Do you know what VMWare is and how to include it in monitoring?

by Rafael Ameijeiras | Last updated May 8, 2024 | Tech

Find out what VMWare is and how to include it in monitoring

Before we dive into how to monitor virtualized environments with VMWare, let’s clarify a couple of concepts for those who are less into the subject, starting withWhat is VMWare?.

VMWare is a software product development company, mostly related to virtualization, and more recently to containerization, although this is beyond the scope of this article. Today, we are going to focus on monitoring virtualized environments with VMWare.

To do this, the first step would be to know what virtualization is. A quick summary, and a bit imprecise I must say, but that will give you a general idea. We can claim that virtualization is like dividing the components (CPU, Memory, Disk, etc.) of a physical computer or server (which we will refer to from now on as Bare-Metal) into virtual or emulated components. This will allow us to share the same component between different instances which we will call “virtual machines.” That way, using a single set of hardware, you may have different virtual machines running different versions of operating systems, applications, libraries, etc. simultaneously and separate from each other.

The interesting thing about this is that, for the virtual machine (which we will refer to as VM from now on), the resources that have been assigned to it are only from it and are real elements. This opens a world of possibilities, it allows you to have many services and virtual machines running on a single hardware device with the energy, space and cost savings that this implies. In addition, since it is all at software level, it will allow you to manage the machine as one more file inside the computer, being able to copy it, modify it or even package and distribute it.

The advantages of virtualization are more than proven and today almost any service and infrastructure runs mostly on virtual servers. A very clear example is when you go to your favorite cloud provider and click a button to activate an instance of a database or a server, actually what you’re doing is activating a virtual machine that it already had pre-configured and that can work for you in a matter of seconds, thanks to this technology.

Due to these types of advantages, and because of the massive distribution of virtual machines in most ecosystems, it is so important to have a monitoring tool capable of adapting to this type of environment efficiently.

Now that we know what virtualization is, we will see a new concept. We already said that from a physical machine we can emulate and subdivide its components to create instances of smaller virtual machines, and it is true, although there is a small nuance, we require software devoted to this, we call this software hypervisor.

There are different types, manufacturers and features we are not going to delve into today. If you are interested in this topic and want us to do a more detailed article on virtualization leave it in the comments

vSphere

Today we will focus on one of VMWare’s most widespread and well-known products: the vSphere suite which, according to Wikipedia, “is VMware’s core business suite, the cornerstone on which almost all the business products they offer rely on. It consists of the ESXi virtualization software that is installed directly on the servers and the centralized management console vCenter.2020 ”

As we have seen, vSphere is the name of the set of tools that VMWare offers for device virtualization, there is a range of different vSphere environments, from a single ESXi server that works as a hypervisor as well as management.

To much more complex environments where several ESXi work in parallel being managed by a centralized administration software called vCenter.

Virtual environment monitoring

To monitor virtual environments, whether it is from VMWare or not, there are two main ways.

The first is to treat each virtual machine as an independent machine, attacking its operating system with standard protocols or using some monitoring agent.
This approach does not require for the tool have a special or devoted management, since it will deal with each VM as any other machine. Along this approach, we can say that we will interrogate the operating system, therefore, in heterogeneous environments, we must define metric captures for each system.

The second way is more general and allows deploying monitoring very quickly and efficiently. In this case we will integrate the hypervisor, since it has information on all the machines it contains and we can interrogate it directly. For each manufacturer the protocol, the responses and the format with which we will interrogate the hypervisor may vary, but in most cases they have an interface to communicate with it. Along this approach, it is the monitoring tool that must be adapted and have a connector to communicate with the supervisor in a centralized way.

Of course, Pandora FMS has both types of monitoring, being able to combine them if necessary if deep and detailed monitoring is required.

In today’s case, we will see the monitoring integrated in Pandora FMS Enterprise Discovery tool. That will allow us, in a very simple way, to connect well, either with a standalone ESX or with a vcenter, through the vmware SDK.

vSphere Monitoring with Pandora FMS

Starting from the fact that we have a Pandora FMS Enterprise instance, the steps are very simple: by default Pandora FMS has the necessary libraries to connect to a VMWare environment, you only need a user account with reading permissions and connectivity with the ESX or vCenter as the case may be.

Once you fill in the simple form with the data from our VMWare environment:

You will see a window to configure some monitoring data, such as the scan interval for new machines, the execution threads that you will devote to this task, if you want to activate network monitoring and (only for vcenter), if you want to capture the environment events.

You will also have a field for extra configurations that will allow you to add advanced configurations related to the task (you can see the possible configurations:
https://pandorafms.com/manual/en/documentation/03_monitoring/05_virtual_environment_monitoring?s[]=vmware#vmware 1 plugin ocnfiguration ).

Once finished, you will be able to see that a task has been added to Pandora FMS task list, where you will be able to see its last execution, enable it, disable it or force task execution manually.

The default task will give you information about all the ESXs (in the case of vcenter), virtual machines and datastores available in the vmware environment that you configured, returning the following metrics:

Default monitoring for Datacenter:

• Ping
• Check 443 port

Default monitoring for Datastore:

• Capacity
• Free Space
• Disk Overallocation
• Free Space Bytes

Default monitoring for ESXi:

• CPU Usage
• Memory Usage
• Received data
• Transmitted data
• Disk Read Latency
• Disk Write Latency
• Host Alive
• Disk Rate
• Net Usage

Default monitoring for virtual machines:

• CPU Usage
• Memory Usage
• Tools Running Status
• Host Alive
• Disk Free
• Disk Read Latency
• Disk Write Latency
• Received data
• Transmitted data
• Net Usage

In addition to the metrics described, you will also have a specific view for monitoring vSphere environments that has compilation information on the general state of the environment and each monitored ESX and even a map of the monitored infrastructure.

As you can see, it is very easy to start monitoring a vSphere environment with Pandora FMS, just follow a few steps and you will have your VMWare monitoring integrated quickly and easily.

If you are interested in knowing in more detail how synthetic transactions are configured and executed with Pandora FMS, do not hesitate to visit our YouTube channel, where you may find different contents such as tutorials, workshops and a lot of other resources devoted to this and many other topics related to monitoring.

10 reasons to change your monitoring software

by Jimmy Olano | Last updated Aug 11, 2023 | Tech

Every change is for the better and we give you ten reasons to change your monitoring software.

Cuando se habla de cambiar de software, no sé por qué, me viene a la mente la compra de música. Bueno, yo soy de los de antes: vinilos, cassettes, a principios de siglo los CD y DVD… Claro, ahora es diferente, actualmente existe el pago por suscripción, que reproduce en línea, y donde generalmente se ofrece el álbum de turno o paquetes completos con muchas estrellas musicales…

We could start right there, highlighting the difference between “the cloud and the earth”, running software on the Internet versus having one on your own physical servers. Both have their costs, we know. In fact, we already gave detailed information in another article on the subject. Because before talking about changing your monitoring software we must start there, the money. That’s the reason why you will have to take into account several factors, so let’s go for pencil and paper (virtual) and let’s start numbering!

1) Pandora FMS offers several forms of installation and download, as well as modes of operation. That is one reason to consider switching monitoring software. This mechanism allows you to grow, and, if necessary, reinstall at any time. You don’t have to buy a whole package either: in Pandora FMS you start by installing the Community version and as you see the benefits for yourself, you can move on to installing and testing the Enterprise version, without obligations or hassle. There you will always have the installers, both online and offline, as many times as you need them.

2) Do you have a feature in mind that cannot be found in any monitoring software? Don’t be embarrassed, it happens. I, at the very least, am very picky about how to insert text and data into text or number boxes. When you focus on them, I like for the text to be selected in a specific color, for example. And don’t even let me begin on entering numerical amounts or phone numbers.

