Pandora: Documentation en: Console Setup

From Pandora FMS Wiki
Revision as of 10:55, 6 June 2014 by Vanessa (talk | contribs) (Visual Styles)
Jump to: navigation, search

Go back to Pandora FMS documentation index

1 Setup by the Console

1.1 Introduction

The console configuration allows you to change and fine tune configuration parameters of the Pandora FMS Console. However, some general parameters are common for the whole application, including the Pandora FMS Servers and could affect the application's main performance.

By clicking on 'Administration' and 'Setup', you're able to configure several options of Pandora FMS, which are going to be explained below.



Setup menu expanded.png



1.2 Setup

By clicking on 'Administration' and 'Setup', you're able to invoke the configuration of the console's general parameters page.



Administration2.png

In this moment, the window below appears on the screen.



Setup1.png



1.2.1 General Parameters


Language Code for Pandora:
It's the combo in which you're able to select the console's main language.

Remote Config Directory:
It's the field intended to identify the directory in which the remote configuration of the agents is stored. It's '/var/spool/pandora/data_in' by default. This feature is only available to Enterprise Versions of Pandora FMS.

Auto-Login (hash) Password:
It defines a static and symmetrical password which is used to create a hash value in order to render the automatic validation by URL possible. It's used to incorporate Pandora FMS into other web applications, provides a user name as a parameter, generated by the user's name by using a hash. This password allows an automated validation within Pandora FMS without the need of having to introduce a password. In order to see an example of this integration, please take a look into the file named '/extras/sample_login.php' from the Pandora FMS console.

Time Source:
The combo in which you're able to select the origin of the date and hour between the database and the system. The first one is used if the database is located on a system different from the console's.

Automatic Check for Updates:
The field in which the automatically conducted update check for the Open Update Manager is configured. This function causes the console to contact the Pandora FMS Update Server at Artica ST each time you start the session and sends anonymous information about your Pandora FMS usage (just your number of agents).

Enforce HTTPS:
The field which allows you to force a re-addressing to HTTPS. If you enable it, you're required to activate the use of Pandora FMS in conjunction with HTTPS within your web server. If you've enabled it and you haven't properly configured your Apache to use HTTPS before, you're unable to access the web console again. In this situation, you'll have to disable the HTTPS option again by going straight to the database, using MySQL and the following SQL syntax:

update tconfig  set `value` = 0 WHERE `token` = 'https';

Attachment Storing:
The attachment directory is used as a temporary folder for Pandora FMS. All attached incident data are also stored in this folder. It's located under '/var/www/pandora_console/attachment' by default. You're required to have writing rights for the web server. The map's images and other temporary files are stored there, too.

List of IPs with access to the API:
This is a list of IP addresses (not FQN and one per line) which are going to have access to the Pandora FMS web-services API and other minor functions like the RSS event feed or the marquee view. You may use '*' as a wild card in order to define 'any' IP address and e.g. '125.56.24.*' in order to grant access to all hosts within the '125.56.24.*' subnet.

API Password:
It's the authentication method used to access the Pandora FMS API from the outside. Please read the section named Pandora FMS External API. in order to obtain more information about this topic.

Enable GIS features in Pandora Console:
The field intended to enable or disable GIS features within the Pandora FMS Console. Please read the section named GIS Console in order to obtain more information about this topic.

Enable Integria incidents in Pandora Console
The field intended to change the Incident System in order to synchronize it to Integria IMS. After enabling it, three new fields for the Integria IMS credentials are going to be displayed within this view.



Administration integria.png

  • Integria URL: The URL of the Integria IMS installation, e.g. 'http://exampledomain.com/integria'.
  • Integria API Password: The API's access password which was set up during the Integria IMS setup.
  • Integria Inventory: The inventory objects of Integria IMS which are going to be associated to incidents, created by Pandora FMS. It's going to remain empty until a connection is established.

Enable Netflow:
The field intended to enable or disable the Netflow feature.

Timezone Setup:
It defines the timezone in the moment the Pandora FMS Console is located. It's also the combo in which it's possible to pick the zone and timezone.

Sound for Alert fired:
It's the combo which was designed to pick the sound for fired alerts.

Sound for Monitor critical:
The combo which was designed to pick the sounds for the situation a module is in 'critical' state.

Sound for Monitor warning:
The combo which was designed to pick the sounds for the situation a module is in 'warning' state.

