Regression tests, your type of test

by Jimmy Olano | Last updated Jul 12, 2022 | Tech

Has it happened to you that with the release of a new version of your favorite application some feature disappeared? Or it works but unexpected things happen when you execute it? Or does it just crash?

Today we will see what the possible tests that guarantee to avoid all of this are: regression tests.

You still don’t know what regression testing is?

There are many rules for testing software, and you may be surprised to learn that there’s even the documentation job of testing software. 

*I leave you here a few seconds to surprise you…

And not only that, my friend, there are international organizations that are devoted to studying and making general recommendations. 

*For example, standards ISO/IEC 29119 roughly state what software testing processes should be. 

For several decades I have been fascinated by all these processes, including monitoring industrial devices, to such an extent that I stick so much to them that they always call me a perfectionist, me! 

I will remind you that the design and construction of any machinery, even today, is carried out by human beings whose lives depend on their proper functioning!

Cars, air conditioners, power plants that cool homes in hot summer…

For that reason software tests must be adapted to the work itself that these programs will carry out:

• A program to automatically fly an airplane? Rest assured that you will be subjected to very thorough testing.
• A banking software? It will be tested and will have a special section for testing the corresponding audit software.
• A video game software? No one will die if something goes wrong, worst case scenario players will buy the game from the competition, but who wants that, gamer fella’?

That is why I would like to explain to you, in the simplest possible way, what these processes and tests are all about.

Unit tests, re-approval and reanalysis

Let’s quickly see some key concepts:

• Unit tests:

Unlike the last century, we have better hardware at our disposal, which allows for automated, full and fast tests, which can be reused again and again (and run independently) for the source code itself.

A comma, a pair of parentheses may be misplaced or well placed depending on the version of the programming language used (for example, see in Python the command print). For this, unit tests are performed.

• Process of reapproval:

When a software is modified, whatever the reason, each and every one of the points that have been worked on must be reapproved.

Said tests are always done manually.

• Reanalysis process:

If the previous point is suspended, the software will be returned to the development department specifying what its malfunctions are.

Once they have been corrected and delivered, they will be reanalyzed and, if everything’s correct, they will be reapproved.

No more preambles! What is a regression test?

Regression tests are totally different from the previous tests. 

They are called that way because they come from the principle that if a software works as expected, and is altered either internally or externally, then you have to make sure that it returns to its previous stability state.

*When we say that a software is stable and works as designed, we are talking about everything as a whole, overall. 

Therefore, a regression test must be applied to each and every component. 

As you can imagine, this is a titanic task, but if done well, it will help improve user experience and gain customer confidence.

When to perform a regression test?

When a new feature is added to a software, the reapproval and reanalysis tests are performed, a regression test must be performed before delivering it to the customer. 

And also when:

• The requirement changes or was misunderstood by developers and then a feature has to be “repaired”.
• The software has passed a regression test, is delivered and works very well until something changes. 

*For example, the user has upgraded the operating system or migrated to a newer version: the program suffers a bug that needs to be fixed.

• The software does its job but over time data accumulates and it takes more and more time to execute the same tasks. 

Optimizing the source code is then required and the entire test cycle is repeated again.

• Depending on each country there will be new legislation and the software will have to comply with the extremes of law. In this case the software is refurbished and a regression test will be necessary before being re-legalized.
• You need to port the software to a different operating system (e.g. GNU/Linux® to MS Windows®) in order to sell it to more customers. Here the same regression tests will also be copied and adapted to the new environment.

Some disadvantages of this type of regression test

Not everything was going to be good news:

• The slightest change has to be tested in a regression test.

Even without any changes in the source code of the software. 

• As monitoring works, there will be simple and some more complex features, which can be a problem if you have a time limit.

For example, monitoring a web page can take milliseconds if it is about doing a ping or getting a specific value, but in the case of user experience monitoring you will have to record each of the tests to be performed.

• Once you have automated regression testing you may need to perform a manual test, this will result in more time and money being spent.

Resources

Pandora FMS plugin library

Pandora FMS official forum

I want to learn more!

Our Trial

You don’t know anything about Google Cloud monitoring

by Jimmy Olano | Last updated Jun 13, 2022 | Tech

The fact that data centers have evolved a lot is undeniable. This has enabled storage evolution and the execution of online applications.

Now we often talk about hybrid clouds. 

*Yes, we don’t even take the time to explain what digital clouds are anymore and we even assume that everyone has their own, small but they have them.But when it comes to doing things big, it’s unavoidable to mention the giant Google Cloud®!

Pandora FMS and the famous Google Cloud monitoring

Pandora FMS® (PFMS) during the year 2020, in the midst of the pandemic, walked slowly but without any pause, their team did not stop at all. 

And there were great improvements in quality of use in 2020!

As it happens, that’s when we introduced Google Cloud monitoring. 

Let’s look at everything in that term!

Google Cloud Platform

Known simply as Google Cloud, this platform encompasses more than one hundred components (digital products). 

It is obvious that I will name only a few, since Pandora FMS does not monitor them all

… yet.

We will classify them in several main sections:

1. Compute Engine: To run applications and virtual machines, Kubernetes, functions as services, among others.
2. Storage & Databases: For file storage and execution of database engines, all this integrated with the previous point.
3. Networking: For server load balancing (CDN, DNS, etc.).
4. Big Data: Overly speaking, analysis of large, gigantic volumes of data that are then converted into usable information.
5. Identity & Security: Everything related to online identification for own or third parties.
6. IoT: For the Internet of Things.
7. API Platform: Everything necessary for third party companies to communicate with all the paraphernalia of Google services and applications. *If you don’t know what an API is, here’s what you need to know.
8. Cloud AI: The artificial intelligence cloud with lots of resources, limited only by your wallet.

*The latter is important, your wallet, not artificial intelligence. Because it is necessary to direct debit a bank account,  or a good credit card, the payments of all these services.

**At the time of writing, I do not know if the new Google Pay (formerly called Google Wallet) is accepted as a means of payment (most likely, because it is from the same company).

In the case of Pandora FMS monitoring of Google Cloud it is only available for the Enterprise version.

But erase those sad faces because you can request a 30-day free trial by accessing this link!

Again the change

If there’s one thing that characterizes Google since I saw it born, it’s the constant change.

As well as the number of products and services they have is immense, no  less small is the number of them that have been discontinued or withdrawn from the catalog. 

While I still keep my Hotmail email account (not available to new users), Google at most has come to offer some product similar to the one they withdraw, accompanied by a package of instructions for us to do the data migrations. 

When they say it’s over, it’s over.

Therefore, dear readers of the future, if this has happened again, please write it down in the comments below.

 *We read them all.

Monitoring Google Cloud

Pandora FMS is able to monitor Amazon Web Services (AWS) and Microsoft Azure, so Google Cloud monitoring shares certain similarities.

Broadly speaking, the procedure is as follows:

1. We activated the encryption of PFMS database.
2. If the cloud component is not installed, you may download it from PFMS Enterprise library.
3. Now you have to manage the credentials at Google level.
4. Generate a service user in Google Cloud, and download a file in JSON format.
5. With this JSON file you will create the authentication account in Pandora FMS.
6. Once this is done, go back to Discovery Cloud and use the new credentials to access Google.
7. Select the monitoring you need and click accept and wait for all connections to be made. This link contains the metrics available from Compute Engine.
8. You will then have the main Google Cloud agent, one for each zone in which you have machines, and another agent for each virtual machine.

Resources

Pandora FMS plugin library

Pandora FMS official forum

I want to learn more!

Our Trial

Something IT professionals need to know and miss

by Pandora FMS team | Last updated Jun 7, 2022 | Tech

At PAndora FMS we have IT professionals on an altar. Literally, one next to the water dispenser in the office. I’m serious! It even has its blessed liturgical cloth, its flattering parsley, its candles and the incense! But there are still things that these people miss. Here’s a hint: it’s related to ITOM.