And Pandora FMS does not have exactly that requirement either… However, you just have to go through the Community version that is open source and through its forum to get the help you need to develop the idea.

Better yet, you may have already been successful but now you want a more ambitious and highly customized improvement for your company: try the Enterprise version, where they will give you professional advice and offer you extraordinary improvement plans tailored to your needs. After all, only you know what is best for your company and what it needs. An exactly tailored suit or smehting ready-to-wear ? You choose!

3) With Pandora FMS you will be able to monitor at first remotely, without interfering much in your work processes, continue with an advanced remote configuration and, if everything goes smoothly, advance to monitoring with Software Agents, which are installed on each device. While you change -and advance- Pandora FMS has already outlined the path until (for now) June 2023. Exploring and changing monitoring software can be done before it’s necessary, even if it’s late.

4) Using great monitoring software, widely used worldwide and also used by large corporations, is not a guarantee of good security. I invite you to read about the case that took many headlines in the press, social networks, radio and television. Take this chance to have a coffee and take a deep breath to come back, there are still six reasons to change your monitoring software.

5) Because you don’t believe in magic wands. Neither do I, and in Pandora FMS that is very clear for them. Each client has a different problem and it is necessary to adapt to each particular case. But it will not be by magic, you have to invest time and effort, and in that domain Pandora FMS offers decades of proven experience.

6) Because “we just know that we do not know anything”. Without the aim to go in depth into the philosophical field, we must always pay attention to constant learning. Perhaps the documentation of your software is quite poor and it would be a good time to change it. Pandora FMS has forums of users of the Community version, documentation, tutorials and this blog that you are reading today. With all of them you can learn at your own pace, but if you want or rather need a push – certification included – check out our training in monitoring. Psst, with the Enterprise license this last one is included, don’t miss the chance!

7) Another reason to change your monitoring software is indeed not to change anything! Perhaps you simply need a monitoring contingency plan or an alternative of audit or measurement of result comparison. For example, I am a client of DigitalOcean, a company that provides virtual computers and that has both monitoring processes (Software Agent type) in each droplet (virtual machine), as well as at large-scale with Prometheus in its hypervisors. However, remote checks and Pandora FMS Software Agents are more useful for me, which also helps me verify information. It is not that I don’t trust the monitoring software implemented by my own provider, but rather you must always have different options, see the full horizon to be able to choose the way forward.

8) Because two are better than one: eHorus is a remote access program that can later be integrated with Pandora FMS. EHorus remote access software can be integrated into Pandora FMS, so you may combine computer – or client – monitoring, find out the bandwidth consumption of your network, the software installed on your PC, see logs and events and connect to the computers you need from the monitoring console itself. Test without commitment nor cost for up to 10 devices.

9) Because three is better than one. We add another reason to change your monitoring software, Pandora ITSM Fully compatible and integrated with Pandora FMS. Pandora ITSM incorporates your forms for clients in your own Web, feeding Pandora ITSM directly through API. In addition you will have access to lots of articles, downloadable files, multi language, categorized and with access control to manage incidences. Monitor changes and performances on your machines with Pandora FMS agents!

10) Is the “billiard ball” with the number ten missing? You yourself can add the tenth reason to change your monitoring software. Tell us about your experience with other software, you can leave your comments below, visit our channel at YouTube, Linkedin or Twitter.

Would you like to find out more about what Pandora FMS can offer you? Learn more here.

You can also enjoy a FREE Pandora FMS Enterprise 30-day TRIAL. Installation in Cloud or On-Premise, the choice is yours !! Get it here!

Last but not least, remember that if you have a reduced number of devices to monitor, you can use Pandora FMS OpenSource version. Find more information here!

Do not hesitate to send us your questions.
The team behind Pandora FMS will be happy to assist you!

Google Authenticator and Pandora FMS, defend yourself from cyberattacks

by Pandora FMS team | Last updated Sep 1, 2021 | Tech

Double authentication with Google Authenticator in Pandora FMS

Introduction – Internet and its issues

For a long time, the Internet has been an easily accessible place for most people around the world, full of information, fun, and in general, it is an almost indispensable tool for most companies, if not all, and very useful in many other areas, such as education, administration, etc. But, since evil is a latent quality in the human being, this useful tool has also become a double-edged sword.

We speak of “cyberattacks”, or computer attacks. These “cyberattacks” are a set of code in a programming language, usually C, prepared to exploit a vulnerability in a system, or to find them. Although the most effective ones are created by people with great computer knowledge, some use already created programs, although yes, less effective than the first. That is why we hear news about cyberattacks on a daily basis. With each year that goes by, these cyberattacks multiply exponentially, being one of the biggest concerns for companies around the world. Because of this, protecting your system must be your highest priority in fighting against this problem.

From firewalls to applications, you must add all the security measures at your reach to your computing devices, both in the work environment and in your personal space, to guarantee the highest security. Although cybercriminals are more focused on attacking companies, obviously because there are more benefits, it never hurts to protect your personal life.

Problem Description – Password Attacks

Among all possible computer attacks, one of the most frequent ones is the brute force attack or password attack. This attack consists of using a series of commands or programs, together with a combination of alphanumeric characters and sets of symbols, simulating a username and password. Later, these data are launched against the entity, application or web page, as can be the case of Pandora FMS. It has that name because it is a constant attack, it does not try to exploit any specific vulnerability, but simply seeks to crack the username and password by constantly launching that code, with all possible user and password combinations. Although there are thousands of other attacks, we will focus on this one in particular, since it is one of the easiest to perform.

Solution – Google Authenticator

One of the simplest and most useful solutions to try to minimize this problem is to use a two-step authentication program (2FA). The most recommended and used one is the Google version, called “Google Authenticator“. It is a mobile application, available for both Android and iOS. This application consists of linking our account with the application itself, by scanning a QR code. Once you scan it, it will show you a 6-digit number that you must enter to verify your identity and link your account with Google’s. After having linked it, the application will provide you with a 6-digit number, with an expiration of thirty seconds, which you must enter each time you log into your account, and thus verify that you are the owner of said account.

Pandora FMS offers the possibility of configuring this application integrating its use with the server. That way, when you want to log in to Pandora FMS console, it will be necessary to enter a “code”, and thus guarantee that only the user who can obtain that code through the application can log in.

Configuring that tool is as simple as going to the “Authentication” section within the “Setup” tab.

Here the task will be as simple as activating “Double authentication” and, if desired, forcing its use on all users. Once it is done, click on “Update”.

When updating, a window will appear asking you to download the Google authenticator application. Remember it is a mobile application, and, although the link redirects you to the website, you may download it from the Android Play Store or Apple App Store. If you already had it, you would only have to click continue.

Then, open the application and scan the QR code with it. This will add an account to your application’s registry where a 6-digit number will appear. In case this fails, click “Refresh code”. If everything goes well, continue.

The last window that will appear will be to ask you for the code that was generated in the application, to finish linking your Pandora FMS user with the device where the codes are generated. You will only have to enter this code and you will have finished the configuration of your double authenticator.

To do the test, log out of Pandora FMS and re-enter the credentials of your user, and this time instead of showing you the console it will ask you to enter the application code.

Farewell

Once you have correctly configured this tool, your system will be somewhat more secure, although of course, that does not mean that it is impenetrable, since every day, the so-called “hackers” create new codes to violate this type of security. That is why we always recommend changing passwords frequently and keeping all your devices updated to the latest version of their programs and software in general and continue adding new security measures throughout your network.

There is only one way to live in peace: Safe password management

by Dimas Pardo | Last updated Sep 1, 2021 | Tech

A few rules for safe password management

In this, our competent blog, we boast of always giving you good advice and providing you with the technological information necessary for your life as a technologist to make sense. Today it is the case again, we will not reveal the hidden secret about the omnipotence of Control/Alt/Delete, but almost. Today in Pandora FMS blog, we give you a few tips for safe password management.

