Specific port required for HTTPS access

David_York · September 28, 2017, 2:41pm

Ran into an issue with a IND script that uses HTTPS to the device. The device requires a special port number other than tcp/443 access the device via HTTPS. I'm not sure where in the script to add the specific port number for the script to use.

Where is the example below would I place the port number to be used?

Example script name device-cpu-statistics.ind

#! REMOTE::HTTP
url: "/Diagnostics/CPU/Statistics?stats_mode=0"
protocol: HTTPS

Liz_Salemi · September 29, 2017, 3:24pm

As I recall, the special admin port is built into the platform and there is no need to specify this in the IND scripts.

If you are having issues connecting, you can do the following tests:

If you have a firewall seperating Indeni and the BC device, view fw logs. Is it opened on the firewall?
If telnet is enabled, can you telnet to it from the Indeni server over port 8082?
scp sysinfo.out off indeni server and review output and test https access to Blue Coat from Indeni Server:

curl -k --user admin -o /tmp/sysinfo.out https://<bluecoatproxysgIP>:8082/sysinfo

Alon_Ashkenazi · October 1, 2017, 12:07pm

David,

Can you try changing the url as follow:

url: ":8082/Diagnostics/CPU/Statistics?stats_mode=0"

Alon_Ashkenazi · October 15, 2017, 8:32am

We identify the issue and we created a task to address it (IS-2929). I'll update once we will start working on this.

Alon_Ashkenazi · December 12, 2017, 12:13pm

new command-runner is avilable here:

s3://indeni-public/command_runner/command-runner-6.0.62_65.zip

Patrik_Jonsson · April 3, 2018, 4:42pm

I think information got lost in translation here. Last status was that Julia asked me to check if the props was loaded, and they were. Neither command-runner nor the scripts using indeni server worked though.

/Patrik

Ulrica_de_Fort-Menar · April 3, 2018, 4:57pm

@Julia_Elikhis @Alon_Ashkenazi next steps so we can troubleshoot?

Ulrica_de_Fort-Menar · April 9, 2018, 6:09am

@Alon_Ashkenazi @Julia_Elikhis @Patrik_Jonsson Ping again. Next step? Would like to see this working.

Patrik_Jonsson · April 9, 2018, 6:51pm

I am waiting for an answer myself.

Julia_Elikhis · April 10, 2018, 7:11am

Hi @Patrik_Jonsson,
Did you get any error when running with command-runner? Maybe something like “Http response for port 8082 failed with status:…” or “No ports are configured”?
Is there an access log for the HTTP server on Blue Coat? We can check there is indeni-collector is reaching the HTTP server.

What is the indication that the IND is not working? Do you get and error, or the returned metrics are empty?

Patrik_Jonsson · April 18, 2018, 5:37pm

Correct, no metrics was returned. There’s a Bluecoat device in the lab. Maybe you guys can look into it?

Julia_Elikhis · April 22, 2018, 6:42am

No problem, I’ll look into it.

Julia_Elikhis · April 30, 2018, 2:08pm

Hi Patrik, we investigated this issue and it looks like the collector is using properly the configured HTTPS port, but the HTTPS response throws an error, a seen on interrogation (401). Are you using a BC device that is in our lab?

@Patrik_Jonsson @Shouky_Dan

Patrik_Jonsson · April 30, 2018, 8:00pm

I’m not, but maybe Daniel is. I will ping him on slack.

Ulrica_de_Fort-Menar · May 15, 2018, 6:40pm

@Patrik_Jonsson This is working now. Our QA tested this successfully!