Difference between revisions of "Pandora: Documentation en: Discovery"

From Pandora FMS Wiki
Jump to: navigation, search
(Import a list of your devices in CSV)
Line 819: Line 819:
 
[[File:hostdevices7.png|800]]
 
[[File:hostdevices7.png|800]]
 
</center>
 
</center>
 +
 +
 +
==Despliegue automático de agentes==
 +
 +
{{WIP}}
 +
 +
A partir de la versión 737 de Pandora FMS es posible desplegar agentes desde la consola utilizando la '''central de despliegues'''.
 +
 +
[[File:Depl1.png]]
 +
 +
 +
Los pasos para desplegar agentes desde la consola son:
 +
 +
'''Registrar las versiones de agentes software a desplegar en el repositorio de agentes.'''
 +
 +
Necesitará los instaladores de los agentes que quiera desplegar a lo largo de su infraestructura. Puede utilizar agentes personalizados.
 +
 +
Para más información acerca del uso del '''repositorio de agentes''' visite [http://https://pandorafms.com/docs/index.php?title=Pandora:Documentation_es:Discovery este enlace]
 +
 +
 +
'''Registrar las credenciales que se utilizarán para conectar a los objetivos en el administrador de credenciales.'''
 +
 +
Deberá especificar las credenciales con las que se testearán los accesos a los objetivos encontrados o especificados.
 +
 +
Para más información acerca del '''almacén de credenciales''' visite [http://https://pandorafms.com/docs/index.php?title=Pandora:Documentation_es:Discovery este enlace]
 +
 +
 +
'''Confirme que su entorno está preparado para el despliegue.'''
 +
 +
La primera vez que visite la central de despliegues verá los siguientes avisos:
 +
 +
[[File:depl_info1.png]]
 +
 +
Este mensaje indica que todavía no se han definido objetivos para el despliegue.
 +
 +
 +
[[File:Depl_info2.png]]
 +
 +
En estos mensajes se indica:
 +
 +
El primer mensaje le indica que deberá configurar la URL de acceso público ''public_url'' para que los objetivos puedan conectar con la consola y configurarse.
 +
 +
{{Warning|Este sistema no realiza operaciones tipo PUSH; todos los despliegues se transmiten ''ofertando'' el software y ordenando al objetivo instalarlo.}}
 +
 +
 +
En el segundo se indica que aún no ha agregado ningún instalador al repositorio de agentes. Deberá registrar instaladores para desplegar el software.
 +
 +
 +
 +
 +
====Búsqueda de objetivos====
 +
 +
'''Buscar o indicar los objetivos en la central de despliegue.'''
 +
 +
Utilice cualquiera de los métodos descritos a continuación para registrar nuevos objetivos.
 +
 +
Puede utilizar cualquiera de las siguientes opciones para definir objetivos:
 +
 +
[[File:Depl_action_buttons.png]]
 +
 +
 +
 +
===== Escanear una o varias redes en busca de objetivos.=====
 +
 +
Al pulsar el botón de escanear objetivos se mostrará un pop-up con los siguientes campos:
 +
 +
[[File:Depl2.png]]
 +
 +
 +
Deberá indicar:
 +
 +
* La red o redes (separadas por comas) a escanear.
 +
* El servidor Discovery que realizará el escaneo.
 +
* Las credenciales que se utilizarán para intentar conectar con los objetivos descubiertos.
 +
* La versión del agente software que se registra como ''deseada'' para los objetivos descubiertos.
 +