Safe password management

The purpose of this article is for users to be responsible for keeping their coveted passwords or authentication information safe when accessing confidential information. Because think about it, dear reader, how long ago did you come up with your first password? Surely it was to enter your select club in the treehouse. Maybe you even still choose the same for your social networks, Netflix or office pc. Was it as ordinary as your birth date? Your name and the first two acronyms of your surname? “RockyIV”, which was the name of your fourth favorite pet and movie? I don’t blame you, we have all been equally original and carefree when choosing a password.

But that is over! Many things already depend on this password, on this motto or pass that must include more than eight characters and at least one capital letter and one number. Your company security is not a game, damn it! There is a lot of mischief and felon out there that can put you and your businesses in a loophole, because of a vulnerability such as having a poor password! But do not worry, we will help you, we will talk about safe password management. We are Pandora FMS blog, we like potato salad, Kubrick movies and fighting against injustices!

Recommendations for safe password management

*Obvious but vital fact: User IDs and passwords are used to check the identity of a user on systems and devices. I just point that out here as an outline in case someone is so lost that they don’t know this. I repeat that we are talking about strong password management, so knowing what a password is is a must and saves time.

Said passwords are necessary for users to have access to information, normally, even if the merit is not recognized: capital information in your company. User IDs and passwords also help ensure that users are held accountable for their activities on the systems they have access to. Because yes, telereader friend, users are responsible for any activity associated with their user IDs and passwords. For that reason, it is very important for you to protect the password with your life and comply with the following policies related to them:

1. Users may not, under any circumstances, give their password or a password indication to a third party. *This seems obvious, but trust me, it is not. People sneak passwords like they’re office whispers or reggaeton choruses.
2. Users will not use user identifiers or passwords of other users. *As we can see, in this case, sharing is not living.
3. Users must change initial passwords or passwords received as temporary “reset” passwords immediately upon receipt. *For me, this is the most exciting and creative part, you never want to set the abstract code they give you, you want to improvise, imagine, CREATE!
4. Users should change their passwords if they suspect that their confidentiality may have been compromised, and immediately report the situation as a security incident. *Don’t be ashamed of yourself, admit that someone may have violated your secret and repent before it’s too late.
5. Users should not use the “remember password” function of programs. For example, if an application sends users the message of “automatically remember or store” the user’s password for future use, they will have to reject it. *This is a piece of information you did not know, huh? Well, it is as interesting as it is important.
6. Users should not store passwords without encryption, for example, in a text file or an office document. In this case, this document must be protected with access control.
7. When an administration password must be communicated, never send by the same means, the user and the password. For example, the user should be sent by email and the password by instant messaging. *I know that sometimes you try to save time, but with these things you better take your time and do not risk it.
8. Users should not set the password on a post-it on the monitor, nor on the table, nor in the drawer or “hidden” in another place in the office or among your personal belongings. *This is one of the big mistakes everyone makes. Yes, post-its or notebook sheets have always helped us, but this time they are too obvious to keep such a big secret.
9. Users should not use the same password for two systems or different applications. *Sorry, but you will have to memorize more than one. But rest assured, if a chimpanzee could recognize the descending sequence of nine numbers, someone who graduated from elementary school can do better.
10. Users who find out the password of other users must report it, ensuring it is changed as soon as possible. *Here fellowship first and foremost. It is not only right hugging after company dinners. Camaraderie above all!
11. Users must change their passwords at least once a year, or when indicated by the system, and in the case of administration passwords every 180 days, or in the event of changes of personnel in the company that may know them.
12. If now you are afraid because you do not have a strong enough password, it’s normal, but I repeat, calm down, follow the following rules for passwords creation (if the system supports them) and nothing will go wrong:

• a) Passwords must be at least six characters long.
• b) Passwords must not be easily predictable and must not be contained in dictionaries. For example: your username, date of birth, or 1234, we all know that one.
• c) Passwords must not contain consecutive repeating characters. For example: “AABBCC”.
• d) Passwords must have at least an alphanumeric character, a numeric character, and a special character.

Good, and so far that was the lecture about being responsible that you must assume and internalize if you want things to go smooth at least in terms of passwords and vulnerabilities. Oh, nothing to thank us for! You know: “Life is beautiful. Password yourself”. Look, that could be your new password, right? No, the answer is NO! REMEMBER EVERYTHING WE LEARNED TODAY IN THIS ARTICLE!

Would you like to find out more about what Pandora FMS can offer you? Find out clicking here .

If you have to monitor more than 100 devices, you can also enjoy a FREE 30-day Pandora FMS Enterprise TRIAL. Installation in Cloud or On-Premise, you choose !! Get it here .

Last but not least, remember that if you have a reduced number of devices to monitor, you can use the Pandora FMS OpenSource version. Find more information here .

Do not hesitate to send us your questions. Pandora FMS team will be happy to help you!

And if you want to keep up with all our news and you like IT, releases and, of course, monitoring, we are waiting for you in our blog and in our different social networks, from Linkedin to Twitter through the unforgettable Facebook . We even have a YouTube channel , and with the best storytellers.

10 reasons why you shouldn’t install Nagios in your company

by Pandora FMS team | Last updated Nov 17, 2022 | Tech

Everybody knows Nagios, or at least… everybody should know Nagios.

It is a useful tool to monitor systems and networks that thousands of users worldwide have been using for more than fifteen years.

Then, if it is so popular, on what are we based to say that it is not a good solution?

Careful! We’re not saying that Nagios is a bad tool, but many times the fact that it is a solution so extended and used everywhere in the world may make us assume certain things about the product and leave aside the most important question: What is what your business really needs?

After almost 20 years of experience in server, network and security technology, we dare to list some of the reasons for which it is not a good idea to assemble a Nagios system to manage a monitoring service on which business continuity depends.

Nagios technical features

Nagios has been with us for almost a quarter of century. And that’s good, but it also entails some limitations.

1. It’s not a product, it’s a project

When Nagios is installed in a company, it is installed specifically for that company, so you will not find two Nagios alike, installed and deployed in the same way. Their internal configuration files will be incredibly different.

That is always a problem in the long run.

Why?

If two technicians write a script differently and that makes it difficult to interpret them by a third party, imagine what would happen with a configuration mega-script as complex as that of Nagios.

Although two environments and two problems may be identical, the technician of the first environment will have problems understanding the Nagios installation of the second one and the technician from the second one will have trouble with the other Nagios installation.

2. Plugins Puzzle

The standard features of basic Nagios are extremely limited.

The solution to extend it is to install plugins, addons and third-party extensions, which makes it an even less standard ecosystem.

Simply put, Nagios is a puzzle of pieces made by people who have nothing in common and who lack a joint overview.

3. High dependency

Since Nagios is a tailor-made project, it depends on a limited group of people (some of whom are out of your reach) who will be there to hear your complaints, but may not even be able to solve the problem, as there will not be a final person in charge.

This team will be the only one that can maintain the installation of Nagios, therefore the knowledge will not be easily scalable or transferable to third parties.

4. Poorly scalable and flexible

Nagios is not intended for changing environments. Its configuration is static, cumbersome and complicated to integrate into automatic provisioning processes.

As it is well known, scalability is not Nagios’ strong point.

Business Aspects with Nagios

A tool like Nagios brings a number of limitations to your business. Not only for what it is able to do, but for the cost of maintaining it.

Particularly:

5. Software unit and human dependence

If monitoring is the key to your business, to growth or to maintaining current production, with Nagios you will stop relying on a software vendor and start relying on a small team of specialists.

