Versions Compared

Version Old Version 38 New Version Current
Changes made by

İrem Kara

İrem Kara

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

GDE is a an agent-based discovery solution that allows indexing of data on endpoints and/or fileservers file servers without defining a requiring share definitions. It runs operates on Windows, Linux, macOS, and Pardus environments. The GDE agent indexes/discovers many PCs or FileServers w/o defining a shareFile Servers without requiring share definitions. The GDE agent runs on Windows, Linux, or MacOSmacOS. Additionally, GEODI may discover FileServers if there is a share. Then, GDE is not required.

Info

GDE crawls the EndPoint or FileServer and sends selected files to a GEODI Server. This way, you can discover and search local files w/o sharing any folder. GDE continuously crawls every 3 hours to find changed files.

Info

With the GEODI Classifier, it is possible to classify the local files remotely.

Info

After discovery, it is possible to remediate the local files remotely.

Info

When a file is deleted from GDE, running "Purge Deleted Content" will remove the file from the GEODI index.

Installation and Configuration

Info

A configuration file on the GEODI server determines which local folders and file types to include. This configuration may be customized by client IP, ClientUser, or ClientMachine name. So, you may target a different area for each FileServer or client.

...

The Agents can be manually installed on FileServers or EndPoints. But if you have many EndPoints, using a tool like ManageEngine or SCCM for deployment is suggested.

GDE agent software updates are auto. It may be set to update from a local source.

...

can discover remote servers without an agent.

A connection is created by selecting Project Wizard/Feed Source/GDE. This page generates the necessary Batch file to install the GDE agent. You can copy and use it with tools like ManageEngine or SCCI. Manual installation is also possible if preferred.

GDE begins discovery with the default directories specified on this page. It repeats the process approximately every 3 hours on each machine. Content from different machines is queued and processed on the GEODI server.

Active agents can be monitored through the https://decesw.atlassian.net/wiki/spaces/geodien/pages/edit-v2/4184473601 Panel.

Table of Contents
stylenone
Tip

Requirements for Connection

  1. A user with sufficient privilege levels to install agents on client machines.

    1. Variations may exist for Linux and macOS clients.

  2. A tool like ManageEngine or SCCM for deploying to a large number of clients.

  3. Client machines must have access to the <geodi> server.

  4. <geodi> server must have access to the client machines, with port 1982 (configurable) open.

Gliffy
imageAttachmentIdatt4336386146
macroIdc02c52c0-32db-418a-8a1e-64c4cfe9a700
baseUrlhttps://decesw.atlassian.net/wiki
nameGDE-EN
diagramAttachmentIdatt4336648300
containerId3972202552
timestamp1702733720298

Installation Checklist

...

Subject

...

Description

...

Create a new project or choose an existing project to index files.

...

A separate project is OK for discovery purposes, but adding PCs to an existing project is better if you have Enterprise Search.

This project URL must be accessible from the EndPoints.

The GDE recognizer(from discovery IT group), must be used in the project.

...

Create a token

...

Follow the procedure on this page to get the Token.

Generating a GEODI Token

As a best practice, we suggest you create a separate user for the Token. And token users' passwords should not be changed.

...

Follow the procedures for different OSs

...

These pages will lead you to each OS.

Child pages (Children Display)

...

GDE Configuration Settings

...

The settings determine which local folders and file types to discover. There may be a single setting for all, or you may customize it by clients.

...

Client Monitoring

...

image-20241219-105355.pngImage Added

MSI Link and Update

GDE agents are automatically downloaded to the GEODI directory along with the GEODI Discovery module. The required MSI files can be found in the following directory.

Windows agents will automatically update themselves from this directory when a new version is released. If you are operating in an offline environment, it will be sufficient to manually update the modules on the GEODI server.

Info

The GDE Agent can be accessed at: <geodi_url>/GUI/Agents/GDE

Here, <geodi_url> refers to the GEODI Server address.

Troubleshooting

Expand
titleIndexing does not start

  1. Check if the client has access to the GEODI Server. GEODI should be accessible through a browser on the client. Enter the GEODI address in a browser on the client; there should be access.

  2. The GEODI server should be accessible from the client's GDE. Using a browser on the client, enter <ClientIP>:<1982>/DEW?op=GetLastError. If everything is fine, it should return null. The ExplorerPort specified in GDE rules, e.g., ExplorerPort=1982 (or the chosen port), should be open.

  3. Inspect the Firewall, Antivirus, or any similar tool to ensure there is no blocking mechanism preventing communication.

  4. Check if the client machine is operational. GDE should be installed and running (Geodi.Desktopexplorer.exe should be in the task list).

  5. Verify the status of the received TOKEN: <GEODI_URL>/API/token_parser.html.

  6. Examine the Agent Management Panel; if the endpoint's status looks good, waiting for a while may resolve the issue. The GEODI Server queues incoming data, so the files at the endpoint might not be due yet.

  7. If everything seems correct but data is still not coming through, check the FolderList and IgnoreFolders values in the GDE rules.

  8. If you are not receiving the expected file type, ensure that the extension is not listed in the IgnoreFiles value in the GDE rules.

...

<ClientIP>:<1982>/DEW?op=GetStatus

Gets the status of GDE Agent

{"StatusText":"","RequestCount":0,"FileCount":0,"SendCount":0,"IgnoreCount":0,"Server":"<GEODI_URL>"}

(info) Default port = 1982, may be different

<ClientIP>:<1982>/DEW?op=GetLastError

Gets the GDE agent errors.

If no error, retuns null. Else

{"Server":"<GEODI_URL>", "LastErrorTime": {}, "LastError" : "", "TotalErrorCount": n}

...

  1. A user with access to the source that GDEs will feed into logs in. Alternatively, a token is used on the token interface.

    The interface on page Generating a GEODI Token is opened.

    Feed is activated. "Edit AllowList" is clicked under AllowList, and the content source to which GDE will send our files is selected from the list that appears.

    GEODI_URL and GEOD_TOKEN can be obtained by selecting Feed Source from Resources in the Project wizard. The project name must be given before adding this source.

...

Updating the GDE Agent

The agents check for updates every two days and, if available, automatically update themselves via the GEODI server. No manual intervention is required.

Installing GDE as a Windows Service

This option is used to index/discover FileServers with GDE.

Info

Requirements for Installation

In addition to the Windows MSI requirements:

  1. The Windows Service user must have read-only access to the FileServer directories.

  2. A separate configuration file must be created under the GEODI Server for each File Server to define the directories to be indexed and other rules. Details are provided on the main page..

After installing GDE on Windows, it can be turned into a service using the WindowsServiceInstall.bat file located in the same directory.

  1. The service mode can be removed using the WindowsServiceUninstall.bat file.

  2. When running in service mode, no logged-in user is required for the service to function.