type http
      endpoint http://jp1ima1.example.com:20726/ima/api/v1/proxy/service/imdd/im/api_system/v1/events/transform
      headers {"accept":"application/json"}
      :
      <buffer tag>
      :
        path ../data/fluentd/buffer
      :
      </buffer>
    </store>
    <store>
      @type http
      endpoint http://jp1ima1.example.com:21726/ima/api/v1/proxy/service/imdd/im/api_system/v1/events/transform
      headers {"accept":"application/json"}
      :
      <buffer tag>
      :
        path ../data/fluentd/buffer-secondary
      :
      </buffer>
    </store>
    <store>
      @type relabel
      @label @STDOUT
    </store>
</match>

- Setting based on the jpc_fluentd_common.conf of the default deployment file

Create the second one by duplicating the first <store> described in the <match {tail.*.jp1event,wevt.*.jp1event}> of jpc_fluentd_common.conf of the default deployment. Set the port number specified in port of the listen_add of imagent configuration file (jpc_imagent.json) to the port number in the second endpoint.

Then add "-secondary" to the pass specified in the second <store> path.

■ Sample configuration for JP1/Base event service definition file

Specifies where JP1/Base event-data is delivered.

JP1/Base event server settings file (conf)

The following is a sample configuration of the event server settings file (installation-folder\conf\event\servers\default\conf) in a Windows (physical host) or the event server settings file (/etc/opt/jp1base/conf/event/servers/default/conf) in a Linux (physical host).
```
remote-server imagent keep-alive jp1ima1.example.com 20733
remote-server imagent2nd keep-alive jp1ima1.example.com 21733
```
- Setting based on conf of the default deployment file

Added a description of the configuration example. For the port number (the numerical value to the right of the hostname) In the first line, specify the value specified in jp1base_forward_receive.port of imagent configuration file (jpc_imagent.json), and for the port number in the second line, specify the value specified in the listen_add.imagent group identifier jp1base_forward_receive.port of imagent configuration file (jpc_imagent.json).
JP1/Base event forwarding setting file (forward)

The following is a configuration example of a transfer configuration file (installation-folder\conf\event\servers\default\forward) for a Windows environment (physical host) or a transfer configuration file (/etc/opt/jp1base/conf/event/servers/default/forward) for a Linux environment (physical host).
```
to imagent
E.SEVERITY IN Warning Error Critical Alert Emergency Emergence
end-to
to imagent2nd
E.SEVERITY IN Warning Error Critical Alert Emergency Emergence
end-to
```

- Setting based on forward of the default deployment file: Add a description of the configuration example and match the string next to to the string specified in conf.

(g) Names used in logical host configurations (clusters)

In a logical host configuration (cluster), the following file names are used for primary and secondary:

Table 3‒63: File names for primary and secondary logical host configurations (clusters)
Classification	Primary	Secondary
File	`imagent_service_logical-host-name.exe`	`imagent-imagent-group-identifier_service_logical-host-name.exe`
	`imagent_service_logical-host-name.xml`	`imagent-imagent-group-identifier_service_logical-host-name.xml`
	`jpc_imagent_logical-host-name.service`	`jpc_imagent-imagent-group-identifier_logical-host-name.service`
	`imagentproxy_service_logical-host-name.exe`	`imagentproxy-imagent-group-identifier_service_logical-host-name.exe`
	`imagentproxy_service_logical-host-name.xml`	`imagentproxy-imagent-group-identifier_service_logical-host-name.xml`
	`jpc_imagentproxy_logical-host-name.service`	`jpc_imagentproxy-imagent-group-identifier_logical-host-name.service`
	`imagentaction_service_logical-host-name.exe`	`imagentaction-imagent-group-identifier_service_logical-host-name.exe`
	`imagentaction_service_logical-host-name.xml`	`imagentaction-imagent-group-identifier_service_logical-host-name.xml`
	`jpc_imagentaction_logical-host-name.service`	`jpc_imagentaction-imagent-group-identifier_logical-host-name.service`

The following is the name of the configuration item to use for the primary and secondary in service definition file of a logical host configuration (cluster):

Table 3‒64: Names of configuration items used for primary and secondary in service definition file for logical host configurations (clusters)
Setting item	Primary	Secondary
id	`jpc_imagent-imagent-group-identifier`	`jpc_imagent-imagent-group-identifier_logical-host-name`
	`jpc_imagentproxy-imagent-group-identifier`	`jpc_imagentproxy-imagent-group-identifier_logical-host-name`
	`jpc_imagentaction-imagent-group-identifier`	`jpc_imagentaction-imagent-group-identifier_logical-host-name`
name	`JP1/IM3-Agent` `imagent-group-identifier`	`JP1/IM3-Agent` `imagent-group-identifier` `logical-host-name`
	`JP1/IM3-Agent proxy` `imagent-group-identifier`	`JP1/IM3-Agent proxy` `imagent-group-identifier` `logical-host-name`
	`JP1/IM3-Agent action` `imagent-group-identifier`	`JP1/IM3-Agent action` `imagent-group-identifier` `logical-host-name`
description	`JPC IM-Agent Service` `imagent-group-identifier`	`JPC IM-Agent Service` `imagent-group-identifier`
	`JPC IM-Agent Proxy Service` `imagent-group-identifier`	`JPC IM-Agent Proxy Service` `imagent-group-identifier`
	`JPC IM-Agent Action Service` `imagent-group-identifier`	`JPC IM-Agent Action Service` `imagent-group-identifier`

To Page Top