The ones known as Gurus.

6. Unsolvable problems

Any problem that your technicians do not know how to solve will be unsolvable, especially if the implementation is very customized, since no one outside your company will know what changed or how to solve it.

Systems are audited in large companies and, in most cases, product manufacturer support is essential.

7. Large derivative costs

Although initially Nagios may seem cheaper than other solutions (you save yourself a recurring license cost), the problems arising from its maintenance will make it much more expensive in the long run.

8. Risk of losing support

If the technical team (usually a single person) leaves the company, it will be impossible to maintain the monitoring project.

There will be no support, training or documentation that can replace the “guru” who assembled it and, at best, it will be like starting from scratch.

At worst, it will take longer to understand what is assembled and how it is managed correctly.

9. Human Cost vs License Cost

Paying the salary of a Nagios guru for three years is much higher than the cost of a license, a training course and a systems technician.

After all, monitoring with Nagios takes up the time of a highly qualified technician who specializes in a task that bears no benefit.

Especially because it may not have to be carried out.

10. Alternatives available

There are dozens of software applications with license, support and training plans that will save you lots of headaches.

You probably don’t need all the power that Pandora FMS Enterprise can offer you and it’s enough with PRTG or What’s up Gold. Or maybe with Pandora FMS free software version.

We only recommend Pandora FMS Enterprise to those organizations that have needs that justify the versatility, power and flexibility of our tool.

Monitoring security architecture

by Sancho Lerena | Last updated Aug 27, 2021 | Tech

Introduction

Do an exercise, ask five IT technicians -of any profile- what SNMP means.. If you’re close with them the better, so that the first thing they do is not go to Wikipedia to boast. Hopefully, they might tell you what they said to me when I was working in networks.

“Security is Not My Problem”

Taking into account that the SNMP protocol is one of the monitoring bases, and a system that has been in use for more than thirty years, this answer, “Security is Not My Problem”, sums up the current monitoring situation quite well: ignorance, laziness and lack of interest in monitoring security.

By the way, we talked about SNMP in another article on our blog and I will give you a teaser in advance, it means Simple Network Management Protocol and it comes from 1987.

Considering that monitoring is “key to the kingdom”, since it allows access to all systems and even access many times with administration credentials, shouldn’t we take security a little more seriously when we talk about it?

Recent vulnerabilities in well-known monitoring systems such as Solarwinds or Centreon make the need to take security seriously in the implementation of monitoring systems increasingly urgent, since these have a very strong integration with systems.

In many cases, security problems are not so much about one piece of software being much safer than another, but about poor configuration and/or architecture. It must be taken into account that a monitoring system is complex, extensive, and in general, it is highly adapted to each organization. Today it was Solarwinds, tomorrow it could be Pandora FMS or Nagios.

No application is 100% secure, nor is any corporate network secured against intrusion, whatever the type. This is an increasingly evident fact and the only thing that can be done about it is to know the risks and assume which ones you can take, which ones absolutely not, and work on the latter.

Safe monitoring architecture

It is essential to keep in mind at all times that a monitoring system contains key information for a possible intruder. If monitoring falls into the wrong hands, your system will be compromised. That is why it is so important to devote time to the architecture of your monitoring system, whatever it may be.

Carry out a first analysis, collecting the requirements and scope of your monitoring strategy:

• Identify what systems you are going to monitor and catalogue their security levels.
• Identify which profiles will have access to the monitoring system.
• Identify how you will obtain information from those systems, whether through probes/agents or remote data.
• Identify who is responsible for the systems you are going to monitor.

The architecture of a system will have, whatever the chosen software, the following elements and will have to take into account its network topology, its resources and the way to protect them properly:

1. Information display interface (web console, heavy application).
2. Data storage (usually a relational database).
3. Information collectors (intermediate servers, pollers, collectors, etc.).
4. Agents (optional).
5. Notification system (alerts, notices, etc.).

Monitoring system securing

No matter how correct the implementation of a system, its architecture and its design as a whole is, if one of the elements that make it up is violated, the damage it may suffer by a malicious attack compromises the entire structure. For this reason, in security there is a saying, “Security is a chain and your real security always depends on its weakest point.”

This list of security concepts applied to the architecture of a monitoring system can be summarized as the features that a monitoring product must have to ensure maximum security in an implementation:

• Encrypted traffic between all its components.
• High availability of all its components.
• Integrated backup.
• Double access authentication.
• Delegated authentication system (LDAP, AD, SAML, Kerberos, etc.).
• ACL and user profiling.
• Internal audit.
• Password policy.
• Sensitive data encryption.
• Credential containers.
• Monitoring of restricted areas/indirect access.
• Installation without superuser.
• Safe agent/server architecture (passive).
• Centralized and distributed update system.
• 24/7 support.
• Clear vulnerability management policy by the manufacturer.

Monitoring infrastructure basic securing

The management console, monitoring servers and other elements should never be on an accessible public network. The console should always be protected on an internal network, protected by firewalls and, if possible, on a network independent from other management systems.

The operating systems that host the monitoring infrastructure should not be used for other purposes: for example, to reuse the database for other applications, nor the base operating systems to run other applications.

Safe and encrypted traffic

You should make sure that your system supports SSL/TLS encryption and certificates at both ends at all levels: user operation, communication between components or sending data from the agent to the servers.

If you are going to use agents in unsafe locations, it is highly recommended that you force all external agents to use certificate-based authentication at both ends, to avoid receiving information from unauthorized sources and to prevent information collected by agents to not travel transparently.

On the other hand, it is very important for you to activate encryption on your web server to provide an encrypted administration console and prevent any attacker from seeing access credentials, remote system passwords or confidential information.

Full High Availability

For all elements: database, servers, agents and console.

Integrated backup

The tool itself should make this as easy as possible, as settings and data are often highly distributed and consistent backup is complex.

Clear vulnerability management policy by the manufacturer

Every day, dozens of independent auditors test the strengths and weaknesses of all kinds of business applications. They seek to gain a foothold in the sector by publishing an unknown ruling to increase their reputation. Many clients, as part of their internal security management processes, execute external and internal security audits that target their IT infrastructure.

Be that as it may, all products have security flaws, the question is: how are those flaws handled? Transparency, diligence and communication are essential to prevent customers from having problems derived from vulnerabilities in the software they use. It is essential that there is a clear policy in this regard, so that it is known which public vulnerabilities have been reported, when they have been corrected and if a new one is detected, the steps to follow for notification, mitigation and distribution to the end customer.

Dual authentication system

Pandora FMS has an -optional- system based on google authenticator that allows forcing its use for all users for security policies. This will make user access to the administration console much safer, preventing that due to privilege escalation the system can be accessed as administrator, which is, at best, the highest risk that can be run.

Delegated authentication system

Complementary to the previous one, you can delegate management console authentication to authenticate against LDAP, Active Directory, or SAML. It will enable a centralized access management, and combined with the double authentication system your access will become much safer.

ACL and user profiling

Identify and assign different users to specific people. Do not use generic users, assign only the necessary permissions and do not use “super administrators”. They are good practices not only for monitoring tools but for any business software implementation with access to sensitive information.

Nowadays, any professional tool to define an access profile for each user will do so in such a way that no user has “absolute control”, but only has the minimum required access to their functions.

Internal audit system

You must have a system in place to record all user actions, including information on altered or deleted fields. Said system must be able to be exported abroad so that not even the administrator user can alter said records.

Password policy

A basic element that allows you to enforce a strict password management policy for access to application users: minimum password size, password type, their reuse, forced change once in a while, etc.

Sensitive data encryption

The system must allow the most sensitive data to be stored encrypted and safely, such as access credentials, monitoring element custom fields, etc. Even if the system itself contains the encryption “seed”, it will always be much more difficult for a potential attacker to access this information.

