Troubleshooting for K2 Agent Install on Node/VM/EC2.
Verify K2 Prevent Web Agent Installation
Docker Mode
Ensure that the K2 Prevent-Web agent is running on the host system.
Use the docker ps command to get information about the K2 Prevent-Web agent. If the output shows the running container, as in the following output, you have the K2 Prevent-Web agent running.
# docker ps | grep -w "k2agent"
c77da5d434c5 k2cyber/k2-agent-v1:1.10.2 "/bin/bash -c '/usr/…" 3 minutes ago Up 3 minutes k2agent"
If the machine does not have a K2 Prevent-Web agent running, it will show the empty output like below.
# docker ps | grep -w "k2agent"
#
Non Docker Mode
Service Based Installation
If K2 Agents Installed As A Root User
Ensure that the K2 Prevent-Web agent is running on the host system.
Use the systemctl status prevent-web-agent command to get information about the K2 Prevent-Web agent. If the output shows the running status of the service, as in the following output, you have K2 Prevent-Web agent running.
# systemctl status prevent-web-agent
prevent-web-agent.service - K2 segment agent
Loaded: loaded (/etc/systemd/system/prevent-web-agent.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2020-02-19 12:11:34 UTC; 1min 20s ago
If the machine does not have a K2 Prevent-Web agent running, it will show the below output.
# systemctl status prevent-web-agent
Unit prevent-web-agent.service could not be found.
If K2 Agents Installed As A Non-Root User
Use the service prevent-web-agent status command to get information about the Prevent-Web agent. If the output shows the running status of the service, as in the following output, you have Prevent-Web agent running.
OR
If the machine does not have a Prevent-Web agent running, it will show the below output.
OR
Process Based Installation
Verify the configured Cron job
If a cronjob is configured, you will see the below output
If the cronjob is not-configured, you will see the below output
Verify K2 Segment Agent Installation
Docker Mode
Ensure that the K2 Segment agent is running on the host system.
Use the docker ps command to get information about the K2 Segment agent. If the output shows the running container, as in the following output, you have the K2 Segment agent running.
If the machine does not have a K2 Segment agent running, it will show the empty output like below.
Non Docker Mode
Service Based Install
Root User
If you have done service based installation of K2 Agents with root user, Run below command
If the service is running successfully, below will be the output
If the service is not running or not present, you will be seeing below output
Non Root User
If you have done service based installation of K2 Agents with non root user, Run below command
If the service is running successfully, below will be the output
Process Based Install
If you have done process based installation of K2 Agents, Run below command
If the service is running successfully, below will be the output
If the service is not running or not present, you will be seeing empty output.
Restarting K2 Agents
Docker Mode
If you have installed K2 Agents in docker mode, Run below command to restart agent.
# docker ps | grep -w "k2agent"
c77da5d434c5 k2cyber/k2-agent-v1:1.10.2 "/bin/bash -c '/usr/…" 3 minutes ago Up 3 minutes k2agent"
# docker ps | grep -w "k2agent"
#
# systemctl status segment-agent.service segment-agent.service
K2 segment agent Loaded: loaded (/etc/systemd/systemd/segment-agent.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2021-08-05 12:11:34 UTC; 1min 20s ago
Unit segment-agent.service could not be found
$ systemctl --user status segment-agent
segment-agent.service - K2 segment agent Loaded: loaded (/home/centos/.config/systemd/user/segment-agent.service; enabled; vendor preset: enabled) Active: active (running) since Wed 2021-08-05 12:11:34 UTC; 1min 20s agoIf the service is not running or not present, you will be seeing below output
