Configuration file options

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Configuration file options IT Operations Management > Agent Client Collector > Agent Client Collector Framework > Configuration file options

    The acc.yml configuration file for the Agent Client Collector (ACC) provides essential settings for managing agent operations, including agent identification and communication with the MID Server. Proper configuration ensures seamless integration and functionality of the Agent Client Collector within the ServiceNow ecosystem.

    Show full answer Show less

    Key Features

    • Agent Name: Specifies the name of the agent using the hostname by default.
    • Backend URL: Defines a list of MID Webserver endpoint URLs for communication, with automatic fallback.
    • API Key & Authentication: Securely manages authentication credentials for the agent.
    • Logging Level: Configurable levels of logging to monitor agent activity.
    • Allow-list: Manages a JSON file path for executing permitted commands, enhancing security.
    • Application Classification Behavior: Controls shell CI creation settings.
    • Advanced Options: Includes settings for plugin verification, asset control, and execution preferences.

    Key Outcomes

    By configuring the acc.yml file, customers can:

    • Ensure secure and authenticated communication between the Agent Client Collector and the MID Server.
    • Control the execution of commands and manage security through the allow-list feature.
    • Optimize agent performance by selecting the appropriate logging level and managing application discovery settings.
    • Facilitate effective upgrades and maintenance of agent plugins and installations.

    These configurations enhance the overall management and security of IT operations within the ServiceNow platform, ultimately leading to improved operational efficiency.

    Options available in the acc.yml configuration file.

    Table 1. Basic configuration options for acc.yml configuration file
    Option Type Default Description Example
    name String Agent_<value of the hostname command> Agent name registered on the SN instance can be specified by the user. The result of the 'hostname' command is used as the default. name: <name of agent>
    backend-url List wss://127.0.0.1:8800/ws/events List of MID Webserver endpoint URLs to communicate with. If communication cannot be configured with the first URL, the system moves to the ensuing URLs until it establishes a connection. Works when enable-auto-mid-selection=true backend-url: <mid server ip>:<websocket port>
    api-key String <None> API key used by the MID Server to authenticate incoming agent connections. Value is encrypted on initial agent startup. api-key: <mid web server api key>
    user String admin Username used for basic authentication.

    If this parameter is empty, the agent does not start.

    		 user: "agent-01"
    password String admin Password used for basic authentication. Value is encrypted on initial agent startup.

    If this parameter is empty, the agent does not start.

    		 password: <secure-password>
    log-level String Info Amount of logging to appear in the acc.log file. Values:
    • Panic
    • Fatal
    • Error
    • Warn
    • Info
    • Debug
    		 log-level: debug
    allow-list String /etc/servicenow/agent-client-collector/check-allow-list.json Path to the JSON file that contains the list of check commands the agent can execute. Comment out this parameter to disable the allow-list.

    If this parameter is empty, the allow-list is disabled.

    		 allow-list: /etc/agent/check-allow-list.json
    appl_classification_behavior List simple Indicates whether to enable shell CI creation on the agent.
    Possible values are:
    • simple: Indicates that shell CI creation is enabled.
    • off: Indicates that no shell CIs are created for the application.
    • full: Indicates that complete Discovery of the application CIs is performed using patterns.
    		 appl_classification_behavior: off
    Table 2. Advanced configuration options for acc.yml configuration file
    Option Type Default Description Example
    verify-plugin-signature Boolean True Verifies the plugin signature prior to execution. Disable when using self-signed or developmental plugins. verify-plugin-signature: true
    insecure-skip-tls-verify Boolean False Determines whether the verify the certificate when connecting to the MID Server. insecure-skip-tls-verify: false
    enable-auto-mid-selection Boolean True Controls the Auto MID Selection feature to connect to the optimal MID Web Server provided by the instance. enable-auto-mid-selection: true
    check-command-prefer-installed Boolean False Indicates the preference of executables provided within ACC plugins or executables available in the host system’s PATH variable.
    • false = ACC plugins
    • true = Executables in the host system's PATH variable
    		 check-command-prefer-installed: false
    powershell_installed Boolean False Disables powershell command execution on agents. powershell-installed: true
    allow-list-global-only Boolean False Set to true to enhance security by relying only on the allow list defined in the allow-list parameter you specify during configuration, ignoring allow lists bundled with ACC plugins. allow-list-global-only: false
    disable-assets Boolean false Indicates whether a check running with an asset (plugin) dependency fetches ACC plugins from the ServiceNow® instance, or uses a copy of the plugins in its cache folder.

    When set to false, additional assets can be downloaded during check execution.

    Set to true to enhance security and ensure that no new plugins are downloaded during check execution.

    		 disable-assets: false
    agent-upgrade-url-path String https://install.service-now.com/glide/distribution/builds/package/app-signed/ Indicates an alternate web server URL endpoint for downloading ACC installer packages when performing selective upgrade. agent-upgrade-url-path: https://<ip address>:<port>/acc_installers
    enable-patterns-on-agent Boolean false Enables gathering details on the applications which run on the Agent Client Collector.

    This parameter is required only when using the Agent Client Collector for pattern execution.

    		 enable-patterns-on-agent: true
    keepalive-filter-nics Boolean true Indicates whether Network Interface Controllers (NICs) are filtered on the agent (true) or the MID Server (false) during keepalive action. keepalive-filter-nics: true
    keepalive-number_nics_per_ip_type Integer 1 Indicates the maximum number of Network Interface Controllers (NICs) per IP type (IP4, IP6) sent with a keepalive action. The indicated number is sent for each IP type.

    For example, if the value is 1, a maximum of 2 NICs are sent (0-1 each for IP4 and IP6). If the value is 4, a maximum of 8 NICs are sent (0-4 each for IP4 and IP6).

    		 keepalive-number_nics_per_ip_type: 4