Public URL Set this value when your Pandora FMS across inverse proxy or for example, with mod_proxy of Apache.

Referrer Security:
For security reasons, it's going to be verified whether the user has started from a Pandora FMS URL or not and the old link isn't an external or malicious link if activated. It's disabled by default. The locations which are considered high-security areas are the following:

  • Database Manager Extensions
  • User Configurations
  • Recon Script Configurations

Refere security.png

Event Storm Protection:
If set to yes no events or alerts will be generated, but agents will continue receiving data.

Command Snapshot The string modules with several lines will be shown as a command output.

Server logs directory Directory where the server logs are stored.

1.2.2 Enterprise

Next are described the fields that you can configure if your version is Enterprise:



Setup3.png



Forward SNMP traps to agent (if exist)

Option that allows that any time that a trap comes, it will be transformed into a Pandora module associated to the agent that has the same IP that the Trap origin IP. (Only enterprise version).

Use Enterprise ACL System

This will activate Enterprise ACL System that is a more flexible system that standard ACL system. See Enterprise ACL system section.

Collection size

This configure maximun size of collections. See Collections section.

Events replication

When the events replication is activated, the received events will be copied to the remote database of a metaconsole.

Inventory changes blacklist

The inventory modules included in the changes blacklist will not generate events when change.

1.2.3 Password policy

1.2.3.1 Introduction

The password policies could be used from Pandora FMS Enterprise version 5.0. It is a group of rules that applies when you create the Pandora user password.This policy could be applied to standard users or to administration users, as we will see after.

1.2.3.2 Configuration

To enable de password policy,you should have administrator permissions.It is configured at Administration > Setup where you can find the section "Enterprise password policy".



Setup pass policy.jpg



The configuration parameters are the following:

  • Enable password policy: Enable/Disable the password policy activation. It is disabled by default.
  • Min. size password: Password minimum size. By default 4 characters.
  • Password must have numbers: The password must have numbers. It is disabled by default.
  • Password must have symbols: The password must have symbols. It is disabled by default.
  • Password expiration: Password expiration period. It is 0 by default (it never expires).
  • Force change password on first login: Force password login in the first login after the user creation.Disabled by default.
  • User blocked if login fails: Minutes that the user is blocked if it exhaust the maximum number of failed attempts. By default, 5 minutes.
  • Number of failed login attempts: Number of allowed failures when logging. By default, 5 attempts.
  • Apply password policy to admin users: Apply the password policy also to administrator users. It is disabled by default.
  • Enable password history: Enable/Disable the activation of the password history. It is disabled by default.
  • Compare previous password: Number of previous passwords that could be not selected for the change of password. By default, 3.

1.2.4 Log collector



Log collector.png



Los parámetros son:

Log storage directory

Directorio donde se van a guardar los datos del log.

Log max lifetime

Tiempo que se van a guardar los ficheros de log.

1.2.5 History database

This section allow you to enable Pandora FMS history database options. This feature allows you to save old data in an auxiliar database. This system accelerates queries and access to data.



History database.png



Here are explained the fields:

  • Enable history database: Enabled history database feature.
  • Host: Hostname of history database.
  • Port: Port of history database.
  • Database name: Database name for history database.
  • Database user: User to access to history database.
  • Database password: Password to access to history database.
  • Days: Number of days since data will be transfered to history database.
  • Step: Size of buffer for data transferring (in number of items). The lower step the slower data transferring, but lower performance reduction on main database. A good default value is 1000.
  • Delay: delay time (in seconds) between data blocks transfer between main and history database. A good value is 2.

1.2.6 Authentication

There are several options:

  • Active directory
  • LDAP
  • Local Pandora FMS
  • Remote Babel Enterprise
  • Remote Integria
  • Remote Pandora FMS


Template warning.png

Due to security issues the users with admin users always use Pandora FMS local authentication

 


1.2.6.1 Active directory

The following screen will appear when you click on this option.



Setup active directory.png



The configuration parameters are the following:


Fallback to local authentication

Enable this option if you want to fallback to a local authentication if the remote authentication Active Directory fails.

Active directory server

Active Directory server address.

Active directory port

Active Directory server port.

Start TLS

Switch ON/OFF Transport Layer Security (TLS) protocol for communications between client and server.

Domain

Active directory Domain to be used.

1.2.6.2 LDAP

When you select this option you will see the following screen.



