When Manual relay selection is set and the BigFix client has _BESClient_RelaySelect_FailoverRelay defined but no __RelayServer1, __RelayServer2 or _BESClient_RelaySelect_TertiaryRelayList, does the client register via the masthead URL or _BESClient_RelaySelect_FailoverRelayURL ?
This article talks about relay selection but is the same true for a client being deployed from an OS image?
In that case the client would try the failiver relay, and if no response will fallback to the masthead url
is there a way to know from a Relay how many clients are using it? We are facing challenges with
" Response: RelayRejectClient TooManyChildren 6001"
during client relay selection and the relay(s) I’m investigating are behind a load balancer ( I know, best practice is to not use LB for this reason). I want to find out if all the relays behind this LB are the parent to 6000 clients or if the LB is not properly spreading the load across the Relays VMs.
You can use Relay RP to view numbers of client reporting to respective relays within your console/WebUI view.
Also related to RelayRejectClient, how many clients you are seeing on your relay? I never seen such behavior until unless you dont add setting “_Enterprise Server_ClientRegister_MaxChildCount” to restrict certain child count.
Check your relay if “_Enterprise Server_ClientRegister_MaxChildCount” is configured on it with some specific numbers & modify accordingly.
Any reports in the console or webreports that is reporting on number of clients per relay is from the perspective of the Client. That doesn’t give the true answer when relays are behind the same FQDN. I need to see from the relay how many clients it is hosting.
yes, we use _Enterprise Server_ClientRegister_MaxChildCount to limit the client counts per Relay.
Yes, there is one ! use below code to create your custom report but its simply replicating same numbers which you are going to see in Console/WebUI by Relay RP.
<?relevance
( html "<table border=1 style=%22border-collapse; collapse; border: medium none; %22>" &
html ("<th>Relay</th><th>Number of Clients</th>") & it & html "</table>"
) of concatenations of
trs of (td of it & td "align=right" of (multiplicity of it as string)) of
unique values of relay servers of bes computers
?>
I also faced this problem and to deal such scenario created below relevance, its helping me to get the actual selected relay by a client.
if exists (locked lines containing "Relay selected: " of it) of file ((pathname of it) of item 1 of (maximum of modification times of files whose(name of it as lowercase ends with ".log") of it, files whose(name of it as lowercase ends with ".log" of it) of it) whose (item 0 of it = modification time of item 1 of it) of folder (if windows of operating system then data folder of client as string & "\__Global\Logs" else data folder of client as string & "/__Global/Logs/")) then (preceding text of last "on:" of following text of first "Relay selected: " of locked lines (maximum of line numbers of locked lines containing "Relay selected: " of it) of file ((pathname of it) of item 1 of (maximum of modification times of files whose(name of it as lowercase ends with ".log") of it, files whose(name of it as lowercase ends with ".log" of it) of it) whose (item 0 of it = modification time of item 1 of it) of folder (if windows of operating system then data folder of client as string & "\__Global\Logs" else data folder of client as string & "/__Global/Logs/"))) else "No Entry Found"but that is the same problem. The Relay FQDN logged by the client during a relay selection is a single FQDN. In reality, that FQDN points to a Load Balancer with 10 relays behind it. Reporting on the usage of a single FQDN doesn’t give me the true story of how many clients each of the 10 relays are hosting.
I need a query to run on the Relay server that says it has X number of child clients
No, it’s not; we operate on the same principle. BESClient will always display the IP address of the actual relay behind FQDN/DNS alias, even if you see your FQDN in the console. You can retrieve the selected relay’s IP address by using the relevant code I provided.
example:
Relay selected: FQDN.ABC.com. at: 10.0.1.1:52311 on: IPV4 (Using setting IPV4ThenIPV6)
I think it might be the same problem though, because through a combination of DNS aliasing and the Load Balancer proxy, the hostname and IP address that the client see for the Relay would be the same for all relays behind the balancer. Your solution would take care of a round-robin DNS where the same relay name evaluates to several IP addresses, this registration message would tell us which actual IP it used; but in the case of a Load Balancer, the apparent IP address is also the same regardless of the Relay.
