On-Premises Hawk Agent Configurations

You can configure the Hawk agent for the on-premises platforms such as Linux or Microsoft Windows. All the required configuration parameters are stored in CONFIG_FOLDER/bin/hawkagent.cfg.

Each of the parameters are explained in more detail in the following table:

Hawk Agent Configuration Options

Property

Description

cluster

The name of the container in which the agent appears in the display by default. The display creates the container if it does not already exist. Allows for grouping of multiple agents. The cluster name must be enclosed within quotes, if the name contains spaces.

 

Mandatory: No

Suggested value: IP subnet address

agent_name

Each agent being managed must have a unique combination of agent_name, agent_domain, and hawk_domain values. To use the host name as the agent name, comment this option.

 

Mandatory: No

Suggested value: Host Name of the computer

Note: Agent names with multiple words separated by dots are not supported.

agent_domain

An agent domain must be specified when two computers within the same TIBCO OI Hawk RedTail domain have the same name but reside in different network domains. For example, you might specify this option as: agent_domain pa.tibco.com.

 

Mandatory: No

Suggested value: "none"

hawk_domain

As explained in Hawk Domain

 

Mandatory: No

Suggested value: classic
transport_timeout

The default timeout used by transport for internal invocations

 

Mandatory: No

Suggested value: 30000
TIBCO Rendezvous Transport

rvd_session

Comment this option if you are using TCP Transport for TIBCO Hawk or TIBCO EMS as the primary transport.

The format is rvd_session <service> <network> <daemon>.

If you use this option, all three parameters must be present and separated by white space. Use a semicolon (;) to indicate a null value, or use an empty string, for example:

rvd_session 7474; tcp:7474

 

Mandatory: No

Suggested value: 7474; tcp:7474
gRPC Transport for TIBCO Hawk (Default)
grpc_session Specifies that the TIBCO Hawk agent must use gRPC transport.

The syntax of the property is:

grpc_session <host>:<port>

where,

<host>:<port> - Unique socket address for the Hawk RedTail Console component for connecting to the gRPC session.

eg. grpc_session localhost:9697

 

Mandatory: yes

Suggested value: localhost:9697
grpc_max_reconnect_attempts

Specifies the maximum number or reconnection attempts to be made by Hawk agent if the Hawk RedTail Console component is not available

 

Mandatory: yes

Suggested value: 100
grpc_reconnect_interval

Specifies the interval (in milliseconds) between reconnection attempts

 

Mandatory: yes

Suggested value: 5000

gRPC Transport for TIBCO Hawk SSL Parameters

The following TLS/SSL parameters are applicable to -grpc_session
grpc_enable_tls

Set to true, if communication needs to happen over TLS protocol

 

Mandatory: No

Suggested Value: true
grpc_server_ca

Path of the Certificate Authority of the Hawk RedTail Console server

 

Mandatory: No

Suggested Value: <Path to Certificate Authority of Hawk RedTail Console Server>
grpc_server_hostname

Host name of the Hawk RedTail Console

 

Mandatory: No

Suggested Value: Hawk RedTail Console host name
grpc_client_certificate

Path of the client certificate for the Hawk agent

 

Mandatory: No

Suggested Value: <Path to client certificate for the Hawk agent>
grpc_client_key

Path of the client private key for the Hawk agent in PKCS8 format

 

Mandatory: No

Suggested Value: <Path to client private key for Hawk agent in PKCS8 format>

TCP Transport for TIBCO Hawk

tcp_session

Specifies that the TIBCO Hawk agent must use TCP Transport for TIBCO Hawk. The syntax of the property is:

tcp_session <self_IP>:<port> <HAWKCONSOLE_IP_ADDRESS>:<port>

where,

<self_IP>:<port> - Unique socket address of the Hawk agent for connecting to the cluster.
<HAWKCONSOLE_IP_ADDRESS>:<port> - The IP address of instance running OI Hawk Console.
Note: Multiple agents/OI Hawk Console running on the same instance must be bound to separate ports. For example, if hawkagent1 binds to port 2551, then hawkagent2 can use port 2552 or any port other than 2551.

 

Mandatory: Yes

Suggested Value: localhost:2551, localhost:2561

TCP Transport for TIBCO Hawk SSL Parameters

The following TLS/SSL parameters are applicable to -tcp_session and -ami_tcp_session.

tcp_key_store

Path of the key store file

 

Mandatory: No

Suggested Value: <file-name>

tcp_trust_store

Path of the trust store file

 

Mandatory: No

Suggested Value: <file-name>

tcp_key_store_password

Password for the key store file

 

Mandatory: No

Suggested Value: <password_string>

tcp_key_password

Encrypted key password

 

Mandatory: No

Suggested Value: <password_string>

tcp_trust_store_password

Password for the trust store file

 

Mandatory: No

Suggested Value: <password_string>

tcp_ssl_protocol

Protocol for a secure connection

 

Mandatory: No

Suggested Value: TLSv1.2

tcp_enabled_algorithms

Algorithm to be used for the security protocol. You can specify multiple algorithms as a comma-separated list without space

