The agents page shows the computers that are configured as agents. For each agent, various details are shown including its name, IP address, health status, and agent count.
The filter bar lets you show or hide agents based on particular features; for example, only showing agents that are currently running scans.
Hovering the mouse over an agent shows contextual options for that agent, such as disabling or deauthorizing it.
You can click into an agent to see more details.
Each agent computer is configured with an agent count. This is the maximum number of logical agents that can run on that computer. Each logical agent can be occupied carrying out a single scan at any given time. So if you configure an agent count of 6, then up to 6 scans might be run in parallel on that computer.
Burp Suite Enterprise Edition is licensed for a specified number of agents. You can install as many agents on as many computers as you wish. But the total number of logical agents that will actually be used at any moment is limited to the number in your license. For example:
Clicking into an individual agent lets you see more details:
After an agent has been installed on a new machine, it needs be authorized before it can be used. The "Authorization requests" tab shows agent computers that are not yet authorized. The following details are displayed for each unauthorized agent
When you are satisfied that an authorization request is legitimate, click "Authorize". The new agent will then appear in the "Agents" tab and will be available to perform scans.
Communication between agents and the Enterprise server is protected by mutually authenticating TLS. The fingerprint identifies the public key of the agent and provides some assurance that communication is happening directly with the authentic agent. The installation process for an agent generates a public/private key pair and outputs the fingerprint of the public key. When the Enterprise server receives an authorization request from a new agent, it determines the fingerprint from the key that was used in the TLS negotiation confirm this. You should verify that the fingerprint that is displayed for the authorization request matches the fingerprint that was displayed during installation.