FAQ

If you have a question about using Edge DX, you might be able to find the answer below in the list of Frequently Asked Questions (FAQ) about Edge DX.

Data Display

Why do I not see any CPU data or Active Processes?

• Check Device Events to see if sipagent.exe is being blocked by one of your security products. To solve the problem, make sure you perform the necessary whitelisting described in the prerequisites article.

Why is the Active Processes grid empty?

• The device has been offline for more than 10 minutes.
• The device has only just come online and has not yet sent its first update. Wait 20-30 seconds. If you have WebSockets working on the device you should see Active Processes in about 10 seconds.

Why do I not see some processes in the CPU Usage widget?

• The only processes which are displayed in the CPU Usage widget are those which consume more than 5% of available CPU and RAM resources, over a 60-second sample period.
• CPU Usage values are the average usage over the 60-second sample period. For example, if a process uses 100% for 6 seconds and then goes back to idle, the CPU Usage value for the 60-second sample window is 10%.
• The machine OS does not allow queries of some highly secure OS components, or if a large amount ofCPU and RAM resources is taken by System Interrupts.
• For Mac and Linux: Only processes running at the time the sample is taken are captured, so if a process stops before the end of the 60-second sample window, the system is unaware of it.
• For Windows, processes which stopped during the 60-second sample window are captured and displayed.

Device Registration

Why do I not see any devices when I know I have some registered?

• Check if the devices are offline (i.e., no communication for over an hour) and you have Hide Offline Devices selected.

• Check if the devices are offline (i.e., no communication for over an hour) and you have clicked a column which displays charts (e.g., Network Latency, CPU Usage, etc.) Clicking a column sorts according to that column, and offline devices are hidden when sorting by a column containing charts (as noted in the UI - see screenshot below.)

My device cannot register or connect to the Edge DX cloud service.

• Make sure you meet the all of the Edge DX prerequisites.
• You may have used the wrong Device Registration Code. Be sure to use the correct one from Configuration > Downloads.
• Check to see if there is a Web Proxy problem.

How do I configure a network Proxy?

• When you install the Windows Agent Manager interactively, you can select the option to configure a proxy:

• When you install the Windows Agent Manager from a command line (e.g., SCCM, Intune), you can enter proxy= on the msiexec.exe command line (you can use an IP or a DNS name):

msiexec /i agentmanagersetup.msi /qn DEVREGCODE=c18d1234fd3a99c912d56b24567f10d2fea61234 TENANT=whatever.sip.controlup.com ALLUSERS=1 PROXY=proxy.my.org:8080

• For Windows, you can also use the Registry. Add the entry, and then restart the Agent and Agent Manager services. The registry value goes in HKLM\SOFTWARE\Avacee\SIP. Add a REG_SZ (string) called “ProxyAddress”.

• For Linux, add a proxy parameter on the command line that starts the agent binary, for example:

proxy=1.2.3.4:8080

• For Mac 2.7+ (native agent), configure the proxy in macOS.
• For all platforms, you can also set up a system- level environment variable called HTTPS_PROXY, and then restart the Agent and Agent Manager. See HttpClient.DefaultProxy Property (System.Net.Http).

General

How do I force a device to use a specific agent version?

To force a device to use a specific agent version, perform the following steps:

1. Disable the Agent Manager service (to prevent it from upgrading/downgrading the agent to the production version).
2. Download and install the selected agent version. Make sure your tenant and device registration code are in the registry or on the msiexec command line.

How much network traffic does an agent send each day?

• The amount of data uploaded by an agent each day can vary widely, depending on both the extent of end-user activity, as well as the configuration of what end-user activity is collected (e.g., app foreground and URL activity, process whitelist, etc.)
• A rough estimate is between 5MB uploaded per device per day, up to as much as 20MB for a device that is being used around the clock.

What are "SIP", "AI", and "CPE"?

• "SIP", "AI", and "CPE" are all acronyms for the product names which preceded "Edge DX". "AI" will no longer be in use soon, but "SIP" will probably remain in use.

How can I scrape the Windows Event Log on a remote device?

• Under Configuration > Settings > Agent > Windows Event Log Collection, you can select events to collect and monitor.
• To capture even more events, you could use a script. Refer to the Edge DX Scripting Guide.

Network Latency - How do I change where it pings?

• Configure targets under Configuration > Settings > Network Latency. See Network Performance for more information.

I'm running a Command from Actions in the Device page, but nothing is happening.

• This just starts a process with arguments, it is not a command prompt. For example, if you want to use mkdir (which is not a binary or exe) you have to use “cmd /c=mkdir %temp%\hello”.
• Commands run as System, so processes start in the background, don't run in the user session, and have no access to a desktop.

How can I troubleshoot Edge DX performance for my organization?

• Usually troubleshooting questions are escalated to the product team, but you can get some basic info from this query:
  https://<tenant>.sip.controlup.com/api/hello?get_server_metrics=true

How does Edge DX use WebSockets?

• From the 2.6 agent onwards, each device attempts to connect to the tenant using a WebSocket. This is a long-running connection, initiated by the device (still outbound 443 HTTPS), which allows the tenant to send actions and scripts instantly to the agent.
• Some proxies do not allow WebSockets, and they also cannot be established on mobile hotspots. In these cases, the agent reverts to polling every 15 seconds.

Scripting

What should I do if I feel completely in the dark about scripts?

• Refer to the Edge DX Scripting Guide.

Can I write a script that uses the Device Group? (Not the AD groups, the CPE one)

• Yes, use the SIPDEVICEGROUP environment variable.

Why is CarbonBlack or other security software blocking PowerShell?

• If PowerShell is blocked by any security software, the sipagent.exe process may need to be whitelisted so that it can run PowerShell. Most scripts run as system, but we recommend allowing the user context if you are creating or running scripts as a user account.

Why do certain characters in script output cause problems?

• By default PowerShell output is in ASCII (aka UTF-7) and Unicode characters are converted to something which looks similar in the ASCII character set, which can cause chaos with JSON formatted data. The simple fix is to add the following before writing any output to stdout:

[Console]::OutputEncoding = [System.Text.Encoding]::UTF8

In a script, how do I filter by the Device Group set in the Devices page?

• Use the Device Group environment variable SIPDEVICEGROUP. The agent updates this every time it does a config refresh.

Why does data output from my scripts get rounded to an integer?

• To avoid problems with mixed FLOAT and LONG records in ElasticSearch, which cause searching and sorting to fail.
• If you want to store something like milliseconds, multiply by 1000 before you output the value.

Why don’t I see events from the SIP Service Start trigger?

• Device Events are not cached locally and so will not be sent if the device is offline. The SIP Service Start trigger will always run at agent start but you won’t see an event if the device is offline.