There are a couple of different ways to do this, assuming modern clients. we can parse the RelayChain logs (BES Client\__BESData\__Global\RelayChain\*.txt) which provide the “real” ComputerName (as the Relay reports for itself, not as the Client sees it) along with the BigFix ComputerID of the selected Relay or root server.
You could create a new Property for “Selected Relay (RelayChain)” with a relevance like
tuple string of tuple string items whose (it starts with "r:" or it starts with "s:") of tuple string of substrings separated by " - " of following text of last "|||" of ("|||" & it ) of concatenation "|||" of lines containing " - S - " of files of folders "RelayChain" of folders "__Global" of data folders of clients
This will give the most recent relay chain listing, showing the full path from the client to the root server, with the real relay names and Computer IDs:
s:10566764(my-root-server), r:15217330(my-relay-number-9)
This shows that my client has connected to the relay “my-relay-number-9” which has BES Computer ID 15217330, and that relay is connected to “my-root-server” with Computer ID 10566764.
With this Property you can find how many clients are using the same relay chains, and whether you have unused relays behind your load balancer.
One other useful thing we might run is on the Relay itself. Each Relay creates a Registrations database, in SQLite, that is updated each time a client registers to the relay; the update is propagated upstream to the parent relay and all the way to the root, so the Root knows the next-hop relay to reach down to any given client. Likewise each Relay knows the most recent registration of any children beneath it and can select the next Relay for a client notification as well.
However any given relay doesn’t know when a client leaves, when the client re-registers on a different relay. Usually that doesn’t matter because the relay’s parent won’t send this relay a notification anymore because the parent already knows the newer path through the newer relay selection that rolled up, the lower-level child relay doesn’t need to know.
That’s to say that this query I’m providing is only an approximation - it provides the number “how many unique clients registered to this relay within the last day”. It doesn’t account for the possibility that after registering those clients may have already moved to a new relay. But it’s at least a good query for getting an approximation of how many clients are registered directly to this relay.
This Relevance should only be evaluated on Relays, and if you use it in the Fixlet Debugger you need to “Evaluate using client context” because it needs to retrieve the current relay’s Computer ID to work:
rows of statement ("select count(%22ComputerID%22) FROM %22COMPUTER_REGISTRATIONS%22 WHERE %22IsProxyDevice%22 = 0 AND %22ParentID%22 = " & (computer id as string) & " AND %22RegistrationTime%22 > " & ((now - "01 Jan 1970 00:00:00 +0000" as time - 1 * day) / second) as string) of sqlite database of files "ClientRegisterData/registrationlist.db" of parent folder of folder (value of setting "_BESRelay_HTTPServer_ServerRootPath" of client as string)
I have a property that uses this to look at the registrationslist.db (looks back for the past 6 hours of registrations) but is a registration only one time per relay per client? Or is it a true sense of how many clients that relay is really the parent of at a given time?
The downside of using the RelayChain method returned in a BigFix property is that the clients will still show that data (“i.e. Relay Usage”) while they remain tin the console even if they have been shutdown. This gives an inaccurate portrayal of how many clients the Relay is really the parent of.
The latest registration for a given client would overwrite the older record for that client, so you won’t see the same client duplicated on a relay.
However the count would include clients that registered to this relay and later moved to another, since this relay would not be informed that the client left. By limiting to the last day, or last six hours , that should be fairly fresh though.
The only way to know for sure would be to run a SQL query at the root, since that version would include the latest registration lists from every child relay, but again stale computers that aren’t reporting are still included in the list. So you’d still need to filter to the last day, or six hours, or whatever you consider “stale”
Sounds like an idea is needed for HCL to officially support a property that accurately says how many clients are connected to a relay at any given time.
That exists. Property “Relay” on the client.
From there you can do a report via API or WebReports.
Also look at the Console Dashboard Relay Health.
Dashboard relay health shows zero counts for relays behind a load balancer. Pretty useless.