Agent Configuration

Overview

Onagre agents are designed to be zero-configuration. Once deployed and connected to the platform, an agent receives everything it needs — sensor definitions, scheduling, variables, and secrets — automatically through its gRPC connection with the Hub.

There is no local configuration file to create or maintain on the agent host.

How agents receive configuration

The Hub orchestrates all sensor execution. At each scheduling cycle, the Hub sends the agent a work payload that includes:

• The sensor parameters (type, query, conditions, interval, etc.)
• Resolved variables — plain-text values replaced inline before transmission.
• Decrypted secrets — connection strings for databases, key-value stores, or message brokers.

The agent executes the check and returns the result. It never stores secrets on disk.

Secrets and variables

All sensitive credentials and configuration values are managed centrally through the Environments system in the Onagre dashboard.

For full details on how to create and manage environments, variables, and secrets — including encryption, security, and connection string examples — see the dedicated page:

Environments →

Security

• All communications between the agent and the Hub use TLS encryption.
• Secrets are encrypted at rest on the platform using AES-GCM 256-bit and only decrypted in memory at the Hub level for transmission.
• Agents never persist secrets to disk — values are held in memory only for the duration of the sensor execution.
• Agent authentication is based on a unique agent code and API key pair.

Summary