amazon-ssm-agent
amazon-ssm-agent copied to clipboard
aws
SSM Inventory dataprovider doesn't handle control+M characters in the output
We use Inspector and the Systems Manager agent to gather software inventory for vulnerability management. Out of nearly 500 instances we have 2 that EC2 instances that show as "Not Scanning - No Inventory" in the Inspector console. One of the instances is i-0af550653d52d6e8f in this AWS account. I checked Systems Manager Fleet Manager and everything looks okay. I am able to successfully connect to this instance via Session Manager so I know the agent is operational and has the SSM IAM permissions.
On the system itself, I see the following errors in /var/log/amazon/ssm/errors.log:
2023-01-04 18:13:31 ERROR [collectPlatformDependentApplicationData @ dataProvider_unix.go.147] [ssm-document-worker] [cb96ae82-641a-499b-99d0-5d36d1b220af.2023-01-04T18-13-30.885Z] [DataBackend] [pluginName=aws:softwareInventory] [aws:softwareInventory] Failed to gather inventory data for AWS:Application: Unable to convert query output to ApplicationData - invalid character '\r' in string literal 2023-01-04 18:13:31 ERROR [getApplicationData @ dataProvider_unix.go.348] [ssm-document-worker] [cb96ae82-641a-499b-99d0-5d36d1b220af.2023-01-04T18-13-30.885Z] [DataBackend] [pluginName=aws:softwareInventory] [aws:softwareInventory] Unable to convert query output to ApplicationData - invalid character '\r' in string literal
It looks like the agent is having trouble parsing a package name because it is finding a \r character in it.
Furthur investivation showed that the java-jdk installed on the machine has a ctrol+M character which looks like this:
This is a helper package that creates /usr/share/javascript and enables it in
the Apache and Lighttpd webserver.","PackageId":"javascript-common_11_all.deb"},{"Name":"jdk-11","Publisher":"jdk-download-help_ww <[email protected]>","Version":"11.0.16.1-1","ApplicationType":"java","Architecture":"amd64","Url":"","Summary":"Java Platform Standard Edition Development Kit^M
The Java Platform Standard Edition Development Kit (JDK) includes both the runtime environment (Java virtual machine, the Java platform classes and supporting files) and development tools (compilers, debuggers, tool libraries and other tools). The JDK is a development environment for building applications, applets and components that can be deployed with the Java Platform Standard Edition Runtime Environment.","PackageId":"jdk-11_11.0.16.1-1_amd64.deb"},{"Name":"keyutils","Publisher":"Christian Kastner <[email protected]>","Version":"1.5.9-9","ApplicationType":"admin","Architecture":"amd64","Url":"http://people.redhat.com/~dhowells/keyutils/","Summary":"Linux Key Management Utilities
K