* La IP del servidor objetivo donde apuntarán estos agentes software cuando se instalen (se corresponde con el campo ''server_ip'' del fichero de configuración del agente).
 +
 +
 +
Cuando pulse 'Escanear' recibirá una confirmación, con un enlace que puede seguir para consultar el progreso de esta tarea.
 +
 +
[[File:Depl_info3.png]]
 +
 +
 +
En la lista de tareas aparecerá una nueva entrada:
 +
 +
[[File:Depl2b.png]]
 +
 +
 +
{{Tip|Las tareas de Discovery relacionadas con el despliegue de agentes son tareas '''volátiles'''. Una vez concluidas se eliminarán automáticamente. La información acerca de un escaneo o despliegue, tanto satisfactorio como erróneo, podrá consultarla desde la propia central de despliegues.}}
 +
 +
 +
 +
Según vayan encontrándose posibles objetivos, irán apareciendo en la central de despliegues:
 +
 +
[[File:Depl3.png]]
 +
 +
 +
{{Tip|Los objetivos descubiertos agregados a esta lista son todos los dispositivos encontrados cuyo sistema operativo coincide con Windows o sistemas basados en Linux/Unix, independientemente de que se hayan encontrado credenciales válidas o no}}
 +
 +
 +
 +
 +
=====Definir manualmente un objetivo.=====
 +
 +
Puede registrar manualmente el objetivo definiendo:
 +
 +
* IP.
 +
* Sistema operativo; en esta versión solo se permite Windows y aquellos basados en Linux/Unix (compatibles con el instalador tar.gz del agente).
 +
* Arquitectura.
 +
* Las credenciales que se utilizarán para conectar al objetivo.
 +
* La versión del agente que desea desplegar.
 +
* La dirección IP del servidor donde apuntará ese agente una vez instalado (se corresponde con el campo ''server_ip'' de la configuración del agente software).
 +
 +
[[File:Depl5.png]]
 +
 +
 +
 +
 +
 +
=====Subir un archivo CSV con información de objetivos.=====
 +
 +
Si desea registrar objetivos de forma masiva, puede subir un archivo CSV con el siguiente formato:
 +
 +
 +
IP; OS; Architecture; Target agent version; Credential identifier; Target server ip
 +
 +
 +
[[File:Depl6.png]]
 +
 +
El sistema creará los objetivos basándose en lo definido en el CSV.
 +
 +
====Desplegar el software====
 +
 +
{{Warning|Solo podrá programar el despliegue contra objetivos cuya información sea completa, especificando tanto credenciales como versiones de software a desplegar}}
 +
 +
En el momento en que tenga posibles objetivos en la lista podrá lanzar el despliegue del agente:
 +
 +
[[File:Depl4.png]]
 +
 +
 +
Seleccione las IP de los objetivos de la lista (solo aparecerán objetivos válidos) y presione ''desplegar''.
 +
 +
Automáticamente se creará una tarea Discovery para despliegue en segundo plano, que se encargará de instalar el agente en los objetivos deseados.
 +
 +
Podrá confirmar que el agente ha sido instalado satisfactoriamente desde la propia lista de objetivos de la central de despliegues:
 +
 +
[[File:Depl7.png]]
 +
 +
 +
El nombre del objetivo también pasa a ser un enlace al agente de Pandora FMS correspondiente.
 +
 +
 +
Ejemplo de error: El usuario no introdujo únicamente la IP del objetivo, sino también su máscara de red ('''CON LA IP ES SUFICIENTE''').
 +
 +
Cuando el sistema intente desplegar el software encontrará que el formato de la IP es incorrecto e informará al usuario:
 +
 +
[[File:Depl_err1.png]]
 +
 +
  