Setup ldap.png



The fields shown in this screen are described below:

Fallback to local authentication

Enable this option if you want to fallback to a local authentication if the remote authentication LDAP fails.

Autocreate remote users

Enabled/Disabled remote user creation automatically. This option allows Pandora FMS to create the users automatically once the logged in using LDAP. If its enabled the three following fields will be available, if not the fields will be blocked.

Autocreate profile

If automatic remote user creation is enabled, this field makes possible to assign a profile to these users which are create automatically. By default the available profiles are:

  • Chief Operator
  • Group Coordinator
  • Operator (Read)
  • Operator (Write)
  • Pandora Administrator

You can see all available profiles in section Administration > Manage Users > Manage Profiles.

Autocreate profile group

If automatic remote user creation is enabled, this field allows you to assing groups to users created automatically. The default groups are:

  • Servers
  • Firewalls
  • Databases
  • Network
  • Unknown
  • Workstations
  • Applications
  • Web

You can create new groups or list all groups available in section Administration > Manage Agents > Manage Groups.

Autocreate blacklist

An user list, comma separated, which are not allowed to be created automatically.

LDAP server

LDAP server address.

LDAP port

LDAP server port.

LDAP version

LDAP server version.

Start TLS

Switch ON/OFF Transport Layer Security (TLS) protocol for communications between client and server.

Base DN

Distinguised Name (DN) used by LDAP server. For example: ou=People,dc=edu,dc=example,dc=org

Login attribute

Login attribute used by LDAP server during authentication process. For example UID (User Identification Code).

1.2.6.3 Local Pandora FMS

When you select this option no more fields will appear to be configurated.

This options performs authentication using internal database of Pandora FMS.

1.2.6.4 Remote Babel Enterprise

When you select this option the following screen will appear:



Setup authentication remote babel.png



The parameters of this screen are explained below:

Fallback to local authentication

Enable this option if you want to fallback to a local authentication if the remote authentication LDAP fails.


Babel Enterprise host

Babel Enterprise server address.

MySQL port

MySQL port of Babel Enteprise database.

Database name

Babel Enteprise database name.

User

User to access Babel Enterprise database.

Password

Password to access Babel Enterprise database.

1.2.6.5 Remote Integria

When you select this option the following screen will appear:



Setup authentication integria.png



The parameters of this screen are explained below:

Fallback to local authentication

Enable this option if you want to fallback to a local authentication if the remote authentication Remote Integria fails.

Integria host

Integria server address.

MySQL port

MySQL port of Integria database.

Database name

Integria database name.

User

User to access Integria database.

Password

Password to access Integria database.

1.2.6.6 Remote Pandora FMS

When you select this option the following screen will appear:



Setup authentication remote pandora.png



The parameters of this screen are explained below:

Fallback to local authentication

Enable this option if you want to fallback to a local authentication if the remote authentication Remote Pandora FMS fails.


Pandora FMS host

Pandora FMS server address

MySQL port

MySQL port of Pandora FMS database.

Database name

Pandora FMS database name.

User

User to access Pandora FMS database.

Password

Password to access Pandora FMS database.

1.2.7 Performance



Setup performance main.png



The fields of this section are described below:

Max. days before delete events

Maximum number of days before delete events.

Max. days before delete traps

Maximum number of days before delete traps.

Max. days before delete audit events

Maximum number of days before delete audited evetns.

Max. days before delete string data

Maximum number of days before delete string data.

Max. days before delete GIS data

Maximum number of days before delete GIS data.

Max. days before purge

Maximum number of days before purge database. This parameter is also used to specify max. number of days before deleting inventory data.

Max. days before compact data

Maximum number of days before compact data.

Compact interpolation in hours (1 Fine-20 bad)

This is the length of the compact interval in hours. For example, a module with an interval of 5 minutes generates 288 values per day. If this interval is set to 2, data will be grouped in 2 hour intervals and averaged, resulting in 12 values per day instead of 288. The higher this value, the less the resolution. A value close to 1 is recommended.

SLA period (seconds)

Default time, in seconds, to calculate SLA in agents SLA tab. Calculates the SLA automatically in modules defined in an agent based on Critical or Normal values.

Default hours for event view

Default number of hours for event filter. If the value is 24 hours, the event views will only show the events which happened in the last 24 hours.

Use realtime statistics

Enabled/Disabled real time statistics.

Batch statistics period (secs)

If realtime statistics are disaabled, here you define the refresh time for batch statistics.

