How to quickly find the Windows machine on which a culprit remote HMA is running and affecting the Hawk/TRA on another machine?
Article ID: KB0092243
Updated On:
| Products | Versions |
|---|---|
| TIBCO Hawk | - |
| Not Applicable | - |
Description
Resolution:
A very common cause that HMA fails to start or TRA does not working properly is because the interfering of a remote HMA running on another machine but remotely connecting to the rvd running on the problem machine; and most frequently the culprit remote HMA is running on a Windows machine because users sometimes use the remote RV daemon for Hawk Display to monitor Hawk Agents running in another subnet, and also mistakenly start the HMA which is configured with the same remote RV daemon due to using the Hawk Configuration Utility available on Windows.
It’s not hard to confirm there is a remote Windows HMA connecting to the rvd on a Unix machine. From the hawk.log file on a Unix machine, check to see if there are any Windows platform specific microagents being loaded on the Hawk agent, such as: EventLog, Registry, Performance etc.
It’s not that obvious by looking into the Hawk.log to find there is a remote Windows HMA when it connects to another Windows machine. But we can confirm that if the Hawk.log shows there is a set of HMA microagents are loaded but the Windows Task Manager shows no HMA process running.
Now we need to quickly figure out on which Windows machine the culprit remote HMA is running so we can stop it. Please use the following method to identify remote machine:
1. Invoke Registry:getString(Key=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName, Entry=ComputerName) to find out who the culprit is.
2. Or, run “netstat -a | grep <rvd daemon port of the HMA>” on the Unix machine to find out which are the possible machines.
It is not recommented to use remote daemon for Hawk, especially when configuring the remote daemon in the Hawk Configuration Utility GUI on Windows. If the use of remote daemon for Hawk Display can not be avoid and no need to run Hawk Agent and Hawk HMA on that Windows box, please disable the Hawk Agent and Hawk HMA NT services to prevent them to be mistakenly started with remote daemon.
A very common cause that HMA fails to start or TRA does not working properly is because the interfering of a remote HMA running on another machine but remotely connecting to the rvd running on the problem machine; and most frequently the culprit remote HMA is running on a Windows machine because users sometimes use the remote RV daemon for Hawk Display to monitor Hawk Agents running in another subnet, and also mistakenly start the HMA which is configured with the same remote RV daemon due to using the Hawk Configuration Utility available on Windows.
It’s not hard to confirm there is a remote Windows HMA connecting to the rvd on a Unix machine. From the hawk.log file on a Unix machine, check to see if there are any Windows platform specific microagents being loaded on the Hawk agent, such as: EventLog, Registry, Performance etc.
It’s not that obvious by looking into the Hawk.log to find there is a remote Windows HMA when it connects to another Windows machine. But we can confirm that if the Hawk.log shows there is a set of HMA microagents are loaded but the Windows Task Manager shows no HMA process running.
Now we need to quickly figure out on which Windows machine the culprit remote HMA is running so we can stop it. Please use the following method to identify remote machine:
1. Invoke Registry:getString(Key=HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName, Entry=ComputerName) to find out who the culprit is.
2. Or, run “netstat -a | grep <rvd daemon port of the HMA>” on the Unix machine to find out which are the possible machines.
It is not recommented to use remote daemon for Hawk, especially when configuring the remote daemon in the Hawk Configuration Utility GUI on Windows. If the use of remote daemon for Hawk Display can not be avoid and no need to run Hawk Agent and Hawk HMA on that Windows box, please disable the Hawk Agent and Hawk HMA NT services to prevent them to be mistakenly started with remote daemon.
Issue/Introduction
How to quickly find the Windows machine on which a culprit remote HMA is running and affecting the Hawk/TRA on another machine?
Feedback
Yes
No
Powered by
