The Bastion Agent is a service that checks the Bastion's and LAC's responsiveness and takes a resolution action.
It works by sending a health check request to the Bastion and LAC. if the Bastion and/or LAC Filter does not respond as expected, the script will try to restart the Bastion service.
Processing
The agent runs the monitoring process each predefined number of seconds (default is 10) and does the following:
• Check if Bastion service is running
• If not - start the Bastion service
• Call Bastion health check requesting https://[BastionIp]/skypeshieldhealth with host header BastionHealthcheck Host, for example https://127.0.0.1/skypeshieldhealth with host header lyncdiscover.skypeshield.com
• If received HTTP 200 status code - Bastion and LAC are OK - no restart is done
• If received other HTTP status or error/exception - except status 404/403/401
Will try to restart Bastion service after 3 consecutive failures every 10 seconds - only if already in production mode.
• No restart is done if still not in production mode - not received 5 sequences OK results.
Configuration
The default location of the configuration file is located at:
C:\Agat\Tools\BastionAgent\AgatBastionAgent.config
1. LogFileFullName - The path of the Bastion Agent event logs.
2.LogFileMaxSize - Defines the maximum size of the log file before the agent will clear out and create a new log.
3.LogFileLevel - The severity level of the logs generated by the agent.
4.EventLogLevel - The severity of the logs sent to the event viewer.
5.MonitorFrequencySeconds - The frequency in which the Bastion agent performs the health check (in seconds).
6.BastionHealthcheckHost - The host to whom the health check request will be sent to.
7.BastionRestartTimeoutSeconds - How long should the agent for a restart to complete. If the service is not able to start, the agent will create an event for manual operation to be done..