Checking Schedules from OUTSCAN in Agent

^{Last Updated: 2023-09-15}

Purpose

This article describes how to check if the Agent has retrieved schedules from OUTSCAN.

Introduction

In Outpost24, agents establish regular call home sessions to fetch scanning schedules from OUTSCAN, which dictate what scans to run and when. The Checking Schedules from OUTSCAN in Agent feature lets administrators verify that these schedules have been retrieved and are active by inspecting the instructions folder on each agent’s host. By checking the presence, update timestamp, and contents of the UUID-named schedule subdirectories which store encrypted files like commands, psh-commands, and registry, you can confirm that the agent is up-to-date and operating on the intended scan schedule—not missing or lagging behind.

Checking Retrieved Schedules in the Agent

The Agent calls home to the API regularly to receive information about a schedule, which are used to plan their scanning. To check if the Agent has retrieved the schedule, check the instructions folder as described in this document.

Windows

Open a file Explorer or Windows PowerShell as administrator and enter the following command:

ls C:\ProgramData\Outpost24\Agent\schedules\instructions

Linux

Login to you Linux system with an account that has admin privileges or is able to elevate privileges and become root and run the following command:

sudo ls -la /var/cache/o24-agent/schedules/instructions/

Examples

In both cases, This directory contains the schedules for the Agent. Each schedule is a directory of type (UUID) that contains 3 encrypted files: commands (for Linux), psh-commands and registry (for Windows).

Windows example:

Linux example: