tencent cloud

All product documents
Cloud Workload Protection Platform
DocumentationCloud Workload Protection PlatformTroubleshootingOffline Agent on Linux
Offline Agent on Linux
Download PDF
Last updated: 2023-12-26 16:40:17
Offline Agent on Linux
Last updated: 2023-12-26 16:40:17
Download PDF
This topic describes how to troubleshoot the CWPP agent running on Linux, including how to troubleshoot the failed startup of CWPP agent processes and network failures.

Failed Startup of CWPP Agent Processes

1. Enter the command ps -ef|grep YD to check whether the CWPP processes exist.
Normally, CWPP has two processes as shown below:


If the processes do not exist, possible reasons include the following:
The CWPP agent is not installed on the server or has been uninstalled from the server. Please install it by following the steps described in Getting Started
The agent has a conflict or crash, which leads to the failed startup of processes.
2. If CWPP agent has been installed on the server, troubleshoot the problem using the following method:
View the agent log stored in /usr/local/qcloud/YunJing/log.
Run the command sh /usr/local/qcloud/YunJing/startYD.sh to start CWPP.

Network Failures

If the processes exist, but CWPP is offline, the issue is caused by network disconnection in most cases. Troubleshoot the issue by following the steps below:
1. If you are unable to access the CWPP security domain, try changing the DNS. Run the following command line to check whether the CWPP security domain is accessible:
VPC or CPM environment: telnet s.yd.tencentyun.com 5574. Normally, the returned result is as shown below:


If it is inaccessible: a. Change the field dns nameserver: vim /etc/resolv.confnameserver 183.60.83.19nameserver 183.60.82.98 b. Then run telnet s.yd.tencentyun.com 5574 again to check whether you can connect to it.

c. If it can be connected, wait for a few minutes (the time length depends on the network conditions), and then you will see that the server is online again.
Basic network environment (non-VPC servers): telnet s.yd.qcloud.com 5574. Normally, the returned result is as shown below:


If it is inaccessible: a. Change the field dns nameserver: vim /etc/resolv.conf. Comment the original field nameserver first, and then add a new nameserver field. b. Then run telnet s.yd.qcloud.com 5574 again to check whether you can connect to it. c. If it can be connected, wait for a few minutes (the time length depends on the network conditions), and then you will see that the server is online again.
2. Make sure your firewall policies allow the TCP ports 5574, 8080, 80, and 9080.
3. If the CWPP processes exist and the offline state of the CWPP agent is not caused by network issues, package the agent logs (log path: /usr/local/qcloud/YunJing/log) and submit a ticket for feedback.
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No

Feedback

Contact Us

Contact our sales team or business advisors to help your business.

Contact Us
Technical Support

Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

Submit a Ticket
7x24 Phone Support
Hong Kong, China
+852 800 906 020 (Toll Free)
United States
+1 844 606 0804 (Toll Free)
United Kingdom
+44 808 196 4551 (Toll Free)
Canada
+1 888 605 7930 (Toll Free)
Australia
+61 1300 986 386 (Toll Free)
EdgeOne hotline
+852 300 80699
More local hotlines coming soon