Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »


What is an XPLG Agent?
An agent is an instance of XpoLog that takes on the role of an agent.
When it becomes an agent, it transforms into a thin simple version that doesn't store data.
Other regular xpolog installations (like a XPLG Cluster) can ask the agent for logs and data.
The agents will provide that data and logs from various sources like PCs and servers.
In this approach, the XpoLog Cluster doesn't require permissions to directly communicate with all sources or pull information from each source. Instead, it communicates solely with the agent.
The agent possesses the necessary permissions to interact with the sources and deliver the required information. This setup enhances security and reduces overall network traffic.

image-20240925-141242.png


In which environments should we deploy the agent?
XpoLog Linux-based cluster, is unable to retrieve Logs from Windows machines directly.
This limitation doesn't apply in reverse; Windows can retrieve information from Linux.
As a result, the agent is often chosen to be Windows-based in most cases to address this discrepancy.
The windows XPLG agent can send those windows logs to the Linux cluster.
The communication between the agent and the Xpolog cluster occurs through HTTPS/HTTP protocols.

Flow:

  1. we configure the Xpolog cluster to be able to connect to the agent using a special account (address book pane)

  2. We configure the agent to be able to establish connections with sources and read logs when necessary.

  3. when the XPLG cluster requires the collection and updating of a log, (define In the connection policy ) the cluster will request the agent to perform this update. The agent, on behalf of the cluster, will establish contact with the source and transmit the data to the cluster. note: The agent doesn't save any log data; instead, it just verify that this log contains fresh information and send it over to the xpolog Cluster.

How To Create An Agent Account?

To create an agent account, kindly follow these steps:

  1. Go to the XPLG (Cluster) web interface.

  2. In the left navigation panel, select PortX > Data > Account.

  3. Click the New Account button. Choose Remote XpoLog.

  4. Enter a name and fill in the details under the Account Login Details section.

  5. In the Advanced Settings section make sure Enable remote configuration synchronization is ticked.

  6. Press Verify. If you see a green success message, click Save. If not, double-check the details or network connectivity.

How to Activate agent mode?

To activate agent mode, follow these steps:

  1. Navigate to PortX > Settings > System Settings in the XPLG web interface.

  2. Check the Activate Agent Mode option.

  3. Click the Save button to apply changes. The system will automatically reboot.

Once you enable the agent mode, you will see a popup message indicating that some functionality may be disabled and all file sizes will be set to 0.

How to add logs from a remote XPLG agent ?

  • No labels