KBI 311256 Alerts Not Fired For Servers In DMZ
Version
Argent AT – All Versions
Date
Monday, 20 July 2015
Summary
Corrective Alerts targeting a server within a DMZ may appear to fire successfully, but the Alert is not actually executed — the best example is a PowerShell Alert
This occurs because Alerts are always fired from the Argent AT Main Engine via the Argent Console
As the Argent AT Main Engine is outside of the DMZ, the Argent Console cannot execute the Corrective Alert directly against the target server in the DMZ
Customers experiencing this issue need to install the “Argent Alert Executor and Backup Console”
Technical Background
Customers who monitor Severs in a DMZ environment often have Trusted Agents or Daughter Engines within the DMZ to perform the Monitoring
This allows the Trusted Agent or Daughter Engine to perform the Monitoring without being blocked by a firewall or other security settings implemented to keep the DMZ environment isolated from the main network
Trusted Agents and Daughter Engines are purely for Monitoring and cannot fire Alerts
By default, Alerts are fired from the Argent Console on the Argent AT Main Engine
To alleviate this, “The Argent Alert Executor and Backup Console” is required
The Argent Alert Executor is used to send Alerts from a specific Server
As the Corrective Alert is being sent from the Alert Executor within the DMZ, there are no firewall or security settings to prevent the Alert from being actioned
Resolution
By installing the Argent Alert Executor in the DMZ; typically on the same machine as the Trusted Agent or Daughter Engine, actions are polled periodically from the Argent Console on the Argent AT Main Engine for Alerts that need to be fired
See https://help.argent.com/#Q766 for instructions on how to deploy and configure the Argent Alert Executor