 
==Import a list of your devices in CSV==
 
==Import a list of your devices in CSV==

Revision as of 02:01, 30 July 2019

1 What is Pandora FMS Discovery?

Template warning.png

Available for Pandora FMS 732 versions or higher.

 


Discovery provides a set of tools to simplify monitoring through wizards.

The following tools are included:

Task list
Pandora FMS Discovery tool allows you to see a list of all the tasks programmed in your environment, both at console and server levels.
Discovery Applications
It allows to monitor MySQL, Oracle or VMware environments from a new management console.
Discovery Cloud
Through this feature you can monitor an infrastructure hosted in Amazon Web Services (AWS.EC2)
Console Tasks
It allows you to automate console tasks within the Discovery system, from scheduling reports, doing backups or executing custom scripts from Pandora FMS Console.
Discovery Host&Devices
It includes the tools needed to discover or import devices and equipment to your network.

Discovery1.png

2 Discovery Task list

Pandora FMS Discovery tool allows you to see a list of all the tasks programmed in your environment, both at console and server levels.

DISC Task list 1.JPG

2.1 Console tasks

This section allows you to see the list of scheduled tasks in the console. The information is shown according to the following parameters:

  • User: It is the user who created the task.
  • Task: Description of the programmed task
  • Scheduled: Specifies how often the task will be executed.
  • Next Execution: Specifies the next execution of the task.
  • Last Execution: Indicates when the task was last executed.
  • Group: The group to which the task belongs.
  • Operations: It shows the actions that can be performed on the task, edited and deleted.

2.1.1 Edit Console tasks

This button allows access to the creation section, where the desired task can also be edited according to the following parameters:

  • Task: The task that will be executed among the following:
    • Backup Pandora FMS database.
    • Execute custom script.
    • Save custom report to disk.
    • Save custom XML report to disk.
    • Send custom report (from template) by email.
    • Send custom report by email.
  • Scheduled: It is used to specify how often the task will be executed.
  • Next execution: It shows the date of the next execution, being able to modify it if necessary.
  • Group: Group to which the task belongs.
  • Parameters: They are the specific parameters of each task.

2.1.1.1 Parameters of different tasks


Backup Pandora FMS database
  • Description: Backup description.
  • Save to disk in path: path where the backup will be stored.

Execute custom script
  • Custom script: The script to be executed will be indicated.

“Save custom report to disk” and “Save custom XML report to disk”
  • Report pending to be created: The report to be created.
  • Save to disk in path: Path where the created report will be stored.

Send custom report (from template) by email
  • Template pending to be created: Custom template to be created.
  • Agents: Agents from which the information that will be reflected in the report will be obtained.
  • Report per agent: If you wish to generate separate reports for each report.
  • Report name: Name that you wish to give the report.
  • Send to email addresses: Email addresses to which the report will be sent.
  • Subject: Topic of the mail to be sent.
  • Message: Body of the message with which the reports will be sent.

Send custom report by email
  • Report pending to be created: Report to be generated.
  • Send to email addresses: Email addresses the report will be sent to.
  • Subject: Topic of the mail to be sent.
  • Message: Body of the message with which the reports will be sent.
  • Report Type: Type of report that will be sent.

2.2 Server tasks

This section reflects the recognition tasks programmed by the server. The information is shown according to the following parameters:

  • Force: Option that will allow forcing the task execution.
  • Task name: Name assigned to the task.
  • Server name: Server that will execute the task.
  • Interval: Time interval in which the task will be performed.
  • Network: Network where the checks will be made.
  • Status: Status of the scheduled task
  • Task type: Type of the task that has been generated.
  • Progress: Progress of the task in case of being executed.
  • Updated at: Indicates when the task was last executed.
  • Operations: Actions that can be performed on the task. Visualization of the status of the task, visualization of the map of the discovered network, editing and deletion.

2.2.1 Operations

The edition of the server recognition tasks allows to adjust the following parameters:

  • Interval: The task execution interval can be set, either manually or defined.
  • Task name: Task Name
  • Discovery server: Server that will perform the recognition task. It is a mandatory parameter for the correct recognition operation.
  • Network: Network on which the checks are to be carried out.
  • Group: Group to which it belongs.
  • Comment: Comments to add.

3 Discovery Applications

Now, it is possible to monitor applications remotely using Discovery Applications.


DISCApp.JPG

3.1 Discovery Applications: MySQL

From Pandora FMS 7.0-733 version on, MySQL environments can be monitored using Discovery Applications.

