How to Run a Connector Configured via the Agent

Prerequisites

It is recommended that you use a dedicated server or VM to run the Agent. Ensure that your firewall rules allow the Agent to communicate with your internal connectors, and contact Cisco Vulnerability Management.

The followingscanners are currently supported:

  • Nexpose

  • Nessus

  • Sonatype

  • BlackDuck

Important: The machine must have network access to your scanner and the Cisco Vulnerability Management API.

For more information about the recommended specification and how to install the Agent, see the help article here.

After Installing the Agent, Start and Enable the Agent

$ sudo systemctl start kenna-agent
$ sudo systemctl enable kenna-agent
$ sudo systemctl status kenna-agent
$ kenna-agent check 

Ensure that the URL referenced in the output from the kenna-agent check reflects the URL of the environment where your instance is hosted. For most customers, this will be: "https://api.us.kennasecurity.com"

},
 "platform": {
   "name": "api",
   "connectivity": {
     "checked": true,
     "success": true,
     "destination": "https://api.us.kennasecurity.com",
     "message": "",
     "error": "",
     "duration": 0.003155225
   }

If you find any misconfigured parameters from the kenna-agent check command output. Use the following commands to stop the agent and make the changes. Then start, enable, and check the Agent status and configuration details again.

To stop the agent and make the necessary changes:

$ sudo systemctl stop kenna-agent

Then go run the commands above again to start, enable, and check on the status.

Run the Connector from the Command Line

When the configuration looks good, run the connector from the command line from a personal machine.

$ kenna-agent oneshot 

Important: Cisco Vulnerability Management cannot schedule or initiate a connector that is going through the agent from the UI because the connection can be only established from the customer’s end. The customer must run the “kenna-agent oneshot” command which should start a connector run or the customer can wait for the scheduled connector to start.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.