 

Mandatory: No

Suggested Value: TLS_RSA_WITH_AES_128_CBC_SHA
max_reconnect_attempts_after_restart

Specifies the number of reconnect attempts to be made when the agent gets disconnected from the Daemon

 

Mandatory: No

Suggested Value: 1000
max_reconnect_attempts_during_connect

Specifies the number of reconnect attempts made when the connection is disconnected from the Daemon after it has been established

 

Mandatory: No

Suggested Value: 20

TIBCO EMS Transport

ems_transport

Specifies that the TIBCO Hawk Agent should use TIBCO EMS transport for communication with the agents. Either one of the following format can be used:

ems_transport <serverURL>
ems_transport <serverURL> <username> <password>

For example:

-ems_transport tcp://server1:7222 admin ""

Note: If EMS is configured as transport, then the ami_rvd_session parameter must be configured.
Note: When using encrypted password generated using tibhawkpassword, the password must be placed within double quotation marks (").

Comment this option if you are using TCP Transport for TIBCO Hawk or TIBCO Rendezvous as the primary transport.

 

Mandatory: No

Suggested Value: -

TIBCO EMS SSL Parameters (In case EMS Server is configured for SSL communication)

ssl_vendor

The name of the vendor of the SSL implementation. The valid choices are

j2se-default: Use this option when you want to use the default JCE bundled with the Java JRE.

On IBM platforms (such as AIX), this option defaults to ibm.

j2se
entrust61: Use this option when you want to use the Entrust libraries.
ibm: On non-IBM platforms, this option can be used only if the IBM version of JCE is installed.

 

Mandatory: No

Suggested Value: j2se

ssl_ciphers

Cipher suite name. Use circumflex (^) instead of hyphen (-) when specifying ssl_ciphers

 

Mandatory: No

Suggested Value: -

ssl_no_verify_host

Indicate not to verify the EMS server

 

Mandatory: No

Suggested Value: -

ssl_trusted

File name of the server certificates. The file should be accessible locally/ shared drive. You can specify more than one ssl_trusted.

 

Mandatory: No

Suggested Value: -

ssl_no_verify_hostname

Indicates not to verify the name in CN field of the server certificate

 

Mandatory: No

Suggested Value: -

ssl_expected_hostname

If the -ssl_no_verify_host is not specified, the option ssl_trusted has to be used. Along with the option ssl_trusted specify either ssl_no_verify_hostname or ssl_expected_hostname.

 

Mandatory: No

Suggested Value: -

ssl_identity

Digital certificate

 

Mandatory: No

Suggested Value: -
ssl_password

Password

 

Mandatory: No

Suggested Value: -

ssl_private_key

Private key

 

Mandatory: No

Suggested Value: -

use_thread_pool

Optimizes the number of threads the agent creates for every microagent it discovers. It is advisable to turn this option On if the agent is going to discover over 100 microagents. This value is OS dependent and should be set to the maximum number of threads allowable per process.

 

Mandatory: No

Suggested Value: 256

character_encoding

Character encoding to be used for strings sent all TIBCO Rendezvous transport

 

Mandatory: No

Suggested Value: UTF-8

hma_plugin_dir

Specify the directory used for Hawk microagent plug-in configuration

 

Mandatory: No

Suggested Value: CONFIG_FOLDER/plugin

rulebases

List of rulebases to be loaded at the start up. This is used in manual configuration mode. This might not be used with the auto_config_dir option.

Note: The rulebase names must be separated by a blank space.
Warning: You must not specify the file extension (.hrb) along with the rulebase name.

 

Mandatory: No

Suggested Value: -

config_path

The list of directories to use as configuration sources. Used in the case of manual configuration. The delimiter for path entries is a colon (:) on Linux OS and a semicolon (;) for Microsoft Windows. This might not be used with the auto_config_dir option.

 

Mandatory: No

Suggested Value: CONFIG_FOLDER/config

auto_config_dir

The directory to auto-load Rulebases at the startup. If this option is present, the agent runs in an automatic configuration mode.

Specify the directory from which the Rulebase and schedule configuration objects are loaded at the startup. The default directory, CONFIG_FOLDER/autoconfig, is used if a value is commented.

If you use automatic configuration, comment the following options:

config_path, repository_path, repository_cache_dir, rulebases

 

Mandatory: No

Suggested Value: CONFIG_FOLDER/autoconfig

repository_path

List of repositories to use as configuration sources.

If repository configuration mode is used, specify the path to be searched for repositories. The delimiter for path entries is a colon (:) on Linux OS and a semicolon (;) for Microsoft Windows. This might not be used with the auto_config_dir and config_path options.

 

Mandatory: No

Suggested Value: -

repository_cache_dir

If repository configuration mode is used, all configuration objects loaded from the repository may be cached in a local directory, specified in this option. This cache is used if a repository fails, and also to minimize network traffic.

If repository_cache_dir is used, comment the auto_config_dir and config_path options.