IT Operations Management (ITOM) and automation

We all agree in the industry that IT professionals waste too much time every day, struggling with minor tasks within IT Operations Management (ITOM). 

And it is that ITOM covers everything necessary to support the network infrastructure that provides IT services. 

This includes both the hardware (switches, servers, data center firewalls…) as well as the company’s network and the tools needed to make sure everything works properly.

According to the latest surveys, 78% of IT professionals say they spend at least 10% of their time proactively optimizing their environments. 

This extra time spent on maintenance and conservation obviously takes time from proactive optimization. 

And this is where automation comes in. 

Automation is that miracle from heaven that sets IT professionals free to stop wasting time and focus on things that really matter, and not on boring tasks!

Of course, most IT professionals know firsthand the value of automation. 

That’s why they have their altar. *Visitable during working hours, and donations are accepted. 

But automation has not yet reached ubiquity regarding ITOM. 

And it’s time for that to change!

That’s why we want you to start considering automating the following types of tasks:

• Complex tasks with multiple steps
• Repetitive routine tasks or tasks triggered by a recurring event
• Tasks where a large amount of data needs to be filtered based on specific, predefined criteria

As we said, in these cases, automation can help the incredible intellects of IT professionals, and their almost intrinsic creativity to focus on other needs.
Perhaps, even with automation, you will minimize the possibility of human error in tasks.

What is the next step?

Certainly the next step is to consider which are the most relevant ITOM tools. 

If your megalomaniac goal is, for example, to optimize a large government network, look for the products best designed to scale and then make sure the vendor and product are approved for use in government networks. 

Here, for example, the most relevant ITOM tools could be:

• Performance monitoring
• Configuration management
• Security and intrusion detection and prevention
• Troubleshooting

If you then relax and have a tea and take enough time to consider specific processes that can benefit from automation, such as automating network configurations, you may help out your IT professionals do more efficiently tasks like: 

Meeting compliance requirements, implementing configuration changes quickly and efficiently, or reducing downtime caused by faulty devices.

And network configuration automation is only one area from among them all. 

Think about the possibility of automating workflows and your IT staff crying dramatically when finally getting their lives back! 

Or automating tasks initiated by mobile devices, etc.

Prepare for change!

Naturally, automation leads us to the development of a new type of skills within IT staff. 

The more tasks are automated, the more IT professionals become automation supervisors instead of performing those tasks themselves.

That is, while before more specialized staff needed to understand perfectly what the inner workings of each piece of hardware were like, with automation, these people need to be much more aware of how the software works. 

They need to understand application programming interfaces and how they can dictate things like policies, rules, and user access.

Conclusions

ITOM and automation together are virtually the panacea for IT professionals. 

The secret of a successful transition is to go little by little, in a gradual and logical progression. 

Securing tasks, processes, and skill sets so that they move together toward a better future filled with altars in the office for IT professionals!

Resources

Pandora FMS plugin library

Foro oficial Pandora FMS

I want to learn more!

Our Trial

Events in MS Windows and Pandora FMS, does anyone give more?

by Jimmy Olano | Last updated Feb 27, 2024 | Tech

If the spreadsheet was the essential application for accounting and massification of personal computers, MS Windows® operating system was the graphical interface that turned work into something more pleasant and paved the way for web browsers for the Internet as we know it today.

Today, in Pandora FMS blog, we discuss:

Windows Event Monitoring and Pandora FMS 

Decades ae gone by but there is always a joke, among us computer scientists, that prevails in time:

“This is the year of Linux on our desktops”.

I actually think that, in the end, it is a statement that comes with a flaw from the very beginning:

The kernel (Linux in this case) has little to do with the graphical interface, the actual thing is that the applications that go along with Linux, such as GNU/Linux, are the combinations that should take their place in hundreds of millions of computers in our homes and jobs.

The MS Windows® operating system (OS), despite losing ground with Android/Linux on our mobile phones, still has it still going on on desktop computers and in the field of video games it keeps its position, faring pretty well.

Many say that desktop personal computers will disappear. I personally think that we will connect the monitor, keyboard and mouse to our cell phones at home and at the office.

But today MS Windows has a stronghold in its market position and for Pandora FMS it has implied a series of very special considerations for its monitoring.

The  overview

Monitoring with Pandora FMS can be done both remotely and locally and the MS Windows® OS is no exception. Remote monitoring can be performed through SNMP and  through WMI.

*If you are new to monitoring, I recommend you to take a few minutes to learn about Pandora FMS Basics.

For local monitoring install a small program, which is called Pandora FMS Software Agent.

Once installed in MS Windows®, the modules to collect the most relevant information (disk usage, RAM consumption, etc.) will already be installed by default.

If what you need to monitor is the basics of MS Windows® the Open version of Pandora FMS is more than enough for the task.

Windows® event monitoring

The amount of applications for MS Windows® is humongous but in a way it is easy to monitor applications and even processes, since we have a special instruction for the Software Agent called module_Proc. 

This instruction is able to tell us, either immediately or every certain period of time whether a program or process is running.

*If you want to find out more about this Pandora FMS feature, visit our video tutorial Monitor processes or applications in Windows.

So far all this is the basics for monitoring MS Windows®.

And in the case of Pandora FMS Enterprise version you can “transfer” normal events to events in Pandora FMS, which can generate alerts and warnings for us to take the necessary actions, or let Pandora FMS restart the software vital to our work or business.

* The latter is known as Watchdog: if an application for any reason stops in MS Windows®, it is re-launched and executed.

Analyzing the causes

Simplifying as much as possible:
So far we can say that we are working on true and false, on ones and zeros.

But often it is called on to us to analyze under what conditions an application collapses or find out why it does not start.

If all that related information had to be seen on your screen you simply would not be able to work with so many interruptions. For that reason there are event registries and working with them implies more specialization on Pandora FMS behalf.

MS Windows® presents an advantage as a privative software for its monitoring and it is that its events and corresponding logs are centralized after a certain routine or standard way.

Monitoring an individual event

Pandora FMS offers the instruction module_logevent that uses Windows® API and offers better performance than data collection by means of WMI.

You will obtain data from the event logs from Windows itself.

Along with additional instructions, it offers the ability to monitor very specific events identified by the fields Log Name, Source, Event ID and Level.

Remember I told you they’re standardized?

Well, in Log name they are well defined by:

• Application.
• Security.
• Installation.
• System.
• Forwarded events.

And you must use one of them for the instruction module_source, which is mandatory in the module to be created in Pandora FMS Software Agent.

Up to this point we have only discussed simple modules of Pandora FMS agents but, depending on your needs all the above can also be done as a complement or Pandora FMS plugin.

The difference is to place module_type async_string when it is a data module and module_type log when it is a plugin.

Plugins offer flexibility as they can return multiple data at the same time, unlike Pandora FMS modules that only return a specific, normalized data type in Pandora FMS.

This is important for what we will see below:
The instruction module_regexp which has as a parameter an event log file (.log) on which you will search for keywords with the instruction module_pattern.

This is necessary because there are old applications that keep their own separate event log, although in other regards they do not escape the Windows log. 

*We explained this in detail in our tutorial video « Windows modules logevent and regexp ».

Monitoring an event channel

En MS Windows® algunos log que no están en el registro de eventos del propio Windows, pueden ser recogidos mediante los canales de registros de eventos (Windows Event Log channel  o simplemente log channels) con una instrucción especial lla

In MS Windows®, some logs that are not in Windows event log can be collected using the Windows event log channels with a special instruction called module_logchannel that does not carry any parameters but then uses module_source<channel_name> together with module_eventtype (event type), module_eventcode (event code) and even module_pattern to search by keyword. 

*For more details, our video tutorial «Windows modules: Logchannel |Pandora FMS|» quickly explains this feature.

However, I said that we are looking for or investigating the cause of some problem or inconvenience in an application that runs on MS Windows®, but the examples I have given are specific and go directly to monitor a particular point.

Alright so…

How do we do it if we don’t know exactly what we’re looking for?