Use agent access graph

Agent access graph, renders the number of agent contacts per hour in a graph with a daily scale (24h). This is use to know the frecuency of contact for each agent. It could take a long time to processs the date, so if you have low resources its recommended to disable it.

Max. days before delete unknown modules

Maximum number of days before delete unknown modules.


Max. recommended number of files in attachment directory

Maximum files stored in attachment directory.

1.2.8 Visual Styles



Set1.png



The configuration parameters are described below:

Date format string

Date format. You can see all options in console help.

Timestamp or time comparation

Defines which date/hour is used. («Timestamp in rollover») system timestamp or («Comparation in rollover») database timestamp. Its very useful when database belongs to another system different from console.

Graph color (min)

Color for minimum value in module graphs.

Graph color (avg)

Color for average value in module graphs.

Graph color (max)

Color for maximum value in module graphs.

Graphic resolution (1-low, 5-high)

Defines the graphic resolution.

Style template

Defines the web style of Pandora FMS console. You can add new skins or templates by including CSS files in folder include/styles.

Block size for pagination

Pagination block size.

Use round corners

Switch ON/OFF round corners of progress bar and other Pandora FMS graphics.

Status icon set

This combo allow you to select the icons used to visualize module status. By default the colors: red, yellow, and green are used. If users with color blindness you can replace the colors by other conceptual icons which allow you to diferentiate module status.

Font path

Font selector combo. This TrueType font is used in Pandora FMS graphics.

Font size

Font size of Pandora FMS graphics font.


Custom logo (Only OpenSource version)

This options allows you to show your logo in Pandora FMS console header. You can use any PNG picture. There is a default size for picture 60x139 pixels.

You can upload your logo using file manager to path /images/custom_logo directory.

Global default interval for refresh

This parameter sets the globla refresh interval, it will affect to all pages except Visual Console.

Default interval for refresh on Visual Console

This parameter sets the refresh interval for Visual Console pages.

Graph colour #4 .. Graph colour #10

These colours are used in Pandora FMS graphics.

Interval values

This parameter sets interval values.

Interactive charts

Whether to use Javascript or static PNG graphs.

Login background

You can place your custom images to the folder images/background.

Agent size text

Cuando el nombre del agente es demasiado largo, en algunas secciones de Pandora FMS se trunca el texto mostrando los N primeros caracteres.

Module size text

Cuando el nombre de los módulos es demasiado largo, en algunas secciones de Pandora FMS se trunca el texto mostrando los N primeros caracteres.

Description size text

Cuando la descripción es demasiado larga, en algunas secciones de Pandora FMS se trunca el texto mostrando los N primeros caracteres.

Item title size text

Cuando el título es demasiado largo, en algunas secciones de Pandora FMS se trunca el texto mostrando los N primeros caracteres.

GIS Labels

Activar los labels con el nombre de agente en los mapas GIS. Conviene desactivar esta opción cuando se tienen muchos agentes en un mapa. De esta forma es más legible.

Default icon in GIS

Icono por defecto para los agentes en los mapas GIS.

Autohidden menu

Al activar esta opción, se minimiza el menú lateral.

Custom report's front page

Aplicar portada a informes y plantillas.

Paginate module view

Activar paginación en listado de módulos.

Show QR Code icon in the header

Mostrar código QR en la cabecera.

Custom graphviz directory

Directorio donde se almacenan los binarios graphviz.

1.2.9 Netflow



Setup netflow.png



A continuación se describen los campos que se pueden configurar:

Data storage path

Directorio donde se almacenan los datos Netflow

Daemon interval

Intervalo de tiempo en segundos para renovar datos netflow.

Daemon binary path

Ruta de nfcapd

Nfdump binary path

Ruta de Nfdump

Nfexpire binary path

Ruta de Nfexpire

Maximum chart resolution

Resolución máxima de las gráficas


Disable custom live view filters

Deshabilitar los filtros personalizados.

Netflow max lifetime

Tiempo máximo de los datos netflow.

1.3 File Manager

File Manager is a very useful tool to upload files to Pandora FMS. From Administration > Setup > File Manager you access to file manager page of Pandora FMS.



Setup file manager.png



You will see the following screen.



Set2.png



In this section its shown the content of "images" folder inside your Pandora FMS installation.

You could browse through directories, create folders, create files and even upload files from your local hard disk and also download files.

Yo do that you must use the following buttons.