Credential containers

Or an equivalent system for the administrator to delegate credential use to other users who use said credentials to monitor elements without seeing the passwords contained in the container.

Restricted area monitoring

In these systems, information will be collected remotely by a satellite server and will be available to be collected from the central system (in Pandora FMS through a specific component called Sync server). That way, data can be collected from a network without access to the outside, ideal for very restrictive environments where the impact is drastically reduced if an attacker takes over the system.

Agent remote management locking system

For critical security environments, where the agent cannot be remotely managed once it is configured. This is especially critical in monitoring, since if a system is compromised and its administration is accessed, by the way the system is configured itself, it will have access to all systems from where it receives information. In critical systems, the remote management capacity must be deactivated, even if that makes administration more tricky. The same applies to automatic updates on the agent.

Design of safe architecture for communication with agents

Sometimes known as passive communication. That way, agents will not listen to a port nor have remote access from the console. They are the ones who will connect to the central system to ask for instructions.

Installation without root

Pandora FMS can be installed in environments with custom paths without running with root. In some banking environments, it is a requirement that we meet.

Notification and reporting system (alerts, notices, etc.)

A monitoring system is only useful if it shows accurate information when it is needed. Alert or weekly report reception is the culmination of all the previous work and for that you will have to take into account some “obvious” points that are often overlooked. Protect those systems, wherever they may be.

Periodic updates

All manufacturers now distribute regular updates, which include both bug fixes and security problems. In our case, we publish updates approximately every five weeks. It is essential to update systems as soon as possible, because when a vulnerability is reported, product managers ask external security researchers who have reported the bug, not to publish anything about the vulnerability until a patch is published. Once the patch is published, the researcher will publish the information in more detail as wished, a fact that can be used to exploit and attack non-updated software versions.

Pandora FMS has a vulnerability disclosure public policy as well as a public catalog of known and reported vulnerabilities. Our policy has maximum transparency and full communication with security researchers, always to mitigate the impact of any security problem and to be able to protect our clients as a top priority.

24/7 support

In our support, the technician who answers the phone has the whole team backing him up. If there is a security issue and a security patch has to be published within hours. We not only have the technology to spread the patch to all our customers, but also the team to develop it in record time.

Base system securing

Hardening or system securing is a key point in the global security strategy of a company. As manufacturers, we issue a series of recommendations to carry out a safe installation of all Pandora FMS components, based on a standard RHEL7 platform or its equivalent Centos7. These same recommendations are valid for any other monitoring system:

Hardening checklist for monitoring base system:

• System access credentials.
• Superuser access management.
• System access audit.
• SSH securing.
• Web server securing.
• DB server securing.
• Server minimization.
• Local monitoring.

Access credentials

To access the system, nominative access users will be created, without privileges and with access restricted to their needs. Ideally, the authentication of each user should be integrated with a double authentication system, based on token. There are free and safe alternatives such as Google Authenticator that can be easily integrated into Linux, although outside the scope of this guide. Seriously consider its use.

If it is necessary to create other users for applications, they must be users without remote access (for this, it is necessary to deactivate their Shell or some equivalent method).

Superuser access through sudo

In the event that certain users must have administrator permissions, SUDO will be used.

Base system access audit

It is necessary to have the security log /var/log/secure active and monitor those logs with monitoring (which we will see later).

By default CentOS has this enabled. If not, just check the /etc/rsyslog.conf or /etc/syslog.conf file.

We recommend you to take the logs from the audit system and collect them with an external log management system. Pandora FMS can do it easily and it will be useful to set alerts or review them centrally in case of need.

SSH server securing

The SSH server allows you to remotely connect to your Linux systems to execute commands, so it is a critical point and must be secured by paying attention to the following points:

• Modify default port.
• Disable root login.
• Disable port forwarding.
• Disable tunneling.
• Remove SSH keys for remote root access.
• Investigate the source of keys for remote access. To do this, look at the content of the file /home/xxxx/.ssh/authorized_keys and see which machines they are from. Delete them if you think there shouldn’t be any.
• Establish a standard remote access banner that clearly explains that the server is a private access server and that anyone without credentials should log out.

MySQL server securing

Listening port. If MySQL server has to provide service to the outside, just check that the root credentials are safe. If MySQL only gives service to an internal element, make sure that it only listens on localhost.

Web server securing

We will modify the configuration to hide the Apache and OS version in the server information headers.

If you use SSL, disable unsafe methods. We recommend the use of TLS 1.3 only.

System service minimizing

This technique can be very exhaustive. It consists simply of eliminating everything that is not necessary in the system. Thus we avoid possible problems in the future with poorly configured applications that we really did not need and that can be vulnerable in the future.

Local monitoring

All the internal monitoring systems would have to be monitored to the highest level, specially information registries. In our case the following active controls in addition to the standard controls are always recommended:

• Active security Plugin.
• Complete system inventory (specially users and installed packages).
• System logs and server security.

Would you like to find out more about what Pandora FMS can offer you? Find out clicking here .

If you have to monitor more than 100 devices, you can also enjoy a FREE 30-day Pandora FMS Enterprise TRIAL. Installation in Cloud or On-Premise, you choose !! Get it here .

Last but not least, remember that if you have a reduced number of devices to monitor, you can use the Pandora FMS OpenSource version. Find more information here .

Do not hesitate to send us your questions. Pandora FMS team will be happy to help you!

And if you want to keep up with all our news and you like IT, releases and, of course, monitoring, we are waiting for you in our blog and in our different social networks, from Linkedin to Twitter through the unforgettable Facebook . We even have a YouTube channel , and with the best storytellers.

Engineering and development in Pandora FMS

by Sancho Lerena | Last updated Aug 11, 2023 | Tech

Pandora FMS started as a totally personal open source project back in 2004. I wasn’t even a professional programmer, I was doing Unix security consulting. In fact, I chose PHP but Pandora FMS was my first application with PHP, I knew some things about ASP and my favorite programming language had been C.

A project with a single programmer and no professional users of his software yet is very different from a project with several dozen programmers and hundreds of clients using the software in critical environments. The evolution that Pandora FMS has undergone from 2004 to 2021 is a real case of steady improvement in software engineering.

Fortunately, I did not pay much attention to that subject of the degree, because most of the things that work and that I have learned with practice do not come in a book, nor are they explained at the university, because each software project and each team of people is very different. It may sound cliché, but it is the truth, and it is better to accept it and avoid formulas, because building a solid software product that can grow over time is not trivial at all.

In this article, I am going to talk about our experience, our evolution over time, but above all, about how our engineering processes work today. I have always believed that the most important part of open source is transparency, and that this should apply to everything, not only to software but also to processes and knowledge in general.

Version control system

It is an essential part of any software project. Today the ubiquitous GIT is everywhere (by the way, not everyone knows that Git is the work of Linus Torvalds, original author of the Linux kernel). A version control system helps, in short, a group of developers work without overlapping their jobs.

When the Pandora FMS project started, I was working without version control, because there were no other people. When some people began to collaborate on it, we realized that a simple shared directory was not worth it, because we were overlapping the code and, yes, making backups to save old versions was not a very efficient method.

The first version control system we used was CVS, which we have been using for eight years or more. Around 2008, we started using SVN (Subversion) another slightly more efficient system and it wasn’t until 2013 when we started using GIT and opened our official repository on Github.

Pandora FMS public repository on Github

Since Pandora FMS has an open source version and an Enterprise version -with proprietary code and commercial licenses- we have two GIT projects, one public on GitHub and the other private, which we manage with GitLab. The GitHub version is in sync with our private copy on GitLab at our offices. Some partners who collaborate with us in developing have access to this private repository, and through an extension of our support application (Pandora ITSM) we share all development planning tickets by releases with some of our partners, so that they can see in real time, the development planning based on “releases” and all the details of each ticket.