Elasticsearch and log mass collection

What I needed to explain is that if you use a plugin to collect logs you must install, together with Pandora FMS, a powerful tool called Elasticsearch.

Which uses a non-relational database capable of storing and classifying all this large amount of information.

*It is well explained, again, in another tutorial video called “ Log Collector in Pandora FMS “)

But don’t think Pandora FMS just delegates the work, no:

From Elasticsearch you may go back to Pandora FMS to generate alerts and reports that you scheme and then create in Pandora FMS to finally understand what the conditions and precise values are when an application fails (or has peak workload values, or is “doing nothing”, etc.).

Conclusions

He resI have summed it up as much as possible and I recommend that you watch the tutorials over and over again until you fully understand and are able to put it into practice installing both Pandora FMS and Elasticsearch. If you have any problems, check the official documentation, which is extensive on the topic “Log monitoring and collection.”

Resources

Pandora FMS plugin library

Pandora FMS official forum

I want to learn more!

Our Trial

Two-factor authentication in Pandora FMS

by Jimmy Olano | Last updated Apr 21, 2022 | Tech

I have been a regular user of Pandora FMS for years and the best I can say about them is that they always have something new to add to my learning. Today, for example, I rediscovered the Two-Factor authentication in Pandora FMS!

*And I did it, in part, through this article already published on their blog

Although I devote myself to programming (and it is what I like to do the most), I am more of a Web 2.0 person than a Web 3.0 person because I consider that the latter has been abused too much. 

In 2.0, communication is bidirectional and at the same level, while in 3.0, when one inquires something they answer:

“And who’s asking?”   

Having already taken advantage, of course, of unnoticeably checking our geolocation by means of your IP address.

No contentos con eso, en fin, nos pegan unNot happy with that, anyway, they stick a label on us as if we were digital livestock… 

*And no, I’m not paranoid, several countries globally are amending their national privacy laws! (That’s why I mainly use the DuckDuckGo search engine).

But I wouldn’t ever go back to stay on the Web 1.0; at that time, the 1970s and 1980s (my youth), we were too innocent. 

*For example, for many years the password to launch American mass destruction weapons was simply zero repeated eight times…

Obviously we need more robust authentication systems. And one of them came, not from a programmer but from a far-sighted entrepreneur, Kenneth P. Weiss. 

Their input was essential to the world and to the issue we are discussing here today. 

Since talking about encryption and security gives us enough material to write a whole book, let’s dive into it then!

Get to know the Two-Factor authentication in Pandora FMS

It is important to distinguish what is a Two-Factor authentication and two-step authentication.

Many banks force us to add several security questions that they use after entering our password. They randomly choose one or more of them and we must respond. The point is that they’re always things we know.

A second authentication factor is more about “what you have’‘.

There’s Mr. Weiss’s genius. How to authenticate that “something we have”? 

Well, to put it simply: by means of public keys and private keys. Just like we have been doing on our computer for years.

However, Two-Factor authentication technology has evolved and now it also includes, quite frequently, biometric identifications. That’s basically, “what you are”.

My mobile phone, for example, includes fingerprint reading. But it would also be worth an infrared-based facial identification to detect by heat the veins and arteries of our face. 

*Not even identical twins in the same egg have equal blood distribution.

More recently, another category has been added: what you do. 

The way you sing or make a gesture. Even the speed of your typing, pauses included, and much more.

En todos eIn all these cases it is an additional security layer. To be considered as a Two-Factor authentication, at least two of them must be used. 

The acronym MFA is used when three or four of the aforementioned methods are used.

Finally, it is important to point out the case of hardware devices as a second authentication factor: YubiKeyor the trendy Trusted Platform Module version 2.0 (TPM 2.0).

Operating mechanism

Like I said, it’s all about the private and public key pair. 

In short, a private key is generated, which is shared with us users and when the time comes to use it, the date and time are taken and a public key is calculated.

That key is only valid for a period of time, say a minute, and it will be the one we give to identify ourselves.

In the site where we are going to enter, where said private key was generated, the same is done, the public key is calculated also for that period of time and is compared with the one that was delivered to the user at that moment.

Of course, this is much more complex than what I am describing, but as Leonardo da Vinci rightly said: “Simplicity is the ultimate sophistication.”

Pandora FMS and Google Authenticator

At Pandora FMS, Google Authenticator has been chosen, which is not surprising, because this company Alphabet Inc. has been in our lives for more than twenty years already and has become “the elephant in the room”.

Of course, there are also many others like LastPass Authenticator or Microsoft Authenticator.

The official Pandora FMS documentation explains very well how to configure the second authentication factor, however, I have something to add.

Two-Factor authentication is not a strong password backup itself. We must use strong passwords so that we have a time period of at least one month (and we should change them monthly).

*If there is a leak of the hash of our password, as it is robust, the thieves will take more than a month to decipher it and before that happens we will have already changed it ourselves.

• Both authenticators I tried can work offline without any problem because they depend on the time and date as I explained.

*However, if any unlikely problem occurs with the time and date on our mobile, Google Authenticator has the option to synchronize online without affecting the time and date of the device at all.

• But not everything was going to be good news: I also print backup codes that I store in a safe place for gmail emails.

*To download Google Authenticator, they will ask to implement the second authentication factor for mail.

Once you wish to log in to a new device, you may use the “Try other methods” option and enter one of the 8-digit backup codes. Remember to cross this code out of the list because they can only be used once.

• From your user profile in Pandora FMS, right next to the button to deactivate the second authentication factor, there is the “Show information” button, which will allow you to show the private code again to add it to an additional backup device.

*Let’s say that the battery of your main mobile has been completely discharged: you save time to enter Pandora FMS with the backup device.

•  Time is precisely one of the most frequent complaints in the use of the second authentication factor, since it takes longer to enter.

*But, calm down, I’ll say goodbye with the comforting fact you expected:

80% of attempts to force our accounts can be avoided with the use of a second authentication factor!

Resources

Pandora FMS plugin library

 Pandora FMS official forum

I want to learn more!

Our Trial

Prometheus monitoring: a new open source generation

by Pandora FMS team | Last updated Feb 27, 2024 | Tech

Prometheus seeks to be a new generation within open source monitoring tools. A different approach with no legacies from the past.

For years, many monitoring tools have been linked to Nagios for its architecture and philosophy or just for being a total fork (CheckMk, Centreon, OpsView, Icinga, Naemon, Shinken, Vigilo NMS, NetXMS, OP5 and others).

Prometheus software however, is true to the “Open” spirit: if you want to use it, you will have to put together several different parts.Somehow, like Nagios, we can say that it is a kind of monitoring Ikea: you will be able to do many things with it, but you will need to put the pieces together yourself and devote lots of time to it.

Prometheus monitoring architecture

Prometheus, written in the go programming language, has an architecture based on the integration of third-party free technologies:

Unlike other well-known systems, which also have many plugins and parts to present maps, Prometheus needs third parties to, for example, display data (Grafana) or execute notifications (Pagerduty).

All those high-level elements can be replaced by other pieces, but Prometheus is part of an ecosystem, not a single tool. That’s why it has exporters and key pieces that in the background are other Opensource projects:

• HAProxy
• StatsD
• Graphite
• Grafana
• Pagerduty
• OpsGenie
• and we could go on and on.

Would you like to monitor your systems for free with one of the best monitoring software out there?

Pandora FMS, in its Open Source version, is free forever and for whatever number of devices you want.

Let us tell you all about it here:

Prometheus and data series

If you’re familiar with RRD, you guessed it right!

Prometheus is conceived as a framework for collecting data of undefined structure (key value), rather than as a monitoring tool. This allows you to define a syntax for your evaluation and thus store it only in case of a change event. 

Prometheus does not store data in an SQL database.

Like Graphite, which does something similar, like other systems from another generation that store numerical series in RRD files, Prometheus stores each data series in a special file. 

