15.10 Agent is Unable to Send Events to Sentinel

Issue: Security Agent for UNIX is unable to send events to Sentinel server because of the certificate issue with Sentinel Agent Manager Connector.

Run the following command to check if the Agent is connected to the Sentinel via Sentinel Agent Manager connector:

netstat -an | grep 1590

If the Agent is not connected, and the communication between the Agent and Sentinel fails, following is the workaround.

Workaround: To regenerate the certificate for the Sentinel Agent Manager Connector, perform the following steps:

  1. Open Sentinel Control Center and perform the following steps:

    1. Go to Event Source Management window, right-click the Agent Manager.

    2. Click Edit.

    3. Go to Security tab, and select Custom under Server Key Pair setting.

    4. Click OK.

  2. Right-click the Agent Manager again and perform the following steps:

    1. Click Edit.

    2. Go to Security tab and select Internal (default) under Server Key Pair setting.

    3. Click OK, and close the Event Source Management window.

    The Sentinel Connector Agent Manager Connector certificate is regenerated.

  3. Restart the Agent by running the command:

    /usr/netiq/pssetup/vigilentagent.rc restart