GitLab ticket view in Pandora ITSM/em>

Release ticket view

Development methodology used in Pandora FMS

At Pandora FMS, we have been using our own methodology from the beginning, although we have borrowed many ideas from agile methodologies, especially from SCRUM. From a life cycle point of view, we use an adaptation of the Rolling Release methodology

These are some important definitions when defining how we work, some of them come from Scrum, others from other methodologies.

Objectives of Pandora FMS work methodology

The objectives involve not only the development members, but also QA, the documentation team and part of the marketing team:

• • Maximum visualization: The entire team must see the same information, and it must flow from bottom to top and from top to bottom. By sharing objectives we will be able to do a more effective job.
  • What is not seen does not exist, which implies that all information relevant to the project must be reflected in the management, implemented with Gitlab. What is not seen does not exist, and what does not exist will not be taken into account for any purpose. Strictly following this methodology will allow everyone to be very aware of the planning:

-Strict deadline compliance.

-Advance planning without last minute modifications.

-Clearer information and in due time.

-Elimination of work peaks and etc.

• Integrity,, with an increasingly large and complex project, it is imperative to keep integrity during development. All code must follow standards..

Ticket

The ticket is the minimum work unit. There is a single person responsible for its completion and it is planned to be carried out in a milestone (version release).

A ticket is the way in which the development work is broken down, so a big feature will be made up by different tickets, on which ideally several people can work.

The ticket must contain a functional or description of the requirements, which can include diagrams, specifications, interface diagrams (mockup), test sets, examples, etc. In some cases it may even contain the analysis and design of the whole solution.

A completed ticket must perform as specified in the functional document (ticket) and the changes that have been made to these specifications must be reflected in the ticket.

The functional is key so that QA can validate a ticket or not. QA will have to reopen a ticket if it does not meet any of the functional aspects.

Members and working groups

Product Owner (PO)

The PO defines where Pandora FMS has to go, in contact with customers, support and
the “real” market situation, providing technical and functional guidelines but without getting involved in development as such.

Product Committee

Group of people who will meet permanently with the PO to agree where the product is going to, trying to ensure that all PO decisions are collegiate. It is made up of the leader of each Development, QA, Support, Projects and Documentation team.

Development Manager (DM)

The DM will manage the entire development cycle: define milestones, priorities, manage
individually all members and make operational decisions. The DM reports exclusively to PO and is the leader of the development team.

Development Team

They are in charge of the development of large features and product improvements, complete code refactoring, change development (small features), bug fixes and product maintenance improvements.

QA Team

They verify that each development atomic unit works as defined in the
specifications. They will also create and maintain an ecosystem of automated testing for both backend and user experience.

Support Team

They are the ones who deal directly with the client solving issues. Their experience with the product’s day-to-day means that their opinions must be taken into account, that is why they are part of the product committee.

Project team

They implement it on the end customer and are the ones closest to the customer, since they are often there before the project exists, and they usually offer ideas and all kinds of features in hand, for all purposes they are the “speaker” of the commercial department, therefore they are part of the product committee.

Training and Documentation Team

Responsible for training and the product’s documentation. They coordinate with the marketing team and the translation team.

Remote working

All team members (development, QA, documentation) telework freely. In fact, developers from Europe, Asia and America participate in Pandora FMS, and within Spain they are distributed throughout the national territory. We are a 100% distributed and decentralized company, although with traditional hierarchies.

In order to telework, we need each member to take responsibility for their work, be autonomous and commit to planning. Teleworking entails minimizing the need for oral communication and physical personal meeting, replacing them not with teleconferences, but with a precise use of the tools of the development process.

Development watch-keeping

A developer on the team is especially devoted to solving incidences involving code, in permanent connection with the support team (from 8 am to 8 pm, CEST). This allows not only to have maximum agility when solving a problem on a client, but also code changes are integrated into the code repository in an organized way.

Ticket creation and classification process

Any member of the company (including salespeople) can create a ticket in GitLab. This includes customers and partners, although in their case there is a prior filter by the support team and the sales team respectively.

The more detailed the ticket, the more unequivocal the development will be. Add images, gifs, animations and all the necessary clarifications. As well as the way to access the environment where the problem has been found or the contact persons. A developer will never contact a customer directly. If there is the need to interact with them, it will be done through the support or project team.

Nobody, except for the DM or PO, can change a ticket milestone. On creation, the ticket will not have an assigned milestone or assigned user. The task of defining which release a ticket belongs to is the responsibility of PO and DM exclusively.

When a ticket is finished and the developer thinks it should be reviewed by a colleague, they mention it in the merge request through @xxxxx. The review must be nominal. This review is independent of the code review carried out by the department manager.

General ticket workflow

• The ticket is assigned to a programmer by the DM. If it does not have a ticket assigned, the ticket will be auto-assigned. (See below the terms that regulate this system).
• The developer must understand/solve any questions that may arise after reading the functional document, if necessary, check with the DM or the author of the ticket. This must be done before starting to develop. Once read, you must, in order:

1. Evaluate (by assigning labels) its complexity and size, reaching a prior consensus with the DM.
2. Develop the feature following the ticket specifications
3. Document everything developed in the same ticket or, if required, in a new documentation ticket. This ticket must relate to the “parent” ticket by ticket #ID.
4. The developer must test its functionality at least in:
   -standard docker development environment
   -docker development environment with data.

• When it is deemed complete, it will be tagged ~ QA Pending and placed in the hands of QA.
• For each FEATURE ticket, there will be a reference person, generally from projects, support or even the PO itself. This person will be the one who will define part of the functional (together with the DM and PO), but above all, this person will be the reference person for the developer to ask any details during development, and most importantly, should see the development progress, step by step, so that it is validated.
• Any change to the functional will be reflected by the reference person in the ticket as comments, without altering the original functional.
• If there is a child documentation ticket, QA will validate the ticket using the documentation generated by the reference person, NOT by the functional of the ticket, validating the documentation and the feature at the same time.

Release planning

When creating a ticket, the milestone must be empty (not assigned) like the user. The only ones that can classify a ticket are: DM and PO.

A series of milestones have been defined to support the ticket classification process, some of them, those dated (releases), can be seen as milestones, while the rest should be seen as simple ticket containers.

• (Not allocated): It is the absence of milestones in a ticket. For all intents and purposes, this ticket “does not exist yet.” The DM and PO will validate each and every one of these tickets to see if they make sense in the product roadmap. No developer should take any of these tickets.
• Feature backlog: Tickets that will be made at some indeterminate time in the future that sooner or later will have to be addressed. No developer should take any of these tickets.
• Low priority bugs: Reported bugs with no priority assigned yet by PO/DM. No developer should take any of these tickets.
• STAGE: Tickets proposed by each department for planning in a product release. At each planning meeting, these tickets will be discussed, and moved to other milestones. At the end of the cycle start meeting, this milestone should be empty. The DM is the one who has the final decision as to which STAGE tickets are assigned to a certain release and which are not, relying on the product committee if necessary. No developer should take any of these tickets.
• XXX: Release XXX. Milestone that groups a series of tickets that will be released on a certain date. A milestone has a deadline associated with it. In the case of RRR releases, this date could change, in the case of LTS not.

1. The development of the tickets associated with a release must be finished 5 days before the scheduled day for the release. Tickets not completed before that date will be delayed to the next release and the delay will have to be justified to the DM.
2. There are two types of release milestones:
   -LTS: in April and November. They are 6 months apart.
   -Regular Releases (RRR): There will be 2 to 4 regular releases between LTS releases.

