How to Run a Connector Configured via the Agent

Prerequisites:

It is recommended that you use a dedicated server or VM to run the Agent. Please make sure that your firewall rules allow the Agent to talk to your internal connectors as well as reach out to Cisco Vulnerability Management.

These scanners are currently supported:

  • Nexpose

  • Nessus

  • Sonatype

  • BlackDuck

Important: The machine must have network access to your scanner and the Security API.

Click here for more info about the recommended specification and how to install the agent.

After Installing the Agent, Start and Enable the Agent:

$ sudo systemctl start kenna-agent
$ sudo systemctl enable kenna-agent
$ sudo systemctl status kenna-agent
$ kenna-agent check 

Make sure that the url referenced in the output from the kenna-agent check reflects the url of the environment where your instance is hosted. For most customers, this will be: "https://api.us.kennasecurity.com"

},
 "platform": {
   "name": "api",
   "connectivity": {
     "checked": true,
     "success": true,
     "destination": "https://api.us.kennasecurity.com",
     "message": "",
     "error": "",
     "duration": 0.003155225
   }

If you find any misconfigured parameter from the kenna-agent check command output. Stop the agent by following the below commands and make the important changes then start, enable and check the Agent status and config details again.

To stop the agent and make the necessary changes:

$ sudo systemctl stop kenna-agent

Then go run the commands above again to start, enable, and check on the status.

Run the Connector from the Command Line

When the configuration looks good, run the connector from the command line from a personal machine.

$ kenna-agent oneshot 

Important: Cisco Vulnerability Management cannot schedule or initiate a connector that is going through the agent from the UI as the connection can be only established from the customer’s end. Customer must run the “kenna-agent oneshot” command which should start a connector run or customer can wait for the scheduled connector to kick in.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.