 

Mandatory: No

Suggested Value: CONFIG_FOLDER/cache

variables

Properties file to specify variables file. The variables file can pass data to define external variables to be passed to rules for use in rulebase configurations. The format of the file is that used by the standard Java class java.util.Properties.

 

Mandatory: No

Suggested Value: -

Email Configurations

Email configuration options are used to send the notification email.

email_smtp_server

Specifies the host name of the SMTP server

 

Mandatory: No

Suggested Value: <SMTP HostName>

email_smtp_port

Specifies the port at which the SMTP server is listening

 

Mandatory: No

Suggested Value: 25

email_smtp_auth_required

Specifies whether authentication is required for the SMTP server. The default value is false. If the value is true, you need to provide the user name (email_smtp_user) and password (email_smtp_password) for authentication.

 

Mandatory: No

Suggested Value: false

email_smtp_tls_required

Specifies whether TLS encryption is required for the SMTP server. If set to true, use of the STARTTLS command is required (if supported by the server) to switch the connection to a TLS-protected connection before issuing any login commands.

Note: Some providers such as gmail have started enforcing TLS. The user must review blocked sign-in attempts and change the security policy for the email that is being used.

 

Mandatory: No

Suggested Value: false

email_smtp_socket_factory_port

Specifies the port to connect to when using TLS. If not set, the default port is used.

 

Mandatory: No

Suggested Value: 25

email_smtp_user

Specifies the sender’s user name for the SMTP server authentication. The field is mandatory if the authentication option (email_smtp_auth_required) is set to true.

 

Mandatory: No

Suggested Value: -

email_smtp_password

Specifies the sender’s password for the SMTP server authentication. The field is mandatory if the authentication option (email_smtp_auth_required) is set to true.

 

Mandatory: No

Suggested Value: -

email_from

Specifies the sender’s email address for sending the email. The default is the current system user, for example, "HawkAdministrator"<admin@abc.com>

 

Mandatory: No

Suggested Value: -

email_content_type

Specifies the content type of email. The email application interprets the text characters in the body of the email based on this property.

 

Mandatory: No

Suggested Value: text/html

Configuration for AMI communication

ami_rvd_session

Configures the agent with a RVD session to be used to communicate with applications implementing the TIBCO Hawk Application Management Interface. Multiple ami_rvd_session parameters may be specified. If none are specified, the RV session used for AMI is the primary session of the Self Module.

Note: 127.0.0.1 must be used as the network parameter when you are using TIBCO EMS transport for communication. For example: ami_rvd_session 7474 127.0.0.1 tcp:7474

If you are using TCP Transport for TIBCO Hawk then uncomment this option, so that the Hawk agent can communicate with Hawk microagent using the TCP-RV bridge. Same value must be used in the Hawk microagent configuration (hawkhma.cfg) for the rvd_session parameter.

 

Mandatory: No

Suggested Value: tcp:7474

ami_tcp_session

Configures the Hawk agent with a TCP session to be used to communicate with applications implementing the TIBCO Hawk Application Management Interface.

If this parameter is not specified while using TCP Transport for TIBCO Hawk, the default value (localhost:2571) is used.

The syntax of the property is:

-ami_tcp_session <self_IP>:<port>

where, <self_IP>:<port> is the unique socket address for communication with TIBCO Hawk Application Management Interface.

 

Mandatory: No

Suggested Value: ami_tcp_session localhost:2571

Logging

log_dir

The directory in which to store log files generated by the Hawk agent

 

Mandatory: No

Suggested Value: CONFIG_FOLDER/logs

log_max_size

The maximum size of a rotating log files in kilobytes. You can also apply a suffix 'M' or 'm' for indicating values in megabytes.

 

Mandatory: No

Suggested Value: 10M

log_max_num

The maximum number of rotating log files

 

Mandatory: No

Suggested Value: 10

log_level

Specifies the level of diagnostic information stored in the logs. The following are the logging levels:

4 - Indicates error level trace messages should be enabled.

6- Indicates warning level trace messages should be enabled.

7 - Indicates information level trace messages should be enabled.

8 - Indicates debug level trace messages should be enabled.

16 - Indicates AMI level trace messages should be enabled.

A value of zero turns all tracing off.

A value of -1 turns all tracing on.

 

Mandatory: No

Suggested Value: 7

log_format

The format for trace log messages

 

Mandatory: No

Suggested Value: "default"

TIBCO Protocol Adapter

interval

The heartbeat interval in seconds

 

Mandatory: No

Suggested Value: 30

security_policy

The fully qualified name of the Java class which implements the security policy

 

Mandatory: No

Suggested Value: -

Rulebase Repository

repository_name

The name of the rulebase repository

 

Mandatory: No

Suggested Value: -

repository_dir

The location of the repository

 

Mandatory: No

Suggested Value: -

Logfile MicroAgent

scan_rate

The interval (in seconds) after which the log files are scanned

 

Mandatory: No

Suggested Value: 10

block_size

The maximum number of kilobytes to read on each scan

 

Mandatory: No

Suggested Value: 16

eval_rate

The interval (in seconds) after which all the log files being monitored are re-evaluated

 

Mandatory: No

Suggested Value: 300