• A developer with no assigned tasks for a release, as long as there are no pending assignment tickets in the release milestones for the developer’s team, can take one of the unassigned tickets from:
  -The closest release, based on date.
  -Second closest release, based on date.

CICD

Pandora FMS developers integrate the code of their branches in a central repository several times a day, causing a series of automatic tests to be executed whose objective is to detect faults as soon as possible and improve the quality of the product.

These tests run dynamically in a series of executors or “runners”, some of them specific, for certain architectures (e.g., ARM), that execute static code analyzers, unit tests, and activate containers to carry out integration tests in a real installation of the application.

The generation of Pandora FMS packages is completely automated. Packages are generated every night from the development branch for manual testing. They can also be generated on demand by any developer or member of the QA or support teams, from any branch through the GitLab web interface.

When a release is made from the stable branch, in addition to package generation, a series of steps are executed that deploy them to Ártica’s internal package server, to SourceForge, to Ártica’s customer support environment, and that, likewise, update the Debian, SUSE and CentOS repositories along with the official Docker images.

Proactive Monitoring in Digital Transformation Times

by Guillermo Sánchez | Last updated Jun 10, 2021 | Tech

Pandora FMS is a proactive, advanced, flexible and easy-to-configure monitoring tool according to each business. Pandora FMS integrates with the needs of the business, being able to monitor servers, network equipment, terminals and whatever is necessary.

In this article we will focus on monitoring using Pandora FMS, bearing in mind the new reality, which has arrived to stay, known as “Digital Transformation”.

Digital Transformation

First of all, let’s start by understanding what Digital Transformation is all about, a widely used term, but at the same time somewhat confusing for many people, due to its broad definition.

Digital transformation is a concept that encompasses the integration of the different technologies, used in the different areas of a company, fundamentally changing the way it works and delivers value to its customers. It is also a cultural shift that requires organizations to constantly challenge the status quo, experiment, and feel comfortable with the change.

It is not new that technology advances faster and faster generating a constant challenge, that is why we must be on the watch for these advances, to be able to adopt new technologies and achieve the cycle of “Continuous Improvement”, taking advantage of the tools that allow us to be more and more efficient.

As part of this change, there are key technologies that allow us to digitize our information and adapt to this new reality that is here to stay.

• Cloud Computing (Amazon AWS, Microsoft Azure, Google Cloud): It gives your organization faster access to the software it needs, new features and updates, as well as data storage. Cloud computing allows you to be agile enough to transform quickly.
• Information technology: It allows an organization to focus its investment on talent, research and development, and customized solutions that support the requirements and processes that differentiate it in the market.
• Machine learning and artificial intelligence technologies: They provide organizations with more accurate information for decision-making on sales, marketing, product development and other strategic areas.
• Other technologies that drive business transformation are: blockchain, blockchain, augmented reality and virtual reality, social networks, and the Internet of Things (IoT).

Since the beginning of computing, companies had at least one server/computer as part of their daily tasks. This implied additional tasks such as: technical support, and infrastructure maintenance.

Some years ago, it was common to find email servers, installed in the company, generating the great challenge to keep a critical service, like this one, running 24/7. Today there are private cloud solutions such as: Microsoft 365 or Google Apps, that allow you to have email with a very high SLA, without the need for your own infrastructure, using the service as SAAS (Software as a Service).

To understand where we are at and where to start, with the digital transformation process, we are going to explain the four most common infrastructure scenarios:

On-Premise (Local Infrastructure): Servers that work in the company and require a great effort to maintain them.

IaS Cloud (Infrastructure as a Service): In this scenario, virtual machines can be run in the cloud, such as, for example, a Windows Server, some Linux distribution where you install the essential tools to use the corporate application that you need to use. The provider ensures the availability of the virtual machine and the company is responsible for the software that is installed. In this case, Amazon AWS, Microsoft Azure, Google Cloud, etc. can be used.

PaaS Cloud (Platform as a Service): Services that work in the cloud and that have a platform such as: SQL Server, Oracle, SAP, Docker, Etc.

SaaS Cloud (Software as a Service): Services that work in the cloud and have a management tool, such as Exchange Online, Google Apps (Corporate Gmail), OneDrive, Google Docs, Etc.

After this introduction, we are going to understand the value of Pandora FMS for any of the previous scenarios, at the time of Digital Transformation.

Some time ago, we already published an article on this blog with the installation script for IaS Cloud. As a requirement you need to have a Virtual Machine with CentOS 7, which has 2 GB of RAM and 20 GB of Disk.

Executing the following command: curl -Ls https://pfms.me/deploy-pandora | sh on a computer that has an Internet connection, you will obtain an installation of Pandora FMS Community in an On-Premise scenario or in the cloud that you use:

https://pandorafms.com/community/get-started/

For the Enterprise version, we have a Free 30-day Trial. Request it here!

Now that you know that you can install Pandora FMS in the scenario that is most convenient for you, we are going to see which are the required ports to be able to use the tool from a public cloud:

With this configuration you can use Pandora FMS key features. We are going to see just a few of them. Very useful for this reality of continuous changes.

Remote Configuration, Policies and Collections: With this configuration you can make all the changes on the monitoring agents, using Pandora FMS web console, being able to build the Agent Plugins and distributing them in a centralized and simple way.

Agents with Remote Configuration

Satellite Server: A very interesting possibility is to set up an agent with advanced features. It allows you to discover the different remote networks, servers, and network computers, using ICMP, SNMP and WMI protocols. It is not necessary to open any ports on the firewall, where the Satellite Server is installed. You have the possibility of reaching Pandora FMS server with port 41121 TCP Tentacle and, for example, remotely monitor the devices from the different locations and/or branches.

Several Satellite Servers, reporting to a console in Azure

Ubiquiti AP UC-AC-LR (Satellite through SNMP)

Pandora FMS Ubiquiti AP UC-AC-LR Web Console

https://pandorafms.com/docs/index.php?title=Pandora:Documentation_es:Arquitectura#Servidor_Sat.C3.A9lite

Finally, and as a complementary tool, you can count on the possibility of having usage and consumption metrics in the cloud, from the “Discovery” option, or with add-ons from the Enterprise library.

Discovery Cloud View

At the time I wrote this article, the clouds supported by Pandora FMS were:

*It is possible that new cloud technologies will be added over time.

In the next tree view you can see some of the metrics that we have available for AWS and Azure. In this view, you can see the status of the virtual machines, the consumption of Network, Memory, etc.
All these parameters are configured according to the specific needs of each client.

https://pandorafms.com/docs/index.php?title=Pandora:Documentation_en:Discovery#Discovery_Cloud (Discovery Cloud Documentation)

Finally, Microsoft 365 cloud has an API to be able to monitor the health status of its services. Pandora FMS has a plugin in the Enterprise library that allows you to collect data from the Microsoft 365 API.

https://pandorafms.com/library/pandora-office-365-monitoring/

Partial View of Microsoft 365 Services

I hope this article was useful for you to understand what the best monitoring scenario for your company is.

Everything you need to know about Office 365 Monitoring

by Guillermo Sánchez | Last updated Jun 10, 2021 | Tech

Do you know everything about Office 365 Monitoring?

Microsoft Office 365 Monitoring (Known as Office 365)

Pandora FMS is a proactive, advanced and flexible monitoring tool which is also easy-to-configure according to each business and their needs. It can be integrated into all the needs of servers, network computers and terminals. Besides, in a world where the cloud has taken more prominence, it can also monitor its services or computers.

In this article, we will focus on Office 365 monitoring from Pandora FMS using the module available in the Enterprise library.

https://pandorafms.com/library/pandora-office-365-monitoring/

What is Office 365?

Microsoft 365, also known as Office 365, is the tool conceived by the giant Microsoft that allows you to create, access and share documents online with different users in Word, Excel, PowerPoint and OneNote, among others. To that end, you only need to have access to the Internet and have OneDrive of course.

