Versions Compared

Version Old Version 34 New Version Current
Changes made by

İrem Kara

İrem Kara

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

GDE is a an agent-based discovery solution that allows indexing of data on endpoints and/or fileservers file servers without defining a requiring share definitions. It runs operates on Windows, Linux, macOS, and Pardus environments. The GDE agent indexes/discovers many PCs or FileServers w/o defining a shareFile Servers without requiring share definitions. The GDE agent runs on Windows, Linux, or MacOSmacOS. Additionally, GEODI may discover FileServers if there is a share. Then, GDE is not required.

Info

GDE crawls the EndPoint or FileServer and sends selected files to a GEODI Server. This way, you can discover and search local files w/o sharing any folder. GDE continuously crawls every 3 hours to find changed files.

Info

With the GEODI Classifier, it is possible to classify the local files remotely.

Info

After discovery, it is possible to remediate the local files remotely.

Info

When a file is deleted from GDE, running "delete deleted contents" will remove the file from the GEODI index.

Installation and Configuration

Info

A configuration file on the GEODI server determines which local folders and file types to include. This configuration may be customized by client IP, ClientUser, or ClientMachine name. So, you may target a different area for each FileServer or client.

Info

The Agents can be manually installed on FileServers or EndPoints. But if you have many EndPoints, using a tool like ManageEngine or SCCM for deployment is suggested.

GDE agent software updates are auto. It may be set to update from a local source.

GEODI Server has a monitor panel to watch EndPoints. GEODI Agent Management Panel can discover remote servers without an agent.

A connection is created by selecting Project Wizard/Feed Source/GDE. This page generates the necessary Batch file to install the GDE agent. You can copy and use it with tools like ManageEngine or SCCI. Manual installation is also possible if preferred.

GDE begins discovery with the default directories specified on this page. It repeats the process approximately every 3 hours on each machine. Content from different machines is queued and processed on the GEODI server.

Active agents can be monitored through the https://decesw.atlassian.net/wiki/spaces/geodien/pages/edit-v2/4184473601 Panel.

Table of Contents
stylenone
Tip

Requirements for Connection

  1. A user with sufficient privilege levels to install agents on client machines.

    1. Variations may exist for Linux and macOS clients.

  2. A tool like ManageEngine or SCCM for deploying to a large number of clients.

  3. Client machines must have access to the <geodi> server.

  4. <geodi> server must have access to the client machines, with port 1982 (configurable) open.

Gliffy
imageAttachmentIdatt4336386146
macroIdc02c52c0-32db-418a-8a1e-64c4cfe9a700
baseUrlhttps://decesw.atlassian.net/wiki
nameGDE-EN
diagramAttachmentIdatt4336648300
containerId3972202552
timestamp1702733720298

Table of Contents

Installation Checklist

...

Subject

...

Description

...

Create a new project or choose an existing project to index files.

...

A separate project is OK for discovery purposes, but adding PCs to an existing project is better if you have Enterprise Search.

This project URL must be accessible from the EndPoints.

The GDE recognizer(from discovery IT group), must be used in the project.

...

Create a token

...

Follow the procedure on this page to get the Token.

Generating a GEODI Token

As a best practice, we suggest you create a separate user for the Token. And token users' passwords should not be changed.

...

Follow the procedures for different OSs

...

These pages will lead you to each OS.

Child pages (Children Display)

...

GDE Configuration Settings

...

The settings determine which local folders and file types to discover. There may be a single setting for all, or you may customize it by clients.

...

Client Monitoring

...

Activate GEODI Agent Management Panel

image-20241219-105355.pngImage Added

MSI Link and Update

GDE agents are automatically downloaded to the GEODI directory along with the GEODI Discovery module. The required MSI files can be found in the following directory.

Windows agents will automatically update themselves from this directory when a new version is released. If you are operating in an offline environment, it will be sufficient to manually update the modules on the GEODI server.

Info

The GDE Agent can be accessed at: <geodi_url>/GUI/Agents/GDE

Here, <geodi_url> refers to the GEODI Server address.

Troubleshooting

Expand
titleIndexing does not start

  1. Check if the client has access to the GEODI Server. GEODI should be accessible through a browser on the client. Enter the GEODI address in a browser on the client; there should be access.

  2. The GEODI server should be accessible from the client's GDE. Using a browser on the client, enter <ClientIP>:<1982>/DEW?op=GetLastError. If everything is fine, it should return null. The ExplorerPort specified in GDE rules, e.g., ExplorerPort=1982 (or the chosen port), should be open.

  3. Inspect the Firewall, Antivirus, or any similar tool to ensure there is no blocking mechanism preventing communication.

  4. Check if the client machine is operational. GDE should be installed and running (Geodi.Desktopexplorer.exe should be in the task list).

