Windows Install Using ZIP with Bundled JRE

This page describes how to install Windows using ZIP with bundled JRE.

For some versions of Windows Server 2008 and Windows Vista, the Avg Read and Write Time disk metrics are reported as 0. This is due to a known Microsoft Windows bug. See Microsoft Knowledge Base. If this affects you, download the available hotfix. This refers to the following metrics:

  • Hardware Resources|Disks|<mount_point>|Avg Read Time (ms)
  • Hardware Resources|Disks|<mount_point>|Avg Write Time (ms)

Install the Agent

  1. Before installing, see Install the Machine Agent.
  2. Install all available Windows updates.
  3. If you have not restarted your machine recently, you must restart it. Failure to do so may cause your machine to experience a CPU spike when you start the Machine Agent.
  4. Download and unzip the Windows ZIP bundle. Extract the contents to the agent installation directory <machine_agent_home> .
  5. Gather your configuration details and configure the agent by editing the <machine_agent_home>/conf/controller-info.xml file or by adding system properties to the JVM startup script file. See Plan the Machine Agent Configuration.
    1. (Required) Configure the Controller host name, port number, and account access key.
    2. (Required for Multi-Tenant Mode or SaaS installations) Configure the Agent Account Information. See Multi-Tenant Controller Accounts.
    3. (Optional) Review memory requirements. See Machine Agent Requirements and Supported Environments.
    4. (Optional) Configure the agent to use SSL. See Enable SSL for Machine Agent.
    5. (Optional) Configure the agent to use proxy settings. See Machine Agent Configuration Properties.
    6. (Optional) Determine if you need to specify an application name and tier name. See Machine Agent Installation Scenarios.However, if you are installing the Machine Agent on the same server with any APM app agent, do not specify the application name and tier name.
  6. Start the agent. If no -D options are required on the command line, you can run the following .vbs scripts by selecting them from Windows Explorer.
    1. As a Windows Service - Administrative privileges are required. You can specify Splunk AppDynamics-specific -D options from the command line or edit the controller-info.xml. You can also add other JVM properties as needed.Open a terminal window and enter one of the following commands:

      • Run this command to install the service. It doesn't automatically address the Unquoted Service Path Enumeration Vulnerability.

        cscript <machine_agent_home>\InstallService.vbs <jvm_options>

      • Run this command to install the service and automatically address the Unquoted Service Path Enumeration Vulnerability. It detects the space in the service path and adds double quotes (") to the service path.

        cscript <machine_agent_home>\InstallServiceWrapper.vbs <jvm_options>

        You can now start or stop the Machine Agent service from Windows Services.

    2. From an application in the terminal window, enter:
      cscript <machine_agent_home>\bin\machine-agent.vbs.

      The usage parameters for machine-agent.vbs are:

      Using machine-agent.vbs
      > machine-agent.vbs -h
Usage: machine-agent.vbs[-h] [-j JAVA_HOME][-Dprop1 ...] [-Xprop2 ...]
Start the machine agent.
-h              print command line options
-j JAVA_HOME    set java home for the agent
-Dprop1         set standard system properties for the agent
-Xprop2         set non-standard system properties for the agent
      The following is an example of machine-agent.vbs: 
      > cscript machine-agent.vbs -Dappdynamics.controller.hostName=192.168.1.20 -Dappdynamics.controller.port=8090

Unquoted Service Path Enumeration Vulnerability

Warning: If you have installed Machine Agent primarily as a Windows service, you may encounter a security vulnerability known as Unquoted Service Path Enumeration Vulnerability.

Unquoted Service Path Enumeration Vulnerability occurs when the remote Windows host has at least one service installed that uses an unquoted service path, which contains at least one whitespace. A local attacker can gain elevated privileges by inserting an executable file in the path of the affected service.

To address this vulnerability, perform either of the following methods.

Open a terminal window and run the following command:

cscript <machine_agent_home>\InstallServiceWrapper.vbs <jvm_options>

This command installs the service and if there is space in the service path, it adds double quotes to the service path.

Method 2

  1. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Services\Appdynamics Machine Agent .

  2. Change the ImagePath data value to enclose C:\Program Files\AppDynamics\AppD_Infra_Monitoring\bin\MachineAgentService.exe in double quotation marks.Example:
    "C:\Program Files\AppDynamics\AppD_Infra_Monitoring\bin\MachineAgentService.exe"

Method 3

  1. Download the Windows_Path_Enumerate.ps1 script and save it to a folder.

  2. To list all vulnerabilities on the machine, open the powershell prompt and execute the following command:
    <path containing downloaded Windows_Path_Enumerate.ps1>\Windows_Path_Enumerate.ps1 -FixUninstall -FixEnv -WhatIf
  3. Fix all vulnerabilities on the machine by executing the following command:
    <path containing downloaded Windows_Path_Enumerate.ps1>\Windows_Path_Enumerate.ps1 -FixUninstall -FixEnv