About Windows Agent Must Gather V3.0
Guardium Windows Agent Must Gather V3.0 (a.k.a. Windows S-TAP Must Gather) is the latest must gather script, which is released in Guardium V11.5.
It's included in all Guardium Windows agents (GIM, S-TAP, GAM, CAS, FAM monitor, FAM crawler, FDEC for NAS/SP, FAM for NAS/SP) in V11.5, and will be back-ported to all supported versions.
Index
- What's new in V3.0?
- S-TAP mode and STANDALONE mode
- How to run Must Gather V3.0?
- Must Gather V3.0 command options
- Where is the output of Must Gather?
- What files are collected?
- What if Must Gather doesn't generate output?
NOTE: This blog article covers the section 5. Click links to read other sections.
5. Where is the output of Must Gather?
Must Gather generates some diagnostic files and gathers many configuration files and log files from all Guardium Windows agents such as S-TAP, GIM, etc..., and archives them to one zip file.
The short answer is, the output zip file is located under the ZIP Target directory. Let me explain details.
5.1 When you run Must Gather on DB server
5.1.1 When you run Must Gather under Win S-TAP folder (S-TAP mode)
When you run Must Gather under %WINSTAP_DIR%\Bin folder, it will generate a zip file at the following location on the DB server:
%WINSTAP%\Bin\zipTmp\WSTAP_%hostname%_%timestamp%.zip
(e.g. C:\Program Files\IBM\Windows S-TAP\Bin\zipTmp\WSTAP_DBSERVER01_2022-09-05T21-08-54-3702900-04-00.zip)
It'll be uploaded to the collector when Upload Feature is enabled. You'll find it at Guardium GUI > Manage > Maintenance > Support Information Results.
5.1.2 When you run Must Gather in other places (STANDALONE mode)
When you run Must Gather in other location, it will generate a zip at the following location on the DB server:
%The_location_of_diag.bat%\zip\GRD_WIN_DIAG_%timestamp%.zip
(e.g. C:\work\zip\GRD_WIN_DIAG_2022-09-05T20-45-21-04.zip)
It won't be sent to the collector, because Upload Feature is a part of Windows S-TAP.
5.2 When you run Must Gather from Guardium GUI
In this case, Must Gather runs as S-TAP mode, then the location of the zip file is the same as "5.1.1 When you run Must Gather under Win S-TAP folder".
FAQ
Q1) I ran Must Gather but I don't see a zip file under ZIP Target folder. I do see GRD_WIN_DIAG_compress-archive_failed.txt instead. Is it a bug?
A1) No. It can happen when you run Must Gather in STANDALONE mode on Windows Server 2012 or 2012 R2. Please read carefully GRD_WIN_DIAG_compress-archive_failed.txt. Please refer to "Part 2. S-TAP mode and STANDALONE mode" for details.
Q2) I can only see some text files under %WINSTAP_DIR%\Bin\diag after running Must Gather. Is it normal? Should we see much more files in there?
A2) It is normal. The diag folder and some text files under the diag folder are generated when Must Gather runs for the first time. The files under the diag folder are updated when Must Gather runs again. Must Gather will also copy config files and log files from all Guardium Windows agent directories to ZIP source directory ( %WINSTAP_DIR%\Logs or %DIAG_DIR%\diag), but these will be removed after these are archived to a zip file.
Q3) Is it enough to troubleshoot when I send a copy of files under %WINSTAP_DIR%\Logs and %DIAG_DIR%\diag?
A3) No. Must Gather will create a zip file, that includes much more diagnostic files. Please send the zip file that's generated by Must Gather.
Q4) I have a Must Gather output zip file, which was taken about a month ago. I didn't change any configuration since them, but we started seeing an issue recently. Is it enough to troubleshoot the issue with the existing Must Gather output?
A4) No. The Must Gather that was taken before happening the issue doesn't show anything about the issue. Please run Must Gather after you started seeing the issue.
What's next?