For that purpose, it will be necessary to define the following parameters:

  • Task name: name of the task that will perform MySQL monitoring.
  • Discovery Server: server that will perform the execution of the specified task.
  • Group: Group to which it belongs.
  • MySQL server IP: IP of the server where the MySQL environment to be monitored is.
  • MySQL server port: Port of the specified address through which the information of MySQL monitoring will be obtained.
  • User: MySQL user with which it will be accessed. (Important: It must be a user with permissions on the database where the queries will be executed, since otherwise the connection will never be established.)
  • Password: MySQL user password specified above.
  • Interval: Time interval in which monitoring will be executed.

DISCMySQL1.JPG

Once the parameters with the data needed for installation are defined, you will be shown a new window where you must specify the agent on which you wish to create all the modules resulting from MySQL monitoring.

The options to be displayed are the following:

  • Target agent: Agent on which the modules resulting from monitoring will be created.
  • Custom module prefix: Defines a custom prefix that will be concatenated with the name of the modules generated by the task.
  • Scan databases: It will scan the databases.
  • Create agent per database: This option will allow an agent to be created for each database found in MySQL environment.
  • Check engine uptime: It will check the time that MySQL engine is operational.
  • Retrieve query statistics: It allows to recover the statistics of the executed queries.
  • Analyze connections: Analyzes connections.
  • Retrieve InnoDB statistics: Returns InnoDB statistics.
  • Retrieve cache statistics: Returns cache statistics.
  • Custom queries: Allows defining custom statements.

DISCMySQL2.JPG

3.2 Discovery Applications: Oracle

From Pandora FMS 7.0-733 version on, Oracle can be monitored using Discovery Applications.

Oracle monitoring will allow to define the following parameters:

  • Task name: Task Name
  • Discovery server: Server that will run the Oracle monitoring task.
  • Group: Group it belongs to.
  • Oracle target strings: Where the target strings of the task will be defined.
  • User: Oracle user that will access to perform the monitoring.
  • Password: Password of the previously defined user.
  • Interval: Execution interval

DISC Oracle1.JPG

Once defined, it will be necessary to specify the agent that will store the information and the checks that will be made. The information that can be defined in this section is the following:

  • Target agent: Agent that will receive Oracle monitoring information.
  • Custom module prefix: Defines a custom prefix that will be concatenated with the name of the modules generated by the task.
  • Check engine uptime: It will check the time that Oracle is operational.
  • Retrieve query statistics: It allows to recover the statistics of the executed queries.
  • Analyze connections: Analyzes connections.
  • Calculate fragmentation ratio: Calculates the fragmentation rate.
  • Monitor tablespaces: It monitors tablespaces.
  • Retrieve cache statistics: Returns cache statistics.
  • Execute custom queries: Executes custom queries.
  • Custom queries: Allows to define customized queries.

DISC Oracle2.JPG

3.2.1 Installing Oracle packages

It is very important to bear in mind that for the correct integration and operation of Oracle with Pandora FMS it is necessary to have the appropriate packages. Pandora FMS ISO includes everything necessary, but for installations carried out in another way, the installation process will be as follows:

  • Install oracle instant client from the Oracle page:
https://www.oracle.com/technetwork/database/database-technologies/instant-client/downloads/index.html
  • Required packages:
oracle-instantclient11.1-basic-11.1.0.7.0-1.x86_64.rpm
oracle-instantclient11.1-devel-11.1.0.7.0-1.x86_64.rpm
oracle-instantclient11.1-sqlplus-11.1.0.7.0-1.x86_64.rpm
  • Prepare the boot environment of pandora_server:
# Set Oracle environment for pandora_server
cat > /etc/pandora/pandora_server.env << 'EOF_ENV'
#!/bin/bash
VERSION=11.1
export PATH=$PATH:$HOME/bin:/usr/lib/oracle/$VERSION/client64/bin
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/lib/oracle/$VERSION/client64/lib
export ORACLE_HOME=/usr/lib/oracle/$VERSION/client64
EOF_ENV
  • Restart pandora_server
/etc/init.d/pandora_server restart

3.3 Discovery Applications: VMware

From Pandora FMS 7.0-733 version on, VMware infrastructures can be monitored using Discovery Applications.


