Skip to main content

Log agent communication (pstee)

This method was demonstrated in Demo/Lab: Pstee and replaying operations on connectors . If the idmsuite logs are not giving you enough information, it is often useful to enable pstee to examine the communication between Bravura Security Fabric and the connector.

For example, when you are testing a target connection by pressing the "Test credentials" button in the Test connection tab of the target configuration page (or any other UI button in the product that interacts with the connector), Bravura Security Fabric is calling out to the connector. It is important to note, once you capture that input message, you can keep using that input message in a command prompt instead of having to repeat complicated reproduction steps in the UI.

This communication both to the connector and from the connector is in the format of a KVGroup. KVGroup format is a proprietary Bravura Security format which is somewhat similar to JSON.

This communication is done using stdin and stdout via command pipes. What this means is when a connector is called, an input stream (also known as an input KVGroup) is sent to the connector. The connector executes the operations in the input stream and sends an output stream (also known as an output KVGroup). These can be pasted in the command prompt after invoking an agent, or they can be streamed to the agent as files using a redirector or a pipe. For example, a redirector execution of a connector might look like this:

agtpython < input.kvg

And a pipe execution might look like this:

type input.kvg | agtpython

The following example outlines the process of pasting the input KVGroup into an agent’s stream:

  1. Click the Windows Start menu and click the Run app/program.

  2. Type regedit and click Ok.

  3. In the registry, navigate to Computer\HKLM\SOFTWARE\Bravura Security\Bravura Security Fabric\<instance>\

  4. Right click in the blank space of the <instance> contents and click "New"/"DWORD (32-bit) Value" and provide the following values:

    • Value name: agtpython-tee

    • Value data: 1

    • Base: Hexadecimal

  5. Run Test Credentials from the Bravura Security Fabric UI on the target

  6. In Windows File explorer navigate to the <Program Files path>\Bravura Security\Bravura Security Fabric\Logs\<instance> directory and open the log file that ends with -input.log

    Keep in mind to keep these files secure since they do contain encrypted values and theoretically could be decrypted by something. This file has everything we need to interact with the connector and replay the Test Connection operation.

  7. In File explorer navigate to the <Program Files path>\Bravura Security\Bravura Security Fabric\Logs\<instance> directory and open the log file that ends with -output.log. This tells you what happened from the connector side.

    In this case the serverinfo operation returned a value of ‘0’. If the connector failed during your test you might see the error message and a non zero return value.

  8. On the Bravura Security Fabric UI click the Test List option. You should notice two more files appear in the \Logs directory.

  9. Inspect these input and output files.

  10. Using the information from the input and output files, we can now:

    1. Obtain an Instance Prompt .

    2. Enter into the <instance>/agent directory.

    3. Run command:

      agtpython

    4. Notice that nothing happens and the prompt is waiting for more input.

    5. Open your most recent -input.log file from running the test list.

    6. Copy all the contents from the -input.log and paste it into the command prompt.

      It will generate the output directly into the command prompt and will generate another set of input/output files in the Logs/<instance> directory.

    You may run a process and first think that files have not been added to the \Logs\<instance>\ folder. In this situation, ensure the folder is refreshed. Similarly, when inspecting the idmsuite.log file with an editor like notepad, close and open the file again to get the most up-to-date information.

In this section: