Agent Management Console – Common Issues

Owned by Carlos Osorio
Nov 13, 2020
1 min read

SUMMARY

Feb 03, 2017

The Snare Agent Management Console (AMC) is a subset of the Snare Server.  The AMC allows configuration of large numbers of agents.

The common issues around AMC are:

  • Firewall ports not allowing inbound connections to 6161 or 6161 or 6163 for SQL

  • Needing to set master agent server with the configuration you want to push to others and make sure you pull the updates from it into the AMC

  • May need to be on patch 712 for v4 of the agents, or 713 for v5 of the agents, if there are timeout issues

  • Setting objective policies that are not overly large as it can slow down the scanning and updating of agents. i.e limit to a few class C network ranges where possible.  (Snare Agent Manager 2.0 will fix this.)

  • Using filters in the AMC config to limit to groups of agents

  • Using the Non reporting agents section of the AMC config for when logs are not sent to the Snare Server as it does not know the agents exist.

  • Ensure remote control is enabled on the Snare web UI