Discoveryapplications2.png


The following must be specified:

  • A name to identify the task.
  • A Discovery server where to run it.
  • A group to which the agents generated by the VMware task will be associated.

Info.png

It must be taken into account that if the Pandora FMS server has the autocreate_group token active, priority will be given to the group corresponding to the indicated ID, instead of applying the configuration of the wizard.

 



The data required to monitor VMware are:

  • V-Center IP
  • The name of the datacenter (it can be seen through VMware installation management screen).
  • User with enough permissions.
  • User password.
  • Monitoring interval.

Password encryption can be enabled by pressing the button encrypt passwords. This only applies to the wizard in progress.


On the next page, VMware monitoring details can be specified:

Discoveryapplications3.png

  • Max threads: Choose the number of threads that the VMware monitoring script will use to speed up data collection.
  • Retry send: The information of the detected agents is sent by XML to the DataServer. This option must be activated to retry sending in case of error.
  • Event mode: Only for VCenter. VMware VCenter event-based monitoring is enabled. This working mode is exclusive and independent from standard monitoring.
  • Virtual network monitoring: It enables monitoring of virtual network devices which are defined in VMware.
  • Extra settings: Any advanced settings needed to customize VMware monitoring should be included here in text mode. For more information, visit the following link [1].

4 Discovery Cloud

Discovery Cloud allows you to monitor structures in the AWS cloud. Thanks to Pandora FMS, you can manage many Amazon Web Services accounts, concentrating information management in a single tool.

Azure66.JPG

The management of every account, both from AWS and Microsoft Azure, will be made through the Credential Store located in Profiles -> Manage agent groups -> Credential Store.

Credential store.png

4.1 Discovery Cloud: AWS

Template warning.png

This section is under construction.

 


To monitor an infrastructure in Amazon Web Services, follow the different pages of the wizard step by step.


4.1.1 AWS. Credential validation

Pandora FMS allows managing several AWS accounts. Once you have accessed the Amazon Web Services menu, the navigation will be automatically redirected to the window to select the account with which you need to access the service. If there is a previously created account in previous versions of Pandora FMS, it will be shown as "imported_aws_account".

AWSCredentials1.JPG

You can add as many accounts as necessary through the "Manage Accounts" option next to the AWS Account drop-down.

This will allow access to the "Credential store" section of Profiles> Manage agent groups and it will act as the store of all the Amazon Web Services accounts previously created to be registered.

AWS4.png

AWS5.png

Query accounts in Amazon AWS must be created with the following permissions:

Awsgrants.png

  • Billing (read)
  • CloudWatch (list,read)
  • Cost Explorer Service (Full access)
  • EC2 (full read, limited: list)


Summary of the policy in JSON:

