Troubleshooting an Axon Agent
This section list troubleshooting procedures for Axon Agent, a list of Axon Agent error messages with resolutions, and instructions for creating a diagnostic support bundle for Tripwire Support.
Troubleshooting Procedures
If you encounter difficulties with an Axon Agent, complete the following steps:
| 1. | To confirm that the collection binaries are running, run the appropriate command on the Agent host system: |
AIX: lssrc -s tw-axon-agent-tlc
Linux: service tw-axon-agent-tlc status
Windows: tasklist
|
Executable name |
On |
On |
Description |
|---|---|---|---|
|
tw-axon-agent-tlc |
Y |
Y |
Agent service |
|
twsupport |
Y |
Y |
Support bundle collector |
|
twtail |
Y |
Y |
|
|
twwel |
|
Y |
|
|
twupgrade |
Y |
Y |
Enables remote upgrade capabilities for the Agent |
|
Note |
Plugins will not be listed if they are not currently in use. |
|---|
| 2. | To confirm that the Axon Agent has an open connection to the Axon Access Point on the TLC Manager (using port 5670, the default), run the appropriate command on the Agent host system: |
AIX or Linux: netstat -an | grep 5670
Windows: netstat -an | findstr 5670
| 3. | Open the Axon Agent log file (twagent.log): |
AIX or Linux: /var/log/tripwire-tlc/twagent.log
Windows: %PROGRAMDATA%\Tripwire\agent-tlc\log\twagent.log
To interpret the messages in the Axon Agent log file, see Axon Agent Error Messages.
| 4. | To confirm that the Axon Access Point is listening for Axon Agents (using port 5670, the default port), run the appropriate command on the TLC Manager: |
AIX or Linux: netstat -an | grep 5670
Windows: netstat -an | findstr 5670
Axon Agent Error Messages
Table 27 lists error messages that you may encounter when configuring and using the Axon Agent. You can find these error messages in the Axon Agent log files:
AIX or Linux:
/var/log/tripwire-tlc/twagent.log
Windows:
%PROGRAMDATA%\Tripwire\agent-tlc\log\twagent.log
|
Error message:
Cause:
Resolution:
2) Check the Access Point system's DNS and DNS SRV record. |
|
Error messages (Windows):
tw-axon-agent-tlc.bridge BridgeTLSConnector::handleConnect() - Failed, error:[system:121|The semaphore timeout period has expired] Error messages (Linux):
ERROR tw-axon-agent-tlc.bridge BridgeTLSConnector::handleConnect() - Failed, error:[system:111|Connection refused] Cause:
Resolution:
|
|
Error message:
Cause:
Resolution:
|
|
Error messages:
ERROR tw-axon-agent-tlc.bridge BridgeTLSConnector::handleHandshake() - Failed Connecting to host.example.com:5670, Error: [asio.ssl: 336134278 | certificate verify failed] Cause:
Resolution:
|
|
Error message:
Cause:
Resolution:
|
|
Error message:
Cause:
Resolution:
|
|
Error messages:
ERROR tw-axon-agent-tlc.bridge BridgeTLSConnector::handleAnonymousHandshake() - Failed Connecting to host.example.com:5670, Error: [asio.ssl: 336081077 | no ciphers available] Cause:
Resolution:
|
Creating a Support Bundle
If a direct connection exists between the TLC Manager and the Axon Agent, run the appropriate command on the Axon Agent host system to create a Support Bundle for analysis by Tripwire Support"
AIX or Linux:
/opt/tripwire/agent-tlc/plugins/twsupport/twsupport --generate.bundle=<zip_file>
Windows:
“<Program_Files>\Tripwire\Agent-TLC\plugins\twsupport\twsupport”
--generate.bundle=<zip_file>
where <zip_file> is the support bundle zip file to be created.
Otherwise, complete the following steps in the TLC Console to create the Support Bundle:
| 1. | In the side bar, select Resources > Configuration Manager. |
| 2. | In the side bar of the Configuration Manager, select  Resources > Axon Agents. |
| 3. | In the workspace, select the check box for the Axon Agent. |
| 4. | Click  Get Support Bundle. |
| 5. | In the Support Bundle File Dialog, enter the filename for the Support Bundle and click Save. |