Help Center
News
Help Center
News
Popular
Architecture and High-level Information
Scans
Agents
How to Use Dashboards
How to Use Data Asset Inventory
How to Install\Uninstall and Set Up Spirion Sensitive Data Platform
How to Use Logs
How to Manage Users and Roles
Settings and Resources
Additional Resources
Reports
Reporting API
Customer Support Articles
How to Follow Data Through the Search PipelineEndpoint for Windows Configuration Reference GuideEndpoint Software Command Line InterfaceBasic Troubleshooting Steps (Enterprise Console)Endpoints or Results Fail to be Displayed in the ConsoleMongoDB and TLS 1.3SQL Client SQL Exception ErrorHow to Troubleshoot Spirion Client Search Failures and How to WhitelistCustomer Notice – Spirion Agent Update & Security Assessment for PostgreSQLHow to Enable Verbose/Debug Logging for the Endpoint ServiceHow can I monitor the status of a queue job?Can I monitor the job queue status automatically?Troubleshooting: "Unable to find job queue: search_queue"How to Verify the Discovery Agent's StatusHow to check if port 6433 is open on your networkWhat is the SDM Translator Service?How to Create a Single Tenant App for OneDrive and Exchange Online SearchesHow to Configure Spirion for Sybase DiscoveryHow to Use Certificates to Authenticate with SharePoint OnlineHow to Quarantine to a Remote Location Using Spirion Sensitive Data PlatformA Server Error has Occurred: How to use the Chrome Developer ToolsWhy doesn't my Oracle 19c Database scan?How to Enable Full Disk Access on a Mac AgentWhy is My Scan Node Running Out of Disk Space?What to do about Message Processing and Delays, also known as 'Lag,' in SpirionDetails About the Box API used by Spirion to Search Box AccountsHow to Build a Mac Package (PKG)How to Sanitize AgentsHow to Set User and Role AccessHow to Enable SSL Communication between Linux Agents and the Spirion ConsoleHow to Enable HTTPS for the Spirion ConsoleHow to Search BoxFAQ: How do I avoid being prompted to re-login to the Spirion console?Spirion Sensitive Data Platform Scan PerformanceHow to Authenticate to SharePoint On-PremiseHow to Configure Spirion Sensitive Data Platform to Connect to an Oracle DatabaseFAQ: Linux 12.5 Client Package Build WorkaroundTroubleshoot Exchange Online Using Microsoft Graph ExplorerFAQ: What to do when an agent will not start the discovery team scan?Required SQL Server PermissionsHow to Scan Microsoft Teams with Spirion Sensitive Data PlatformField Input Using Linux Machines Anti-virus Alerts Received during Spirion SearchVersion 13.6 MSI Installation Issues - Exe file not signedWhat are common firewall rules needed for distributed scans?
Release Notes

How to Verify the Discovery Agent's Status

To verify the status of the Discovery Agent in a distributed scan, you need to check services and the internal database queue health.

To verify the status of the Discovery Agent in a Spirion Sensitive Data Platform distributed scan, you need to check both the machine-level services and the internal database queue health. In the Postgres-backed architecture (Agent version 13.6+), the Discovery Agent acts as the "host" for the work.

1. Check the Windows Services

Log onto the machine designated as the Discovery Agent and verify the following:

  • Spirion Agent Service: Ensure this is "Running."
  • PostgreSQL (Spirion): This service must be "Running" on the Discovery machine, as it hosts the job queue.
  • pgBouncer (Spirion): This service must be "Running" to allow Search Agents to connect to the database.

2. Inspect the Local Postgres Queue (via pgAdmin)

The most accurate way to see if the Discovery Agent is actually working is to look at the database tables it creates.

  • Tools: Use pgAdmin 4 on the Discovery Agent VM.
  • Connection: Connect to localhost on port 5433. (Get credentials from the SDP Console under Manage Agents > Get Postgres Creds).
  • Look for the Table: You should see a table named public.search_queue_<GUID>.
    • If the table is missing: The Discovery Agent has not yet initialized the scan or failed during startup.
    • If the table exists: Run this query to see if it's "stuck":
      SELECT status, COUNT(*) AS row_count
      FROM public.search_queue_<GUID>
      GROUP BY status;
  • Interpreting Status Codes:
    • 0 (Pending): Discovery has found these items, but no Search Agent has claimed them yet.
    • 1 (Processing): An agent is currently working on these.
    • 2 (Processed): These are finished.

3. Review Agent Logs

On the Discovery Agent machine, open C:\ProgramData\Spirion\Logs\AgentService.log:

  • Look for "Discovery Phase": You should see logs indicating the agent is crawling the target (e.g., "Enumerating files" or "Scanning SQL metadata").
  • Look for Error 5433/6433: If you see "Database connection failed," the Discovery Agent cannot talk to its own local queue.

4. Network/Firewall Verification

If the Discovery Agent looks healthy but the Search Agents still can't find the queue:

  • Port Check: Ensure the Discovery Agent's firewall allows inbound traffic on port 6433 (pgBouncer). This is the "front door" for all other agents in the distributed scan.
  • IP Binding: Ensure the Discovery Agent is reachable by the Search Agents via the IP address registered in the SDP console.

5. Check for "Discovery Lag" (AL-34606)

  • Note that in large environments, there is a known issue where Search Agents might time out (default 5-60 mins) before the Discovery Agent finishes building the initial queue.
  • If the Discovery Agent is still "Processing" but the Search Agents have stopped, you may need to restart the scan to allow them to re-connect to the now-populated queue.


Was this article helpful?

Powered by Product Fruits