{
   "Version": "2012-10-17",
   "Statement": [
       {
           "Sid": "VisualEditor0",
           "Effect": "Allow",
           "Action": [
               "ec2:DescribeInstances",
               "ec2:DescribeVolumesModifications",
               "ec2:GetHostReservationPurchasePreview",
               "ec2:DescribeSnapshots",
               "aws-portal:ViewUsage",
               "ec2:DescribePlacementGroups",
               "ec2:GetConsoleScreenshot",
               "ec2:DescribeHostReservationOfferings",
               "ec2:DescribeInternetGateways",
               "ec2:GetLaunchTemplateData",
               "ec2:DescribeVolumeStatus",
               "ec2:DescribeScheduledInstanceAvailability",
               "ec2:DescribeSpotDatafeedSubscription",
               "ec2:DescribeVolumes",
               "ec2:DescribeFpgaImageAttribute",
               "ec2:DescribeExportTasks",
               "ec2:DescribeAccountAttributes",
               "aws-portal:ViewBilling",
               "ec2:DescribeNetworkInterfacePermissions",
               "ec2:DescribeReservedInstances",
               "ec2:DescribeKeyPairs",
               "ec2:DescribeNetworkAcls",
               "ec2:DescribeRouteTables",
               "ec2:DescribeReservedInstancesListings",
               "ec2:DescribeEgressOnlyInternetGateways",
               "ec2:DescribeSpotFleetRequestHistory",
               "ec2:DescribeLaunchTemplates",
               "ec2:DescribeVpcClassicLinkDnsSupport",
               "ec2:DescribeVpnConnections",
               "ec2:DescribeSnapshotAttribute",
               "ec2:DescribeVpcPeeringConnections",
               "ec2:DescribeReservedInstancesOfferings",
               "ec2:DescribeIdFormat",
               "ec2:DescribeVpcEndpointServiceConfigurations",
               "ec2:DescribePrefixLists",
               "cloudwatch:GetMetricStatistics",
               "ec2:GetReservedInstancesExchangeQuote",
               "ec2:DescribeVolumeAttribute",
               "ec2:DescribeInstanceCreditSpecifications",
               "ec2:DescribeVpcClassicLink",
               "ec2:DescribeImportSnapshotTasks",
               "ec2:DescribeVpcEndpointServicePermissions",
               "ec2:GetPasswordData",
               "ec2:DescribeScheduledInstances",
               "ec2:DescribeImageAttribute",
               "ec2:DescribeVpcEndpoints",
               "ec2:DescribeReservedInstancesModifications",
               "ec2:DescribeElasticGpus",
               "ec2:DescribeSubnets",
               "ec2:DescribeVpnGateways",
               "ec2:DescribeMovingAddresses",
               "ec2:DescribeAddresses",
               "ec2:DescribeInstanceAttribute",
               "ec2:DescribeRegions",
               "ec2:DescribeFlowLogs",
               "ec2:DescribeDhcpOptions",
               "ec2:DescribeVpcEndpointServices",
               "ce:GetCostAndUsage",
               "ec2:DescribeSpotInstanceRequests",
               "cloudwatch:ListMetrics",
               "ec2:DescribeVpcAttribute",
               "ec2:GetConsoleOutput",
               "ec2:DescribeSpotPriceHistory",
               "ce:GetReservationUtilization",
               "ec2:DescribeNetworkInterfaces",
               "ec2:DescribeAvailabilityZones",
               "ec2:DescribeNetworkInterfaceAttribute",
               "ce:GetDimensionValues",
               "ec2:DescribeVpcEndpointConnections",
               "ec2:DescribeInstanceStatus",
               "ec2:DescribeHostReservations",
               "ec2:DescribeIamInstanceProfileAssociations",
               "ec2:DescribeTags",
               "ec2:DescribeLaunchTemplateVersions",
               "ec2:DescribeBundleTasks",
               "ec2:DescribeIdentityIdFormat",
               "ec2:DescribeImportImageTasks",
               "ec2:DescribeClassicLinkInstances",
               "ec2:DescribeNatGateways",
               "ec2:DescribeCustomerGateways",
               "ec2:DescribeVpcEndpointConnectionNotifications",
               "ec2:DescribeSecurityGroups",
               "ec2:DescribeSpotFleetRequests",
               "ec2:DescribeHosts",
               "ec2:DescribeImages",
               "ec2:DescribeFpgaImages",
               "ec2:DescribeSpotFleetInstances",
               "ec2:DescribeSecurityGroupReferences",
               "ec2:DescribeVpcs",
               "ec2:DescribeConversionTasks",
               "ec2:DescribeStaleSecurityGroups",
               "ce:GetTags"
           ],
           "Resource": "*"
       }
   ]
}


Assign the policy to a new user.