Setup file manager buttons.png



This buttons are: create folder, create text file and upload file.

1.3.1 Create folder



Setup file manager create folder.png



After click on create folder button the field above above will appear.

Just enter the name of the folder and press "Create" button. If you click on "Close" button this dialog will close.

1.3.2 Create text file



Setup file manager create textfile.png



After click on create file button the field above above will appear.

Just enter the name of the file and press "Create" button. If you click on "Close" button this dialog will close.

1.3.3 Upload files



Setup file manager upload file.png



After click on update file button the field above above will appear.

Just press on "Browse" button and browse your local disk, select the file you want to upload.

It is possible to upload several files at once. By selecting a zipped file and if you select the "Decompress" option. The file will be unzipped and all your files zipped inside will appear in the folder.

1.4 GIS map connection

In Pandora FMS is possible to follow the agent location using interactive maps. Inside this section you can configure all parameters related to connection to GIS map provider. For example OpenLayers of Google maps.

You can find all documentation about GIS in this section GIS Console.

1.5 Links

From Administration > Setup > Links you access to link manage page of Pandora FMS console.



Setup links.png



You will see the following screen:



Setup links main.png



The process to create or update a link is very similar.

To create a new link click on "Add".

To update a link click on link name.

Both situations show the same screen. In the first case the screen is empty and in the second situation the screen shows the data of the link to be modified.



Setup links create new.png



Link name: Link name.

Link: link address.

After all fields have been filled you must click on "Create" or "Update" buttons to create or modify the link.

To delete a link just click on the red cross in the same row of link you want to delete.

1.6 Site news

From Administration> Setup>Site news it is possible to add news which appear in console home page.



Set5.png



To create a news click on "Add" and the following page will appear:



Set6.png



Write the title and text for this news and click on Update. It's possible to delete a news by clicking in the red cross on its right or editing a news by clicking on its name.

1.7 Edit OS

In this section you can edit or create new Operating System.



Edit os1.png



To create/edit an Operating System you will use the following view.



Edit os2.png



The fields to fill are the following:

  • Name: OS name.
  • Description: OS description.
  • Icon: OS icon.

1.8 Enterprise ACL Setup

This feature is explained in section Enterprise ACL System.

1.9 Metaconsole

This feature is explained in section Metaconsola.

1.10 Skins

This feature allows you to customize the look of Pandora FMS console interface. This is made through changes in CSS style files and the icons associated.

To create a new skin you must replicate the folder structure of console:

  • images: this folder will have skin icons and images.
  • include/styles: this folder will have the CSS files of the skin.

An skin called Example will have the following structure:

 Example/
 |
 |_______images/
 |
 |_______include/
            |
            |_________styles/
          

This structure will be inside the path <pandora_root>/images/skin. All file structure and the content must be compressed in a zip file.

A skin could be applied to two levels:

  • Usuario: Only for the user..
  • Grupo: Applied to all user that belong to this group.

If an user has a skin for itself and the group it belongs another one, the user skin has higher priority.

This is the view to access to available skins:



Skins 1.png



To create/configure a skin you will use this view:



Skins 2.png



Here are explained the configuration fields:

  • Name: Skin name.
  • Relative Path: During creation, this field will ask you to upload the zip file. During modification, this field will contain the name of zip file uploaded.
  • Description: Skin description.
  • Group/s: Groups assigned to this skin.
  • Disabled: Disable skin that won't apply to any user.

1.11 Pandora FMS Diagnostic Tool

Tool to detect an instalation profile of Pandora FMS. It will show information such as: Pandora version, PHP version, database volumetry information, etc



Diagnostic tool.png



1.12 Update Manager Settings

This feature is explained in section Update manager.

1.13 System info

This tool is an extension which allow you to see logfiles using Pandora FMS console. You can see information about Pandora Diagnostic Tool, information about the system and logs. It is possible to execute using command line but you must be root. For example:

 sudo php /var/www/pandora_console/extensions/system_info.php -d -s -c

1.14 Translate string

This extension is explained in section Translate string.

2 Updating languages

To update any language of Pandora FMS console you only need to go to Launchpad translation download page ([1]), select the languages you want to update and the MO file format, then click on Request download button and wait for an email with indications and place to download the files. Once you have downloaded the files you must copy them into folder:

/include/languages/

of Pandora FMS console, and your languages are updated.


Info.png

To download the translations you need to create an account in Launchpad

 


Go back to Pandora FMS documentation index