mr-burnse
commented
7 years ago Orchestrator uses the System.Net.HTTPWebRequest class for underlying network connections, which should by default use the configured IE Proxy settings. Candidly, I haven't really tested this though. If proxy support is important, feel free to open an enhancement request and I'd be happy to consider it for future updates.
In regard to the error you're posting about here. This is unrelated to proxy configuration and appears to be impacting all orchestrator users. This issue just surfaced this week as the UTCTimestamp field on events of type AuthActivityAuditEvent is being pushed through the API with two types of unix epoch formatted timestamps...one with milliseconds and one without. Orchestrator is expecting a certain format and is crashing because of this. I will look to provide a bug fix for this early next week.
installed orchestrator on a Windows 2012 R2 vm using the sparse instructions ontop of sql express 2016. Found out the hard way, it will not work with a corporate proxy (???) based upon the error at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)
Installed Open Text Socks, SOCKS message goes away but now this one appears cannot get rid of: 2017-06-02 12:38:57,695 DEBUG FalconOrchestrator.Client.FalconOrchestratorService - Connection to database is successful, starting service 2017-06-02 12:39:01,961 DEBUG FalconOrchestrator.Client.FalconOrchestratorService - [0] Event already stored in database 2017-06-02 12:39:01,992 FATAL FalconOrchestrator.Client.EventModel - [7] Error occured while trying to save authentication activity audit event to database System.ArgumentOutOfRangeException: Value to add was out of range. Parameter name: value at System.DateTime.Add(Double value, Int32 scale) at FalconOrchestrator.Client.AuditEvent.get_FormattedTimestamp() at FalconOrchestrator.Client.AuthActivityAuditModel.Save()
SQL DBA looked at sql 2016 express instance and found no issues with the db. Decided to downgrade to SQL Server Express 2014 since that is the one specified in the wiki as having been tested with Orchestrator. After half a day, Orchestrator was re-installed and still, same error as before. This time on a vm running off a laptop connected to a Verizon mifi so there's no possible way, a proxy or lack of would be an issue.
2017-06-02 16:01:52,602 DEBUG FalconOrchestrator.Client.FalconOrchestratorService - Connection to database is successful, starting service 2017-06-02 16:01:57,352 DEBUG FalconOrchestrator.Client.FalconOrchestratorService - [0] Event already stored in database 2017-06-02 16:01:57,383 FATAL FalconOrchestrator.Client.EventModel - [7] Error occured while trying to save authentication activity audit event to database System.ArgumentOutOfRangeException: Value to add was out of range. Parameter name: value at System.DateTime.Add(Double value, Int32 scale) at FalconOrchestrator.Client.AuditEvent.get_FormattedTimestamp() at FalconOrchestrator.Client.AuthActivityAuditModel.Save()