Awsgrants2.png


Back in Pandora FMS, the registered account can be used to link it and be able to access AWS monitoring.

Info.png

If pandora-cm-api is not available in the installation, it can be obtained from the following link: [2]

 



4.1.2 Discovery Cloud. AWS

Once the credentials have been validated, access the Discovery Cloud menu => Amazon Web Services

AWS6.png

In this section, Amazon EC2 and Amazon RDS are found. For each account that is added to the "Credential store" an instance of EC2 can be monitored, but as many as desired from RDS.

Info.png

Only one recognition task per AWS account can be active. The account will be the same for all monitored technologies within the provider.

 



4.1.3 Discovery Cloud. AWS.EC2

Within EC2 monitoring you can find:

  • Expense monitoring.
  • Summary of resources registered in AWS.EC2.
  • Specific instance monitoring.
  • Volume and elastic IP address monitoring.

To start the monitoring process, a series of basic data is requested:

Cloud3.png

It is required to provide a name for the task, indicate the Discovery server from where it will be executed and the monitoring interval.

4.1.3.1 Discovery Cloud AWS.EC2 Costes

When clicking next, you will start configuring AWS monitoring expenses:

Template warning.png

Amazon Web Services expense monitoring involves extra expenses. You can find more information about it in the following link [https://aws.amazon.com/aws-cost-management/pricing/

 


Expense monitoring provides a separate monitoring interval to avoid extra charges.

Cloud4.png

Both the overall cost and the independent cost per region can be monitored.


4.1.3.2 Discovery Cloud AWS.EC2 Summary

The Discovery task can be configured to collect general information on the stock status in all regions.

To enable it, the Scan and general monitoring option must be activated.

Cloud5.png

Generic CPU usage counters can be added, as well as output (disk) input operations or volume of disk and network transferred data (bytes).


4.1.3.3 Discovery Cloud AWS.EC2 Specific Instance Monitoring

Specific instances can be monitored to obtain readings of:

  • CPUUtilization: Average CPU usage
  • DiskReadBytes: Reading bytes (disk)
  • DiskWriteBytes: Writing bytes (disk)
  • DiskReadOps: Read operations (disk)
  • DiskWriteOps: Writing operations (disk)
  • NetworkPacketsIn: Input packets (network)
  • NetworkPacketsOut: Output packets (network)

The agents that represent the specific instances will have as their parent the agent that represents the region in which they are hosted.

It must be verified that the update_parent token is configured to 1 in the Pandora FMS server configuration to keep the parent-child relationships updated.

Navigation must be carried out through the browser by selecting the instances that need to be monitored:

Cloud6.png


4.1.3.4 Discovery Cloud AWS.EC2 Extras

In this last screen you can indicate whether you want to monitor the volumes used by the reserved instances.

Two extra modules will appear in the region agents:

  • Total reserved volume (GB)
  • Total registered volumes (number)


You can also choose to activate the Elastic IP addresses token. The number of elastic IPs registered in the AWS.EC2 account will be reported.

Cloud7.png


Once the wizard is completed, the progress of the execution in Discovery Task list can be seen:

Tasklist1.png

4.1.4 Discovery Cloud. AWS.RDS

AWS RDS allows you to monitor relational databases provided by Amazon Web Services.

The RDS service provides a database server and allows creating the instance related to said database. In addition, RDS offers the possibility to connect to its instances through clients such as SSMS, MySQL workbench or through JDBC or ODBC DB APIs.

AWS8.JPG

Through Pandora FMS, different RDS rooms can be monitored by filling in the parameters included in the menu shown at the top.


4.1.5 Discovery Cloud. Overview

Discovery Cloud includes an overview where the key points of the infrastructure in Amazon Web Services can be reviewed. Pandora FMS allows displaying different maps based on existing accounts.

