The Informatica Secure Agent is a crucial component of Informatica Intelligent Cloud Services (IICS) that enables secure communication between an organization and the Informatica cloud services.
Here are some key points regarding the acceptable use of Informatica Secure Agent:
- Functionality: The Secure Agent connects directly and securely to data sources and targets, transfers data between them, orchestrates task flows, runs processes, and performs other required tasks.
- Microservices: The Secure Agent utilizes pluggable microservices for data processing. For example, the Data Integration Server handles data integration jobs, while the Process Server manages application integration and process orchestration jobs.
- Configuration: Each Secure Agent service has a unique set of configuration properties, such as Tomcat and Tomcat JRE settings. These properties can be configured independently to optimize performance.
- Requirements: Before installing the Secure Agent on Windows, ensure that the machine meets the supported operating system requirements and has sufficient disk space. The account used for installation should have access to all remote directories containing source or target files.
- Permissions: On Windows, the Secure Agent must be part of the local Administrators group to transfer data between sources and targets.
Housekeeping tasks
Informatica Secure Agent is a lightweight program that runs tasks and enables secure communication between Informatica Intelligent Cloud Services (IICS) and your organization. It plays a crucial role in data integration and task execution within the Informatica ecosystem. It is important to note that housekeeping tasks are generally performed to ensure the smooth functioning and maintenance of a system or program. In the context of Informatica Secure Agent, some potential housekeeping tasks could include:
- Regular Monitoring: Monitoring the performance and health of the Secure Agent to ensure it is running optimally and efficiently.
- Log Management: Managing and archiving logs generated by the Secure Agent to free up disk space and maintain a clean system. It is advisable to view the disk space usage regularly and clean up any old and temporary files. This is necessary before the upgrades (releases) from Informatica so that the upgrade will not fail. Additionally, this also helps in jobs not failing due to no space left on the device. Even for this, housekeeping jobs at server level can be configured. As a general guideline, any log files and temporary cache files that are older than 10 days can be removed.
- Resource Optimization: Optimizing the usage of system resources such as memory and CPU to prevent high utilization and ensure smooth operation. Work in conjunction with the IT team to set up notification alerts on the server to notify the team when there are abnormal spikes in the usage of CPU and memory for a longer time. The same can be set up through “Operational Insights” service as well in the IICS Org.
- Security Updates: Keeping the Secure Agent up to date with the latest security patches and updates to protect against vulnerabilities. This is required to be in compliance with Info Security team. In the case of an audit, this will pose an issue if not duly mitigated.
Troubleshooting a Secure Agent
At any point in time, in order to debug an issue with the secure agent, you can verify the below list of logs to identify a potential root cause:
| File | Description |
| <Secure Agent installation directory>\apps\agentcore\infaagent.log | Contains startup and shutdown information about the Secure Agent. |
| <Secure Agent installation directory>\apps\agentcore\agentcore.log | Contains information about the activities related to the Secure Agent, including details of all the services enabled for the agent. |
| <Secure Agent installation directory>\apps\Data_Integration_Server\logs\tomcat\tomcat<version>.log | Contains details related to the Tomcat process for the Data Integration Server. It records the task execution details, including the start time, end time, and statistics for the tasks. Also includes design time and metadata-related activities for the Data Integration assets. |
| <Secure Agent installation directory>\apps\Data_Integration_Server\<version>\tomcat.out | Contains basic information about the Tomcat process for the Data Integration Server, including when the Tomcat process started and stopped. Also includes Secure Agent connection details, such as certificate and SSL-related information. |
| <Secure Agent installation directory>\apps\Data_Integration_Server\<version>\scripts.log | Contains information about the Data Integration Server, including details about how the script used by the Data Integration Server was run. Use this log if there is an issue with the Data Integration Server. |
Access permissions for Developers to the Secure Agent
As part of the integration development requirements, the developers might need access to store the following type of files on the secure agents.
- Swagger files, to work with REST API end points.
- Parameter files, to work with parameters created in the mapping.
- Data files, to send them to the SFTP targets, etc.
In such cases, it is recommended to create shared folders where both the developers can copy the files to and the secure agent services can access them. Typically, you can create project specific folders and share the folders with the developers such that they can access the file location from their network. The users can map the network drive for easier access. Such configuration is a one-time activity, and the users can easily work with the folders and files without depending on the administrators. However, this is applicable for lower environments only. For all production environment specific configurations, the administrator should handle the file movement as part of code migration. It is also recommended that the developers handle the file management (delete the data file once processed or archive the files and keep the files with a 7-day retention period only) as part of the development efforts (programmatically) as much as possible and applicable. IICS does offer usage of scripts (calling as pre and post session commands) for such use cases. Developers are encouraged to leverage such functionality in this case.
Note: Depending on which location/campus that the user is accessing the server, there might be additional configuration required – for eg: opening up firewall, etc. For such requests, the user needs to work with the IT team.