If you are looking for a Time series database information gathering tool, you should take a look at OpenTSBD, InfluxDB or Graphite.

What to use Prometheus for

Or rather, what to NOT use Prometheus for.

They themselves say it on their website: if you are going to use this tool to collect logs, DO NOT DO it, they propose ELK instead.

If you want to use Prometheus to monitor applications, servers or remote computers using SNMP, you may do so and generate beautiful graphics with Grafana, but before that… 

Prometheus settings

All the configuration of the Prometheus software is done in YAML text files, with a rather complex syntax. In addition, each employed exporter has its own independent configuration file.

In the event of a configuration change, you will need to restart the service to make sure it takes the changes.

Reports in Prometheus

By default, Prometheus monitoring has no report type.

You will have to program them yourself using their API to retrieve data.

Of course, there are some independent projects to achieve this.

Dashboards and visual displays

To have a dashboard in Prometheus, you’ll need to integrate it with Grafana.

There is documentation on how to do this, as Grafana and Prometheus coexist amicably.

Scalability in Prometheus

If you need to process more data sources in Prometheus, you may always add more servers.

Each server processes its own workload, because each Prometheus server is independent and can work even if its peers fail. 

Of course, you will have to “divide” the servers by functional areas to be able to differentiate them, e.g.: “service A, service B”. So that each server is independent. 

It does not seem like a way to “scale” as we understand it, since there is no way to synchronize, recover data and it does not have high availability or a common access framework to information on different independent servers.

But as we warned at the beginning, this is not a “closed” solution but a framework for designing your own final solution.

Of course, there is no doubt that Prometheus is able to absorb a lot of information, following another order of magnitude than other better known tools.

Monitoring systems with Prometheus: exporters and collectors

Somehow, each different “way” of obtaining information with this tool, needs a piece of software that they call “exporter”.

It is still a binary with its own YAML configuration file that must be managed independently (with its own daemon, configuration file, etc.).

It would be the equivalent of a “plugin” in Nagios.

So, for example, Prometheus has exporters for SNMP (snmp_exporter), log monitoring (grok_exporter), and so on.

Example of configuring a snmp exporter as a service:

To get information from a host, you may install a “node_exporter” that works as a conventional agent, similar to those of Nagios.

These “node_exporters” collect metrics of different types, in what they call “collectors”.

By default, Prometheus has activated dozens of these collectors. You can check them all by going to Annex 1: active collectors.

And, in addition, there are multiple “exporters” or plugins, to obtain information from different hardware and software systems.

Although the number of exporters is relevant (about 200), it does not reach the level of plugins available for Nagios (more than 2000).

Here is an example of an Oracle exporter.

Conclusion

Prometheus’ approach for modern monitoring is much more flexible than that of older tools. Thanks to its philosophy, you may integrate it into hybrid environments more easily.

However, you will miss reports, dashboards and a centralized configuration management system.

That is, an interface that allows seeing and monitoring grouped information in services / hosts.

Because Prometheus is a data processing ecosystem, not a common IT monitoring system.

Its power in data processing is far superior, but the use of that data for day-to-day use makes it extremely complex to manage, as it requires many configuration files, many external commands distributed and everything must be maintained manually.

Annex 1: Active collectors in Prometheus

Here are the collectors that Prometheus has active by default:

These “node_exporter” collect metrics of different types, in what they call “collectors”, these are the serial collectors that are activated:

Annex 2: Oracle exporter example

This is an example of the type of information that an Oracle exporter returns, which is invoked by configuring a file and a set of environment variables that define credentials and SID:

• oracledb_exporter_last_scrape_duration_seconds
• oracledb_exporter_last_scrape_error
• oracledb_exporter_scrapes_total
• oracledb_up
• oracledb_activity_execute_count
• oracledb_activity_parse_count_total
• oracledb_activity_user_commits
• oracledb_activity_user_rollbacks
• oracledb_sessions_activity
• oracledb_wait_time_application
• oracledb_wait_time_commit
• oracledb_wait_time_concurrency
• oracledb_wait_time_configuration
• oracledb_wait_time_network
• oracledb_wait_time_other
• oracledb_wait_time_scheduler
• oracledb_wait_time_system_io
• oracledb_wait_time_user_io
• oracledb_tablespace_bytes
• oracledb_tablespace_max_bytes
• oracledb_tablespace_free
• oracledb_tablespace_used_percent
• oracledb_process_count
• oracledb_resource_current_utilization
• oracledb_resource_limit_value

To get an idea of how an exporter is configured, let’s look at an example, with an JMX exporter configuration file:

startDelaySeconds: 0
hostPort: 127.0.0.1:1234
username: 
password: 
jmxUrl: service:jmx:rmi:///jndi/rmi://127.0.0.1:1234/jmxrmi
ssl: false
lowercaseOutputName: false
lowercaseOutputLabelNames: false
whitelistObjectNames: ["org.apache.cassandra.metrics:*"]
blacklistObjectNames: ["org.apache.cassandra.metrics:type=ColumnFamily,*"]
rules:
  - pattern: 'org.apache.cassandra.metrics<type=(\w+), name=(\w+)><>Value: (\d+)'
    name: cassandra_$1_$2
    value: $3
    valueFactor: 0.001
    labels: {}
    help: "Cassandra metric $1 $2"
    cache: false
    type: GAUGE
    attrNameSnakeCase: false

DMaaS gives you more!

by Pandora FMS team | Last updated Sep 8, 2023 | Tech

In our blog we have posted a few articles about data centers. We like them. They have grown on us. It is a branch of technology that interests us as much as bitcoin interests brothers-in-law or neighborhood projects interest retirees. For that reason, today, in our blog, we will deal with data management as a service or DMaaS.

Do you already know what DMaaS is and why you need it in your life?

We have talked about it in countless after-dinner conversations with cigars in hand: Data centers are centralized physical facilities used by companies to host their information and applications. Although data centers help us meet the requirements of sending data in real time, there can be problems with outages, and these are an expensive business for companies. On the other hand, the Data center infrastructure management (DCIM) is in charge of monitoring and giving us information about the IT components and facilities of our structure. That includes servers and storage to power distribution units or cooling equipment. The goal of a DCIM initiative is to provide managers with a comprehensive view of data center performance so that power, equipment, and space are used as efficiently as possible. Well, so far we knew everything and we had no rival until the desserts arrived. 

However, one might add (while stirring a cup of tea) that today’s data centers are becoming increasingly complex and sophisticated, and as they evolve, they ask for features in DCIM solutions to increase. For that reason, DCIM has to transcend the well-known Cloud and bring its capabilities. So, in order to improve the way data centers operate, Data Management-as-a-Service or DMaaS emerged.

DMaaS, definition and advantages

DMaaS is a type of cloud service that provides companies with centralized storage for different data sources. It enables the optimization of the IT layer by simplifying, monitoring and servicing the physical data center infrastructure for the company.

*Data of vital importance: DMaaS is not DCIM nor a SaaS version of DCIM.

Thanks to the DMaaS service you may analyze large sets of anonymous customer data and improve with machine learning. In no case, I give you my word, will a company using DCIM receive better information than it can get with a DMaaS approach. Not to mention cost savings, downtime reduction and overall performance improvement.

Easy to use and low cost, DMaaS makes it easy for IT professionals to increasingly monitor their data center infrastructure, receiving information in real time and with the additional ability to prevent possible failures as a seer octopus.

Still, in the midst of so much profit, it is very likely that if you were to do a worldwide survey of professionals and entrepreneurs, you would find that cost savings is the most important chosen feature of DMaaS. And it is that, thanks to DMaaS, companies only have to ask their users to register, while informing providers about the specific needs of the organization and the number of registered users. So the provider indeed provides, and manages the infrastructure based on what you have requested.  

In a somewhat modest third position among the advantages we would find the protection of a company’s data assets and the additional value obtained from them. As an example, for the data center, DMaaS allows you to maximize hardware security through smart alarms and remote troubleshooting.

One of the main differences to highlight with DCIM is that it is limited to a single data center, while DMaas can help analyze a much larger set, thus providing a more complete view. Furthermore, aside from providing us with analytical insights, the service continually learns and improves based on data collected from users. 

Conclusion

Although it is true that we could judge that DMaaS is still in an early stage, work is already being done to solve the main challenges it faces: data encryption, data management functions, data center reduction or performance increase.

Resources

Monitoring as a Service (MaaS)

Distributed Systems and the 21st century

by Jimmy Olano | Last updated Feb 27, 2024 | Tech

At the end of the last century I had the opportunity to help in a very ambitious computer project: the search for radio messages emitted by extraterrestrial civilizations… And what the hell does it have to do with Distributed Systems?

Recently my colleagues wrote an interesting article on distributed network visibility, which I really liked and I came up with the idea of taking it to the next level. If this post tries to offer full knowledge of the different components in operation within our network, Distributed Systems go “further”; they reach where we lack control over the devices that comprise it.

I am going to exemplify both at the social science level, comparing a union versus a confederation (as a central of workers and unioI am going to exemplify both at the social science level, comparing a union versus a confederation (as a central of workers and unions and not from a political point of view).

*Confederacy

According to Merriam-Webster

1. A group of people, countries, organizations, etc. joined together for a common purpose or by a common interest: LEAGUE, ALLIANCE

Distributed computing, distributed systems, are they the same?

Distributed Systems

If you look for the concept of Distributed Systems on Wikipedia (that magical place), you will be redirected to the article called Distributed Computing and, I quote:

“Distributed computing also refers to the use of distributed systems to solve computational problems. In distributed computing, a problem is divided into many tasks, each of which is solved by one or more computers, which communicate with each other via message passing.”

Without going any further: Wikipedia, if we consider ourselves as computers, it is a very high-level Distributed System, since we comply with its intrinsic characteristics… And what are they?

Features of Distributed Systems

A Distributed System (or Distributed Computing) has:

•   Concurrence: Which in the case of computers is a distributed program and in Wikipedia they are people… who use specialized software distributed by web browsers.

•   Asynchronous: Each computer (or Wikipedian) works independently without waiting for a result from the other, when it finishes its batch of work, it delivers it and it is taken in and saved.

•   Resilience: A computer device that breaks down or loses connection, or a person who dies, withdraws or is expelled from Wikipedia, in both environments does not mean stopping the work or global task. There will always be new resources, machines or humans, ready to join the Distributed System.

The aliens

Right, I started this article talking about them. In today’s -unfortunately- destroyed radio telescope in Arecibo, Puerto Rico, astronomers Carl Sagan and Frank Drake sent a message to the Hercules cluster, a group of galaxies 25,000 light years away from our planet.

“Hercules Globular Cluster (https://commons.wikimedia.org/wiki/File:Hercules_Globular_Cluster,_EVscope-20211008.jpg) ”

That means that it will take 50 thousand years to get an answer, if there is life out there, but what if it is us who were already sent messages thousands or millions of years ago?

Well, this was the program Seti@home  about: it collected radio signals and chopped them into two-minute pieces that were sent to each person who wanted to collaborate in the analysis with their own computer. At the end of the calculation according to a special algorithm, the result was sent and a new piece of code was requested. If a computer after a reasonable time did not return an answer, then the same piece was sent to another computer that wanted to collaborate: the “prize” consisted in publicly recognizing the collaborator as a discoverer of life and intelligence outside this world.

I installed the program and put it as a screensaver, so I calculated while I was working on something else or resting.

“Seti@home (imagen de setiathome.berkeley.edu) ”

There you have it! A distributed system for analyzing the radio signals of the universe!

Distributed monitoring

Distributed monitoring depends on the network topology used, and I bring it up as an introduction or approach to monitoring a distributed system. If you are new to Pandora FMS, I recommend you take some time to read this post.

Essentially it is about distributed environments that give service to a company or organization but do not execute a common software and have very different areas or purposes between departments, supported in communication with a distributed network topology accompanied by a well planned security architecture in monitoring.

Pandora FMS offers in this field service monitoring, very well described in the official documentation.

Observability

It would be an attribute of a system, and the topic is worth a full blog post, but, in summary, I expose observability as a global concept that includes more alert monitoring and alert management activities, visualization and trace analysis for distributed systems, and log analysis.

Companies like Twitter have taken observability very seriously and, as you may have guessed, that addictive social network is a distributed system but with a diffuse end product (increase our knowledge and facts about the real world).

Transaction monitoring

How can we monitor a distributed system if it consists of very heterogeneous components and, as we saw, can reach any part of our known universe?

Pandora FMS has Business Transactional Monitoring, a tool that I consider the most appropriate for distributed systems since we can configure transactions, as many as we need, and then use the necessary transactional agents to do so.

It is a difficult topic to take in but our documentation starts with a simple and practical example, with which, as you experiment, you may add “blocks” of more complex transactions until you reach a point where you can have a panorama of the distributed system.

All this is possible with Pandora FMS since it has standard monitoring, remote checks, transaction synthetic monitoring and the Satellite server for distributed environments that can be used with transactional monitoring for distributed systems.

Present and future

The question is no longer whether we need distributed systems. That is a fact. Today people use distributed systems in computing services in the cloud or in data centers and the Internet.

Distributed systems can offer impossible functions in monolithic systems or take advantage of computer processes, such as performing restorations from backups by asking other systems for chunks that are missing or have deteriorated in the local system.

For all these cases, and in any case, the flexibility of Pandora FMS will always be useful and adaptable for current or future challenges.

Observability, monitoring and supervision

by Pandora FMS team | Last updated Sep 11, 2023 | Tech

There are different positions on whether observability and monitoring are two sides of the same coin.

We will analyze and explain what the observability of a system is, what it has to do with monitoring and why it is important to understand the differences between the two.

What is observability?

Following the exact definition of the concept of observability, observability is nothing more than the measure that determines how internal states can be inferred through external outputs.

That is, you may guess the status of the system at a given time if you only know the outputs of that system.

But let’s look at it better with an example.

Observability vs monitoring: a practical example

Some say that monitoring provides situational awareness and the capacity for observation (observability) helps determine what is happening and what needs to be done about it.

So what about the root cause analysis that has been provided by monitoring systems for more than a decade?

What about the event correlation that gave us so many headaches?

Both concepts were essentially what observability promises, which is nothing more than adding dimensions to our understanding of the environment. Be able to see (or observe) its complexity as a whole and understand what is happening.

Let’s look at it with an example:

Suppose our business depends on an apple tree. We sell apples, and our tree needs to be healthy.

We can measure the soil pH, humidity, tree temperature and even the existence of bad insects for the plant.

Measuring each of these parameters is monitoring the health of the tree, but individually they are only data, without context, at most with thresholds that delimit what is right or what is wrong.

When we look at that tree, and we also see those metrics on paper, we know that it’s healthy because we have that picture of what a healthy tree is like and we compare it with things that we don’t see.

That is the difference between observing and monitoring.

You may have blood tests, but you will only see a few specific metrics of your blood.

If you have doubts about your health, you will go to a doctor to look at you and help you with the analysis data, do more tests or send you home with a pat on your back.

Monitoring is what nourishes observation.

We’re not talking about a new concept, we’re rediscovering gunpowder.

Although being fair, gunpowder can be a powerful weapon or just used for fireworks.

The path to observability

One of the endemic problems with monitoring is verticality.

Have isolated “silos” of knowledge and technology that barely have contact with each other.

Networks, applications, servers, storage.

Not only do they not have much to do with each other, but sometimes the tools and equipment that handle them are independent. 

Returning to our example, it is as if our apple tree were dying and we asked each expert separately:

• Our soil expert would tell us it’s okay.
• Our insect expert would tell us it’s okay.
• Our expert meteorologist would tell us that everything is fine.

Perhaps the worm eating the tree reflected a strange spike in soil pH and it all happened on a day of subtropical storm.

