Agent Client Collector installation

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Agent Client Collector installation

    The Agent Client Collector (ACC) can be installed on any supported host machine and connects to a MID Server via HTTP/S. This connection stays active, allowing one MID Server to manage multiple agents simultaneously. Each agent connects to one MID Server at a time, switching MID Servers for failover. The agent selects a MID Server based on its MID Server list, especially when its IP address changes.

    Show full answer Show less

    Key Features

    • Scalability: The maximum agents per MID Server is configurable via the snagent.mid.maxallowedagents property, defaulting to 4,000 agents. A 1 GiB MID Server supports around 700 agents, while an 8 GiB MID Server supports up to 8,000 agents. Multiple MID Servers can be deployed for large scale (e.g., 5 MID Servers with 8 GiB each can handle 40,000 agents).
    • User Permissions: The agent runs under a local user named servicenow with basic permissions. Specific permissions are required for features like retrieving serial numbers, running processes, mapping TCP connections, and package self-upgrade, varying by operating system (Windows, Linux, macOS).
    • Agent Record Management: Reinstalling the agent on the same host creates duplicate records. The original agent record should be deleted manually via the Agent Client Collectors page. Agents marked as Down or Disconnected are automatically deleted after 30 days by default, configurable via the Autoflush settings.
    • Security: Manual Transport Layer Security (mTLS) is used for secure authentication between the MID Web Server and the agent.
    • Air-Gapped Environment Support: ACC supports operation in air-gapped environments with specific configuration guidance available through the Now Support Knowledge Base.
    • Golden Image Mode: Enables cloning of additional ACC instances; setup varies by operating system and is described in installation prerequisites.
    • Domain Separation: The agent and its created Configuration Items (CIs) inherit the domain of the connected MID Server. The user must be in a leaf domain to create Websocket endpoint extensions for the MID Server.

    Practical Considerations for ServiceNow Customers

    • Plan MID Server resources based on the number of agents you expect to manage to ensure optimal performance and scalability.
    • Verify and configure appropriate permissions for the servicenow user account on each endpoint to enable all required agent features.
    • Manage agent records actively to avoid duplicates and ensure stale agents are cleaned up based on your desired retention settings.
    • Implement mTLS to secure communication between your MID Web Server and agents, enhancing security posture.
    • Use golden image mode for efficient deployment of multiple agent instances, especially in large environments.
    • Leverage domain separation features to maintain data segregation aligned with your organizational structure.
    • Refer to platform-specific installation guides for detailed steps on Windows, Linux, and macOS deployments.

    You can install the Agent Client Collector on any supported host machine. The Agent Client Collector connects to a MID Server using the HTTP/S protocol, and the connection remains active after being established. One MID Server may handle several agents simultaneously, while a single agent works with one MID Server at a time and switches to a different MID Server when necessary to provide failover protection.

    When an agent's IP address changes, it selects a MID Server to connect to based on the agent's MID Server list.

    The maximum number of agents that can be connected to a single MID Server is configurable in the sn_agent.mid.max_allowed_agents MID Server property. The default value is 4,000.

    For ACC-VC, a default 1 GiB MID Server can support 700 agents concurrently. An 8 GiB configuration for a MID Server can support 8,000 agents concurrently. You can also scale out. For example, 5 MID Servers with 8 GiB of heap size can handle up to 40k agents.

    The default user account is a local user called servicenow. This user has basic level permissions.

    The following table describes the permissions required to work with various features associated with the agent, per OS. An asterisk (*) indicates that no special permissions are required.
    Table 1. Agent on Endpoints Deployment
    Feature Windows Linux macOS
    Basic inventory * * *
    Serial number(s) *

    sudo

    dmidecode

    		 *
    Running processes Debug programs * *
    Mapping TCP connections to running processes * sudo ss *
    Storage devices LOCAL SYSTEM * *
    Logged-in users LOCAL SYSTEM * *
    Package self-upgrade LOCAL SYSTEM sudo rpm/dpkg Not supported

    If you completely reinstall the agent on a single host server, a second agent record registers on the instance. Delete the original agent on the Agent Client Collectors page (All > Agent Client Collector > Agents).

    Agents whose Status = Down or Disconnected which haven't been deleted are deleted automatically after 30 days. You can modify this setting on the Autoflush form page (see Autoflush form).

    Use the Manual Transport Layer Security protocol (mTLS) for secure authentication between your MID Web Server and the agent (the client). For details, see Connect the agent to the MID Server using mTLS.

    For details on using Agent Client Collector in an air-gapped environment, see the Agent Client Collector Framework Air Gapped Configuration Item Management Solution [KB1585753] article in the Now Support Knowledge Base.

    Golden image mode enables cloning of additional instances. Setting golden image mode is described in the installation procedure prerequisites for each OS. For information on the structure and modularity of the golden image plugin by operating system, see Golden image structure and modularity.

    Agent Client Collector supports domain separation. The domain of the agent and the CIs it creates is determined by the domain of the MID Server that the agent is connected to. The user's domain must be the lowest domain level (known as a leaf domain) to enable creating a Websocket endpoint extension for the MID Server.