Last Updated: 2022-03-25
Purpose
This article describe how to retrieve the Agent UUID.
Introduction
The Agent UUID is used to uniquely identify deployed agents. This UUID is crucial for distinguishing between agents, especially when managing multiple installations or troubleshooting specific deployments. Each isolated agent process using unique configuration will have different UUID. When the Agent client is calling Agent server for the enrollment and getting its certificate it is using a tenant UUID and an unique secret per tenant.
To retrieve the Agent UUID, administrators can run the o24-agent info command on the agent's host system. This command outputs a JSON object containing the agentUuid and enrollmentStatus fields, indicating the agent's unique identifier and its enrollment status, respectively. Accessing this information is essential for verifying agent enrollment, correlating scan results, and ensuring accurate asset tracking within the Outpost24 platform.
Requirements
Prior to version v1.22.0, the command requires root privileges to access the certificate where the agent UUID is stored.
On Windows platforms administrator privileges are required.
Extracting the UUID
The UUID is available in a JSON format from running the agent with the sub command info.
# o24-agent info | jq .
{
"agentUuid": "1dcea474-04ad-4112-99cf-aa9882e59986",
"enrollmentStatus": true
}
In Windows the agent binary is located in \Program Files (x86)\Outpost24\Agent and you may need to use the full path to the agent.
"agentUuid" - will be populated if the agent is enrolled ("enrollmentStatus") and represents the UUID that should be filtered for in the Manage Targets view in the UI. If this key is not present, the agent is either not enrolled or an error with the certificate occurred (see logging information below).
"enrollmentStatus" - should always be populated with a boolean value indicating whether the agent is enrolled.
By default no errors are logged on standard error (or similar on Windows), so if an error occurred (as indicated by the exit code being anything but 0) you can tell the agent to show the logs, or look in your centralized logging system (journal or event viewer).
$ o24-agent info --stderr-log --log-level DEBUG --log-sd=0 ; echo $?
2021-08-17T15:12:35.5174308+02:00 ERROR failed to read config
1
For clarity, the --log-sd has been disabled to remove large amounts of data. However, --log-sd data will always be requested whenever data is sent in support cases.
Logs produced by this command will not be sent to the Agent server, but are instead stored in the centralized logging system in your environment.
Troubleshooting
The command fails because it is run as normal user rather than with root privileges.
Related Articles
- Windows 10/Windows 2019 Server
- HIAB Updates
- General Information about SMB/WinRM Scanning
- Change Risk Levels
- Removing an Agent from Windows
- ServiceNow - Legacy
- Windows 8.1
- Netsec Filters
- Discovering the Agent in OUTSCAN
- Technical Specification
- Account Settings
- How to Test SMB Authentication
- Windows 2016 Server
- Identity Provider Settings
- HIAB Server Settings
- Installing a Linux Agent
- Okta Identity Provider Configuration
- Scanning-Less Scanning
- Check Connectivity to Agent Server
- Scan Scheduling Errors
- Overview
- Event Notification Module
- HIAB Maintenance Settings
- HIAB Deployment Guide
- Database Connector (HIAB only)
- Azure AD Identity Provider Configuration
- Add Comments
- Target Groups
- Checking if Agent is Running
- Core Installation
- Windows 2008 R2 Server
- Agent Installation Introduction
- Automatic Asset Joining With Netsec
- Manage Users
- Firewall Setup for Agents
- Scanning Range
- SNMP (HIAB only)
- ADFS Identity Provider Configuration
- Splunk
- Agent Call Home
- Advanced Report Filters
- Accept Risks
- SMB Authentication from OUTSCAN/HIAB
- Virtual HIAB Appliance
- Using the Agent Info Command
- Amazon
- User Roles
- Removing an Agent from Linux
- Retrieving the Agent UUID
- Atlassian Jira
- Understanding Scanner and Scheduler
- Finding the Agent Version
- Create and Edit Event Notifications
- Installing a macOS Agent
- Syslog (HIAB only)
- Setting Up an Agent Using System Proxy
- ServiceNow - App
- Thycotic
- DNS Lookup in UI and in Console
- HIAB Console
- Auditing Guide
- Adding Agent Attributes
- HIAB Distribution Settings
- Run Verification Scans
- Agent Latest Version
- Finding New Agents In OUTSCAN
- Setting up a HIAB as an Appsec Scale Scanner
- Checking Schedules from OUTSCAN in Agent
- Hardening the HIAB
- Performing a PCI DSS Scan
- Two Factor Authentication
- Attributes
- Firewall Rules
- HIAB Enrollment
- Supported Platforms for Authenticated SSH Scanning
- Authenticated Scanning Using WinRM
- OneLogin Identity Provider Configuration
- Windows 7
- HIAB Remote Support
- Compliance Scanning
- Manage Targets
- Assign Tasks
- Authenticated Scanning Using SSH
- Tickets Quick Start Guide
- Retrieving Results From the Agent in OUTSCAN
- Appliance Logs
- Converting Normal with Webapp Scans (Netsec) to Portal Workflows
- Updating the Agent
- Troubleshooting SMB Authentication
- Agent Licensing
- Mark as False Positives
- Installing a Windows Agent
- Using Farsight in Netsec
- Testing Target System for Open TCP Ports
- HIAB Restore
- Scan Stages
- Request Clarifications
- HIAB Setup Guide
- Updating Agent Attributes
- CyberArk
- LDAP/AD
- Checking if the Agent has Produced Results
- ArcSight (HIAB only)
- HIAB E-mail Whitelisting
- Adjust Identity Provider SAML Metadata File
- Scanning Critical Industrial Devices/Machines
- Reporting Tools
- Scan Scheduling
- Scanning Performance and Impact Tuning
- PCI Compliance Scanning
- Configuring and Accessing the HIAB console using SSH
- User Groups
- Create Users
- HIAB Remote SSH Guide
- Download Agents
- Create Targets
- Windows 2012 R2 Server
- HIAB Backup
- Report Scheduling
- Access Tokens
- O24AUTH
- Complementary Authenticated Scan on Default Credentials
- Authenticated Scanning Using SMB
- Dynamic Target Group