By themselves the data did not trigger the alarms, or if they did, they corrected themselves, but the ensemble of all the signals should have portended something worse.

The first step to achieving observability is to be able to put together metrics from different domains/environments in one place. So you may analyze them, compare them, mix them and interpret them.

Basically what we’ve been saying at Pandora FMS for almost a decade: a single monitoring tool to see it all.

But it’s only the first step, let’s move on.

Is Doctor House wrong when he says everyone is lying?

Or rather, everyone tells what they think they know.

If you ask a server at network level if it’s okay, it will say yes.

If there is no network connectivity and the application is in perfect condition, and you ask at application level whether it is OK, it will tell you that it is OK.

In both cases, no service is provided.

And we’ll say, but how is it okay? it doesn’t work!

Therein lies the reason that observability and monitoring are not the same.

It is processing all the signals what produces a diagnosis and a diagnosis is something that brings much more value than data.

Is it better to observe or monitor?

Wrong.

If you’re asking yourself that question, we haven’t been able to understand each other.

Is it better to go to the doctor or just have an analysis?

It depends on what you’re risking.

If it is important, you should observe with all available data.

If what you’re worried about is something very specific and you know well what you’re talking about, it might be worthwhile to monitor a group of isolated data.Although, are you sure you can afford only to monitor?

Finding the needle in the haystack

Among so many data, with thousands of metrics, the question is how to get relevant information among so many shrouds. Right?

AIOPS, correlation, Big Data, root cause analysis…

Are we looking at another concocted word to sell us more of the same?

It may, but deep down it is a deeper and more meaningful reflection:

What is the use of so much data (Big Data) if I don’t have the capacity for its analysis to be useful to me for something practical?

What good is technology like AIOPS if we can’t have all the data together from all our systems, together and accessible?

Before developing black magic, the ingredients must first be obtained, if not, everything remains in promises and expensive investments that entail wasting time and the unpleasant feeling of having been deceived.

From monitoring to observability

In order to elevate monitoring to the new observability paradigm, we must gather all possible data for analysis.

But how do we get them?

With a monitoring tool.

Yes, a tool like Pandora FMS that can gather all the information together, in one piece, without different parts that make up a Frankenstein that we do not know either what it costs or how it is assembled.

And we’re not talking about a monitoring IKEA, made up of hundreds of pieces that require time and… a lot of time.

This is not new.

Nor is it new that we need a monitoring tool that can collect data from any domain.

For example, switch data, crossed with SAP concurrent user data.

Latency data with session times of a web transaction. 

Temperature in Kelvin dancing next to euro cents, positive heartbeats looking closely at the number of slots waiting in a message queue.

LThe only thing that matters is business.

Just the final view.

Observe, understand and above all, resolve that everything is okay, and if it is wrong, know exactly who to call.

What is real observability?

We call it service views.

It is not difficult, we provide tools so that you, who know your business, can identify the critical elements and form a service map that gets feedback from the available information, wherever it comes from.

FMS means for us FLEXIBLE Monitoring System, and it was designed to get information from any system, in any situation, however complex it was and store it to be able to do things with it.

Today our best customers are those who have such a large amount of information that other manufacturers do not know what to do with it.

We don’t know what to do with it either, I won’t fool you, but our customers with our simple technology do.

We help them process it and make sense of it. Make it observable. 

We would like to say that we have a kind of magic that others do not, but the truth is that we have no secret.

We take the information from wherever it comes from, whatever it is, and make it available to design service maps.

Some are semi-automatic, but customers who know what to do with it prefer to define very well how to implement them. I insist, they do it themselves, they don’t even ask us for help.

If you want to observe, you need to monitor everything first. 

And there we can help you.

Distributed network visibility, the ultimate weapon against chaos

by Pandora FMS team | Last updated Feb 15, 2022 | Tech

2022, the world is the technological paradise you always dreamed of. Space mining, smart cities, 3D printers to make your own Darth Vader mask… Just a little problem, society is based on digitization and communications and you have no idea about the visibility of distributed networks. Something of vital importance considering the rise of cybercrime. Well, don’t worry, we’ll help you.

 Do you know everything about distributed network visibility?

Well, the first thing you need to be aware of is the importance of this distributed network visibility. After all, companies around the globe say that the biggest blind spots in their security come from the network, so all their efforts are focused on safeguarding their data by reinforcing this trench. That’s why visibility is key. Even more so if we talk about Managed Service Providers (MSP), the professionals in charge of protecting customer data.

But, what is distributed network visibility? 

To put it simply, distributed network visibility supposes having full knowledge of the different components running within your network to be able to analyze, at will, aspects such as traffic, performance, applications, managed resources and many more, which will depend on the capabilities offered by your monitoring tool. In addition to increasing visibility into your customers’ networks, a comprehensive solution can give you more leverage to strategize based on the metrics you’re monitoring.

For example, MSPs can, with a good visibility solution, help improve the security of their customers by revealing signs of network danger or, through better analytics, make more informed and rigorous decisions about data protection.

As we have warned before, cybercrime is our daily bread in this almost science fiction future that we have earned, and blind spots in network security, along with what will become of the cd, is one of our great concerns.

Monitor traffic, look for performance bottlenecks, provide visibility thanks to a good monitoring tool and alert on irregular performance… That’s what we need. In addition, these super important alerts draw attention and notify technicians and system administrators, who will immediately take the appropriate measures to solve our problem.

If you are an MSP in this post-apocalyptic future that we are living in, it is very likely that you use several applications as part of your services, well, another of the obvious advantages of improved visibility is the ability to participate in application supervision. So, for example, when granular network visibility is set, you may get unquestionable insight into how applications are affecting performance and connectivity. Once you are aware of this, you may choose to filter critical app traffic to the right tools and monitor who is using which app and when. You may even make application performance more practical, reducing processor and bandwidth work by ensuring, for example, that email traffic is not sent to non-email gateways. 

Some challenges to consider

Not everything is having fun and joking around, rolling on the carpet and having crises saved by your expertise, there are several challenges for MSPs associated with network visibility.

Cloud computing has increased and mobile traffic has increased too, this only adds, to our inconvenience capacity, more blind spots to watch out for as MSP. The end has come for the magnanimous and bucolic days of lying on the grass simply monitoring traffic over MPLS links. We are in the future, and WANs are a deadlock for Internet-based VPNs, Cloud services, MPLS, and mobile users. Something complex that many rudimentary monitoring tools cannot offer full visibility of. There are many components to address. To deal with this Gordian knot and its dense complexity, MSPs must be demanding and rigorous when choosing a monitoring tool to work with.

Another of the great challenges that MSPs may face in this field is the fact that the most traditional monitoring methods are closely linked to on-premise devices. This means that all WAN locations need their own set of applications, and these must have their own sources and be properly maintained. Optionally, all traffic can be retrieved and inspected from a WAN location. This inefficient method can have a performance impact.

Due to this inefficiency, it becomes difficult to apply the traditional approach to distributed network visibility. For enterprises with many applications, networking becomes too obtuse and convoluted, with a variety of individual configurations and policies difficult to support. Additionally, there is the capacity restrictions of the devices, which limit the amount of traffic that can be analyzed without the need to update the hardware. This without noticing that at some point the devices will have to be completely patched or replaced. Damn, even if your company grows, which is what we want, network visibility will quickly be constrained and more security vulnerabilities will go unnoticed.

Conclusions and good wishes

I gave you a very bad prospect. But don’t worry, it was only an adverse in crescendo until reaching the great catharsis: While there are many traditional monitoring tools that cannot address distributed network visibility challenges, there are, thank heavens, other monitoring tools that can.  This is the example of Pandora FMS, a monitoring software that is up to the challenges such as those raised and that helps technicians manage complex networks and much more. Pandora FMS allows you to control, manage and customize the tool through a centralized interface. Thanks to its scalability you will be able to manage networks with hundreds of devices and give IT providers what they need to increase security and maximize efficiency. You don’t believe it? Try it now for 30 days for free. You see, not everything was going to be bad in this post apocalyptic future!