Microsoft 365 offers different packages, depending on the size of your company or the number of users who will make use of these services. In addition, users may choose between three types of packages: for private use, for businesses or for students or teachers. Each one has its own features (number of users, integrated programs, space…) and it is offered at different prices accordingly.

Microsoft 365 Health

Microsoft 365 provides a page to see the health of cloud services. You may take a look at the following url:

https://status.office365.com

You may observe the health status of the services in Microsoft 365

What we can see is that, on demand, we can find out in what state the services are, but by having Pandora FMS, we will be able to improve this overview and also have all of this information and generate alerts about the services that may be essential for the daily work or tasks of our company.

Microsoft 365 in Pandora FMS

In order to carry out Office 365 monitoring, what we need is to be able to see the services in our Pandora FMS WEB console, as exemplified in the following image:

To get that result, we are going to use the Enterprise library module . But first, let’s take a look at the requirements you need to meet to achieve our goal:

• In Pandora FMS Environment: The plugin server must be enabled, Python 3.8.
• In Microsoft 365: Read permissions are required for the o365 API.

• Know the following Authentication data: TenantID, ClientID, Secret

The plugin is designed to run as a server plugin but can be run on an agent using module_plugin with no issues at all.

Script Running

So that you can notice, very simply, how the script is executed, we are going to see an example of that, where we will execute its binary version with the following command:

pandora_o365 -c xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx -t xxxxxxxx-xxxxx-xxxx-xxxxx-xxxxxxxxx -s xxxxxxxxxxxxxx~xxxxxxxxxx~xx~xxxxx

When executing the script, if the ClientIT, TenantID and Secret values are correct, we will get the following response:

Finding out the status of the services from Pandora FMS

We already have Microsoft 365 service agents, to finish up this idea let’s look at a service on Microsoft 365 health page and what it looks like in Pandora FMS.

Microsoft 365 Health Page:

We clearly see that there is a service degradation.

Health in Pandora FMS:

We check and verify that, indeed, we have the same information and that with these texts it is very easy to define alerts on the status of the different services.

Log collection

If we have Pandora FMS Syslog Server feature enabled, we can save all the issues that take place in Microsoft 365. For this, just add the parameter -l in the execution of pandora_o365 module -c xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx -t xxxxxxxx-xxxxx-xxxx-xxxxx-xxxxxxxxx -s xxxxxxxxxxxxxx ~ xxxxxxxxxx ~ xx ~ xxxxx -l

That way you can save, very easily and with no issues at all, Microsoft 365 incidences in Pandora FMS.

That way, you may now proactively monitor all Microsoft 365 services. And we achieved our goal, Office 635 monitoring is ready to work!

Would you like to find out more about what Pandora FMS can offer you? Find out clicking here .

If you have to monitor more than 100 devices, you can also enjoy a FREE 30-day Pandora FMS Enterprise TRIAL. Installation in Cloud or On-Premise mode, you choose!! Get it here !

Last but not least, remember that if you have a reduced number of devices to monitor, you can use the Pandora FMS OpenSource version. Find more information here .

Do not hesitate to send us your questions. Pandora FMS team will be happy to help you!

And if you want to keep up with all our news and you like IT, releases and, of course, monitoring, we are waiting for you in our blog and in our different social media, from Linkedin to Twitter not forgetting of course Facebook . We even have a YouTube channel, and with the best storytellers.

What is Synthetic Transactional Monitoring?

by Rafael Ameijeiras | Last updated May 6, 2025 | Tech

In the IT world, basic monitoring is an essential practice for overseeing servers, networks, and applications. Whether through logs, custom scripts, or specialized tools like Pandora FMS, it provides an overview of the infrastructure‘s health and helps detect performance or availability issues.
However, having all indicators in green does not always mean everything is working perfectly. Sometimes, end users still report issues: a website that takes too long to load, a transaction that does not complete, or processes that intermittently fail. Even worse, if these problems affect key transactions, they could lead to financial losses or user frustration.
Waiting for users to detect and report failures is not an option. This is where transactional synthetic monitoring comes into play, a proactive solution that simulates user behavior and detects issues before they take place.

What is transactional synthetic monitoring?

Transactional synthetic monitoring is a technique that simulates user interaction with an application or digital service using predefined scripts. Its main advantage is that it allows you to detect issues without the need for real users interacting with the system.
This approach allows for:

• Simulating key transactions such as logins, purchases, payments, or information searches.
• Detecting availability and performance issues before they impact end users.
• Testing specific scenarios such as high traffic loads or failures in external components.
• Automating tests in different environments, suppressing the need for real users to validate the system’s functionality.

Thanks to synthetic monitoring, companies can ensure that their digital services work properly, even before users interact with them.

Why traditional monitoring is not enough?

Conventional monitoring oversees the status of networks, servers and applications, but it does not always reflect what end users experience. Some situations where synthetic monitoring is crucial include:

• All indicators are green, but users experience issues: A server may be operational, but a webpage may not load properly.
• Errors that only appear under certain conditions: For example, a payment failure that only takes place when users select a specific currency.
• Difficulty in identifying bottlenecks in critical transactions: Without active simulations, it is hard to pinpoint which part of the process affects conversion or user satisfaction.

Differences Between UX and WUX in Pandora FMS

Pandora FMS allows for the implementation of synthetic monitoring in two specialized environments:

• WUX (Web User Experience): It simulates web transactions using Selenium, allowing for the evaluation of load times, availability, and errors across different browsers.
• UX (User Experience): It simulates interactions in Windows desktop applications, validating execution times, stability, and potential failures.

Both solutions generate detailed reports, real-time alerts, and screenshots in the event of failures, providing a comprehensive view of the performance of digital services.

Key Advantages of Synthetic Monitoring

Implementing a synthetic monitoring strategy offers multiple advantages:

• Early detection of failures: It identifies issues before they impact end users.
• Performance optimization: It improves the digital experience and reduces load times.
• Automation of regression testing: It ensures that new software versions do not add failures.
• Reduced support costs: By detecting errors before users report them, incidents are minimized.
• Evaluation under different conditions: It allows testing scenarios with varying traffic loads and geographic locations.
• Integration with observability: It complements traditional monitoring tools, providing a more comprehensive view.

How Synthetic Monitoring Works in Pandora FMS?

Pandora FMS allows you to configure a synthetic monitoring environment with the following steps:

• Transaction Recording: The user’s navigation or interaction is recorded using Selenium IDE, capturing every step of the process.
• Configuration in Pandora FMS: The recording is integrated into WUX or UX, setting up the monitoring criteria.
• Automated Execution: Transactions are executed periodically to detect potential failures.
• Result Analysis: Detailed reports are generated with performance metrics, response times, and detected errors.
• Real-time Alerts: If a failure is detected in a critical transaction, Pandora FMS immediately notifies to make intervention possible.

Advanced Synthetic Monitoring with Pandora FMS

Pandora FMS offers a set of advanced tools for synthetic monitoring, enabling proactive supervision of the performance and availability of digital services.

• Web and Desktop Monitoring: Support for web transactions with WUX and execution of tests on desktop applications with UX.
• Automation with Selenium 4: Integration with Selenium for simulating scenarios across multiple browsers.
• Distributed Execution with Docker: Ability to deploy scalable testing environments through containers.
• Transaction Segmentation: It allows analyzing the performance of each stage of a transaction individually.
• Testing from Multiple Locations: Simulate traffic from different regions to evaluate global latency and availability.
• Smart Alerts: Real-time notifications for incidents within a transaction flow.
• Advanced Analysis and Reporting: Capture of key performance metrics, visual dashboards, and export of detailed reports.