  5. Verify the status of the received TOKEN: <GEODI_URL>/API/token_parser.html.

  6. Examine the Agent Management Panel; if the endpoint's status looks good, waiting for a while may resolve the issue. The GEODI Server queues incoming data, so the files at the endpoint might not be due yet.

  7. If everything seems correct but data is still not coming through, check the FolderList and IgnoreFolders values in the GDE rules.

  8. If you are not receiving the expected file type, ensure that the extension is not listed in the IgnoreFiles value in the GDE rules.

...

Expand
title1982 port is not avaliable

  1. You can change 1982 to anything available. Please be careful about not assigning ports that have already been used.

  2. You may set the GDE port to 0, but GEODI can not open the remote files in this case. The search and discovery are unaffected.

FAQ

Expand
titleHow can query files from a specific endpont?

It is no different than the other. Add layer:GDE <machinename> into query.

  1. layer:GDE <machinename> will query the files.

  2. layer:GDE <machinename> doc:*.pdf will list the PDF files.

  3. layer:GDE <machinename> doc:*.pdf contract will list the PDF files with the word contract.

...

Expand
titleWhat happens if the endPoint is formatted?

  1. Install the GDE as usual. The endpoint will be treated as new. The old data is preserved.

...

GDE configuration settings

Settings should be GEODI server <GEODI_APP>/Settings/Geodi.DesktopExplorer folder named default.json. Installed GDEs will automatically retrieve this setting in about an hour.

...

Setting Name

Type

Description

FolderList

string[]*

Used to specify the folders to be scanned. Folders can be identified by separating them with ",".Windows, MacOS, and Linux client folders can be used interchangeably.

The default directory is %UserProfile% ,\\Users, \\Home(includes documents, downloads, desktops, etc.).

Values are case-sensitive. Subdirectories can also be defined as %UserProfile%\\Desktop.

You can use ["*"] to scan all disks.

ExplorerPort

int

The default is 1982.

Alternatively, you may set the port value to 0. Discovery and search will be fine, but GEODI can not open the local files in this case.

EnableLDAP

bool

If a true value is given, LDAP authorizations of the files are also indexed.

Default value: false

IgnoreFolders

string[]

List of folders to ignore. * is accepted. Used in combination with the settings under Geodi Settings/IgnoreFolders.

Example: ["*:\\data","C:\User*"]

Default value: null

(info) GEODI central file/folder ignore rules always take precedence. The restrictions specified within the settings are applied additionally.

(info) By default, to safeguard the network resource, only the name and date of files larger than 100MB are indexed. This limit is set to 500MB for compressed file contents. These values can be modified on the GEODI server.

IgnoreFiles

string[]

List of folders to ignore. * is accepted and used with the settings under Geodi Settings/IgnoreFileTypes.

Default value:["*.MP4","*.MOV","*.MP3"]

(info) GEODI central file/folder ignore rules always take precedence. The restrictions specified within the settings are applied additionally.

(info) By default, to safeguard the network resource, only the name and date of files larger than 100MB are indexed. This limit is set to 500MB for compressed file contents. These values can be modified on the GEODI server.

Metadata

You can define metadata for parsing files from clients. These metadata are specified in the settings file. The values used in the default settings can be seen in the example file.

Searching with metadata is done with <metaname>:<value> Example IP:192.168.1.1

The defined metadata and values will be visible in the GEODI search interface.

GDE API

You may use a browser to make these calls.

<ClientIP>:<1982>/DEW?op=GetStatus

Gets the status of GDE Agent

{"StatusText":"","RequestCount":0,"FileCount":0,"SendCount":0,"IgnoreCount":0,"Server":"<GEODI_URL>"}

(info) Default port = 1982, may be different

<ClientIP>:<1982>/DEW?op=GetLastError

Gets the GDE agent errors.

If no error, retuns null. Else

{"Server":"<GEODI_URL>", "LastErrorTime": {}, "LastError" : "", "TotalErrorCount": n}

...

  1. Log in with a user accessing the Source that GDEs will feed.

  2. Open the page: <GEODI_URL>>/API/GeodiTokenApi.html?loginWithGuest=1

  3. Select the Source's name using the AllowList.

  4. Now you are ready to create the Token.

  5. This page may be used to check if a token is valid: <GEODI_URL>/API/token_parser.html

...

Updating the GDE Agent

The agents check for updates every two days and, if available, automatically update themselves via the GEODI server. No manual intervention is required.

Installing GDE as a Windows Service

This option is used to index/discover FileServers with GDE.

Info

Requirements for Installation

In addition to the Windows MSI requirements:

  1. The Windows Service user must have read-only access to the FileServer directories.

  2. A separate configuration file must be created under the GEODI Server for each File Server to define the directories to be indexed and other rules. Details are provided on the main page..

After installing GDE on Windows, it can be turned into a service using the WindowsServiceInstall.bat file located in the same directory.

  1. The service mode can be removed using the WindowsServiceUninstall.bat file.

  2. When running in service mode, no logged-in user is required for the service to function.