You can judge your monitoring by the tools you use

by Dimas Pardo | Last updated Feb 3, 2022 | Tech

Whether you are a DIY ace or a master at roast beef, a decorated luthier or the best seamstress in the neighborhood, we all love to work with good tools, right? This includes, of course, good IT professionals. Because IT monitoring tools are fundamental when it comes to supervising a network infrastructure and applying the corresponding policies and security measures. Even so, not every monitoring tool is perfect, in fact some could even get to the point of harming us. Let’s take a look!

Better monitoring tools, better monitoring

It’s instinctively basic: you have to find the right monitoring tool for each job. Indeed, although it may seem unheard of, it is quite difficult for IT teams to find comprehensive and outstanding monitoring tools. Some of them are too specialized or do not support all applications because they might lack certain features. This dilemma can lead IT teams to use hundreds of disparate monitoring tools, due to the need to attend to all monitoring tasks. I know what you are thinking: “That must be expensive”. Yes, it is, plus it slows down the working pace due to the huge amount of reports, each with their own features, to be inspected and checked.

That is why we must avoid tool proliferation, as we avoid the proliferation of gremlins or herniated discs.  Preventing it through individual monitoring solutions, even if this requires significant changes, such as the implementation of integrated tools, conceived to support multiple applications, or special network configurations.

The most efficient thing would be to go for IT monitoring tools that include updates to support today’s most respected applications and provide IT administrators with a single management board.

Simplifying is the key

If you have to choose a monitoring platform, you should be aware beforehand that different IT sectors require different types of solutions. Try, with a single solution, to address as many sections as possible, thus adding further depth to monitoring activities. Such a single solution will give you a greater ability to automate responses and locate irregular events in any system you are monitoring.

For this reason, IT departments often look for a suite of fully integrated IT tools offered by centralized system management and monitoring companies. These companies often promise to reduce the license and maintenance costs of their software, as well as the use of their monitoring tool integrated in the corresponding environment to help manage the company.

The IT department will reduce costs thanks to these integrated tools, among other things because they already have a strong response to any problem that may arise. In fact, one of the direct benefits is the reduction of incidents that require the action of the support teams. Also general performance visibility and system availability, thus increasing the total productivity of the company.

But hold on there, before you go running to look for a monitoring tool that suits your company’s requirements and even your zodiac sign, it is TOTALLY NECESSARY to define what justifies monitoring in your company. Remember that each piece of your IT department will have something to say and contribute, there are different features regarding each function, information flow and security clauses. Once you have a full and clear idea of what you and your company need, you may start with a good monitoring strategy.

Application monitoring tools

Application monitoring is, broadly speaking, monitoring activity logs to see how applications are being used. You know, looking at the access roles of the users, the data that is accessed, how this data is used… If your monitoring tool is good, it even shows a window to the log data and an exhaustive view of all the data elements that make up a healthy application: response times, data traces…

Any self-respecting application monitoring tool has to offer these kinds of features, as well as being integrated with database and network monitoring. Thus, together, they will be able to improve application response times through active and immediate solutions to performance problems that arise.

Network monitoring tools

DNS host monitoring, IP address management, packet tracking… This is more or less what all network monitoring tools usually offer. They usually fall short, however, when it comes to supervising everything related to network traffic, whether internally or externally. What they should always provide, under oath, is full surveillance of all devices connected to the network.

Compliance control monitoring

Don’t worry, if you haven’t yet managed to justify implementing a full monitoring tool, compliance monitoring will make up your mind.

Compliance monitoring solutions will provide you with templates based on types of regulations, allowing you to conveniently design and implement a comprehensive compliance monitoring strategy, including the ability to monitor log data, in real time, from any type of device connected to your network, including routers and switches.

Thanks to compliance control monitoring tools you will be able to collect, correlate and export any necessary registration information for the IT team. Report templates will be able to align with formats common to regulatory agencies. In addition to providing exhaustive analysis in the case of internal audits.

Conclusions

If we have made something clear today, it is that the system management and monitoring solution you choose must meet a small series of requirements: be integrated into several systems, be accessible to the IT team through an intuitive interface based on a control panel, be scalable, and stay constantly evolving so that its ability to help you maintain your services can go forward and transcend when you need it.  

If doubt and anxiety overcome you, do not worry, what you are looking for is not far away. Pandora FMS is capable of monitoring all these IT areas that we talked about and much more. Thanks to its more than 16 features and more than 500 Enterprise plugins available. Also, if you are not very knowledgeable in this matter, do not worry, we manage it for you   with our MaaS solution. Try it now, for 30 days, for free!

Resources:

Pandora FMS plugin library

 Pandora FMS official forum 

I want to learn more!

 Our Trial

Advice on camera and microphone in WSL2 Ubuntu

by Jimmy Olano | Last updated Feb 27, 2024 | Tech

Al momento de escribir estas líneas, prácticamente todo lo que conectamos a nuestros dispositivos es mediante el llamado Universal Serial Bus (USB): cámaras, micrófonos, almacenamiento externo… ¡Es la manera más rápida y segura de sincronizar y respaldar información entre nuestro teléfono móvil y ordenador! ¿Pero qué tiene todo esto que ver con el Windows Subsystem for Linux (WSL2 Ubuntu)? Veamos.

Estudio en WSL2 con Ubuntu: software privativo y libre

De entrada, os dejo un enlace a un artículo publicado en este blog, para así facilitar el conocimiento de la tecnología que iré nombrando. Agregaré más de ellos a lo largo del texto. Tenemos bastante tela que cortar, así que recomiendo una buena y humeante taza de café negro en vuestras manos antes de empezar.

*Las pruebas que he realizado han sido sobre máquinas virtuales (VirtualBox®: se pueden crear, borrar, modificar, etcétera sobre Solid State Drive). 

Breve retrospectiva

Siempre afirmo que «para saber a dónde vamos, necesitamos saber de dónde venimos». Desde 1989 yo he trabajado con los productos que vende la empresa Microsoft Corporation: primero el sistema operativo MS-DOS y su única forma de interacción por línea de comandos y, luego, Microsoft Windows, el cual utiliza, además, el entorno gráfico. Sí, lo sé bien, el MS-DOS® como tal fue eliminado, pero aún quedan sus comandos. Fue sustituido con Powershell®, del cual ya hemos hemos hablado, y es importante para el tema de hoy.

Acabando 2016, Microsoft nos sorprendió con la noticia de que su SQL Server® podía ser ejecutado sobre GNU/Linux. Para mí, que durante muchos años trabajé instalando y manteniendo servidores de datos para mis clientes, fue una noticia impactante. Pero esperad, aún hay más, en mi periplo, descubrí que el BASHware puede afectar a un sistema Windows por medio del WSL. Lo que nos lleva al artículo de hoy, donde  entraremos en el manejo de los dispositivos USB, con particular atención a micrófonos y cámaras web, bajo WSL2 con Ubuntu 20.04.

WSL y WSL2

Recomiendo, de nuevo, el excelente artículo sobre WSL2. Aunque el tiempo ha transcurrido y existen algunos cambios significativos. En aquella oportunidad el WSL2 se instalaba por medio de comandos. Ahora, y quiero recalcarlo, noto que por el Panel de Control de MS Windows, «Programas y características», podemos agregar los dos componentes claves que son Virtual Machine Platform y, obviamente, Windows Subsystem for Linux en el apartado de «Activar o desactivar características de Windows»:

Después de esto se debe reiniciar el sistema operativo, ¡esto es ya idiosincrasia de la casa de Redmond! (Después vendrán muchos reinicios más que dejaré fuera. Estarán implícitos). 

Otro aspecto que fue agregado en julio de 2021 es la posibilidad de agregar las distribuciones Linux que uno desee, directamente, por la línea de comandos en Powershell (dependiendo de la versión y tipo de MS Windows que tengáis instalado).

Para ver las distribuciones disponibles:

wsl --list --online

Para instalar Ubuntu 20.04:

wsl --install -d Ubuntu-20.04

Después de cierto tiempo, dependiendo de la velocidad de descarga de Internet, preguntará por nombre de usuario y contraseña. Inmediatamente mostrará el estado de las actualizaciones para Ubuntu. 

Para configurar WSL2 como predeterminada:

wsl --set-default-version 2

La opción de descargar y usar desde  la Microsoft Store sigue siendo válida y disponible, para Ubuntu 20.04 ocupa casi medio gigabyte de espacio.

La diferencia fundamental entre WSL y WSL2 es que la última descarga es un kernel completo de Linux, pero no un kernel cualquiera, es uno especialmente diseñado para que se acople con el kernel de Windows. Esto quiere decir que las aplicaciones ejecutadas en WSL2 siempre deberán ser «pasadas» -mas no interpretadas, como era en WSL- antes de interactuar con cualquier hardware, USB incluído.

En lo único que WSL supera a WSL2 es el intercambio de ficheros entre los dos sistemas operativos. El resto son todo ventajas y mejoras en WSL2.

Podman en WSL2

Para que os hagáis una idea de lo útil que es incluir un kernel completo de Linux en MS Windows, el software Podman (sucesor de Docker), puede ser ejecutado sobre WSL2. Si aún no sabéis lo que es Podman, haced más café y visitad otro de nuestros artículos.

Modo de desarrollador

Una característica que ofrece Powershell y que podemos usar a nuestro favor, una vez hayamos instalado y configurado WSL2, es el modo de desarrollador. Se accede pulsando la tecla de inicio de Windows, tecleando «Powershell» y escogiendo la configuración de desarrollador. Lo primero es activar el modo de desarrollador y esperar a que se termine de instalar el software necesario.

Este consta de dos componentes principales: 

• Device Portal.
• Device Discovery.

El Device Portal abrirá el puerto 50080 (recordad configurar debidamente el Windows Defender Firewall), y desde cualquier navegador web podremos introducir las credenciales configuradas y acceder a una variedad de aspectos que podréis observar en la siguiente imagen.

*Hay un tutorial para establecer conexiones seguras con HTTPS pero no viene al caso para este artículo: 

Guardando las distancias, esto es parecido a lo que ofrece eHorus para una monitorización tanto básica como avanzada, si es utilizado en conjunto con Pandora FMS. He incluído esta característica porque las credenciales configuradas son necesarias para el siguiente punto.

El segundo componente es el Device Discovery que, entre otros aspectos, abrirá un servidor SSH para realizar conexión. 

Esto permite abrir una terminal con la línea de comandos de Windows y, una vez allí, podremos utilizar directamente WSL2 para cualquier tarea que necesitemos desarrollar de manera remota desde otro equipo. En este caso, de ejemplo he utilizado el software PuTTY para conectar desde la máquina real a la máquina virtual Windows 10 con WSL2 instalado y configurado: 

Como veis, una vez se ha establecido la configuración por defecto, solo con escribir el comando wsl estaremos listos en un ambiente Linux, no GNU/Linux sino MSW/Linux.

USB en WSL2

Llegamos al propósito de esta entrada en el blog: el manejo de USB en WSL2. Al momento de redactar estas líneas, hay dos noticias, una mala y otra buena.

• La mala noticia es que no, por ahora WSL2 es incapaz de ofrecer soporte para USB, así que, por ejemplo, vuestras cámaras y micrófonos conectados por esta vía no estarán disponibles para ser utilizados desde WSL2.
• La buena noticia es que podemos compilar nuestro propio kernel Linux para WSL2 y tener acceso a algún que otro micrófono o cámara web desde nuestra distribución Linux elegida. ¿Pero qué aplicaciones podríamos usar para ello?

Compilando kernel Linux para WSL2

Antes de hacer cualquier cosa, primero debemos actualizar Ubuntu WSL2 con los comandos de siempre:

$ sudo apt update

$ sudo apt upgrade

Y si creían que con esto era suficiente descarga de software… pues no, ahora se debe instalar lo que yo llamo el entorno de programación (dependencias):

$ sudo apt install build-essential flex bison libssl-dev libelf-dev

Y ahora sí se puede descargar el código fuente del kernel base para Ubuntu en WSL2:

$ sudo git clone https://github.com/microsoft/WSL2-Linux-Kernel.git

Son tres gigabytes a descargar. El código fuente. Brutal. Aunque siempre se puede usar el parámetro git clone -depth=1 <repositorio> , esa opción no la utilicé. Recomiendo al menos 100 gigabytes libres en almacenamiento antes de entrar a la carpeta descargada (repositorio clonado) y ejecutar:

$ make -d KCONFIG_CONFIG=Microsoft/config-wsl

En este punto debo aclarar que encontré muchas opciones de configuración para compilar. Por ejemplo, para instalar el software de manejo de paquetes Snap sobre Debian. Ahora bien, todo esto está excluido del soporte de Microsoft, nada podréis reclamar a esta empresa si algo sale mal en el proceso de compilación.

Para finalizar deberemos apagar WSL2 con el comando wsl –shutdown y copiar el kernel recién compilado en la siguiente vía no sin antes respaldar el kernel original:

C:\Windows\System32\lxss\tools\kernel

A esta altura ya deberíamos poder conectar cualquier micrófono o cámara web y tener acceso desde WSL2… Pero va a ser que no. Resulta que primero debemos conseguir los controladores de hardware para MS Windows, obvio, y luego los de Linux, meterlos en el código fuente estos últimos y volver a compilar de nuevo. Además a eso le sumamos instalar en Ubuntu WSL2:

sudo apt install linux-tools-5.4.0-77-generic hwdata

sudo update-alternatives --install /usr/local/bin/usbip usbip /usr/lib/linux-tools/5.4.0-77-generic/usbip 20

Y de paso también se debe instalar del lado de Windows, con un paquete instalador MSI, el proyecto USBIPD-WIN…

Como podemos observar, ya que nos hemos mal acostumbrado a la sencillez gráfica de Windows, si deshabilitamos el USB por el Administrador de dispositivos ningún hardware podrá conectarse con o sin nuestro consentimiento, ya que estará bloqueado a nivel de sistema operativo.

Instalando aplicaciones gráficas en WSL2

Para finalizar, aunque en el caso del instalador de paquetes snap está explícitamente sin soporte alguno en Ubuntu sobre WSL2, otras aplicaciones que interactúan con hardware (como el sonido, por ejemplo), podrán ser instaladas, pero cuando intenten acceder a los ficheros de hardware (recordar que en Linux todo es un fichero) pues sencillamente no encontrarán tales recursos. Es el caso del software espeak:

En teoría, en el blog de Ubuntu se indica que por medio de X Window System Architecture se puede «pasar» la interfaz gráfica de las aplicaciones instaladas en WLS2. Oficialmente Microsoft anunció justo antes de terminar el año 2021 que las siguientes aplicaciones gráficas se pueden ejecutar:

• Gedit (mi editor de texto GNU gráfico favorito).
• GIMP (potente para diseño gráfico).
• Nautilus (explorador de archivos).
• VLC (reproductor de audio y vídeo).
• Aplicaciones basadas en X11 (calculadora, reloj, etcétera).
• Google Chrome (bajo vuestro propio riesgo debido a su gran consumo de RAM y recursos).
• Microsoft Teams (por cierto, Pandora FMS tiene un conector especial).
• ¡Incluso Microsoft Edge web browser para Linux!

Pero esto tiene algunos inconvenientes. Primero, se debe tener Windows 11 Build 22000.  Segundo, tener instalados los controladores de hardware de vídeo para WSL2. Tercero, estar inscrito en el programa Windows Insider. ¡Espero os haya gustado la información!

Recursos:

Librería de plugins Pandora FMS

Foro oficial Pandora FMS

Quiero saber MaaS

Nuestro Trial