In the AWS view, the account from which you wish to display the information can be selected:

AWS9.JPG

It includes:

  • Current expenses
  • Previous expenses
  • Expense evolution chart (6 months)
  • Reserve / instance evolution chart (1 month)
  • Map of regions with the number of instances per region.

Awsview.png

4.2 Discovery Cloud: Microsoft Azure


To monitor an infrastructure in Microsoft Azure, follow these instructions step by step.

4.2.1 How to register a user to use the Azure API

Azure.png

  • Go to 'App registrations'> 'New registration'

Azure2.png


  • Enter the data.

Azure3.png


  • Write down the data "client_id" and "directory".

Azure4.png

  • Next, access 'certificates & secrets' and create a new one:

Azure5.png

Template warning.png

Write down the key that is shown, it is the application_secret.

 


4.2.2 Assigning permissions

Assign a role to the account that will operate (app). To that effect, access "home" and get into the subscription.

Azure6.png


Within the subscription, select "Access control (IAM)".

Azure7.png

Add a new role assignment and once there, select the "reader" role for the created app.

Azure8.png

It is important to save the changes by pressing "save".


From that moment onwards, you can connect to the service and make requests through pandora-cm-api.

4.2.2.1 Examples

The status of Azure can be checked from Pandora FMS as follows:

  • Preload the environment.
  • Run . load_env.sh
  • pandora-cm-api --product Azure --get availability


If the environment is operational, the system should return a response of 1.

An example of the contents of the load_env.sh script would be the following:

  • Azure
export CLIENT_ID=XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX

export DOMAIN=XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX

export APPLICATION_SECRET="XXXXXXXXXXXXXXXXXXXXXXXXX"

export AZURE_SUBSCRIPTION_ID=XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX

4.2.3 Configure a task in Pandora FMS

Pandora FMS allows managing several Microfost Azure accounts.

You can add as many accounts as needed through the "Manage Accounts" option next to the Account drop-down.

This will allow access to the "Credential store" section of Profiles> Manage agent groups and it will act as the store of all previously created Microsoft Azure accounts to be registered.

To configure a new task, follow these steps:

  • Add a new password to the "credential store".

Azure9.png


  • Access 'Discovery> Cloud> Azure' and validate the Azure account.


Azure10.png


Azure11.png


Azure12.png

  • From this point onwards, just follow the described steps.

5 Discovery Console Tasks

Virtually identical to what was previously seen in Task List, Console Task will allow creating new tasks taking into account the following parameters:

  • Task: The task that will be executed among the following:
    • Backup Pandora FMS database.
    • Execute custom script.
    • Save custom report to disk.
    • Save custom XML report to disk.
    • Send custom report (from template) by email.
    • Send custom report by email.
  • Scheduled: It is used to specify how often the task will be executed.
  • Next execution: It shows the date of the next execution, being able to modify it if necessary.
  • Group: Group to which the task belongs.
  • Parameters: They are the specific parameters of each task.

ConsoleTasks.JPG

5.1 Parameters of different tasks


Backup Pandora FMS database
  • Description: Backup description.
  • Save to disk in path: path in which the backup will be stored.

Execute custom script
  • Custom script: The script to be executed will be indicated.

“Save custom report to disk” and “Save custom XML report to disk”
  • Report pending to be created: The report to be created.
  • Save to disk in path: Path where the created report will be stored.

Send custom report (from template) by email
  • Template pending to be created: Custom template to be created.
  • Agents: Agents from which the information that will be reflected in the report will be obtained.
  • Report per agent: If you wish to generate separate reports for each report.
  • Report name: Name that you want to give the report.
  • Send to email addresses: Email addresses the report is going to be sent to.
  • Subject: Topic of the mail to be sent.
  • Message: Body of the message which will be sent together with the reports.

Send custom report by email
  • Report pending to be created: Report to be generated.
  • Send to email addresses: Email addresses the report is going to be sent to.
  • Subject: Topic of the mail to be sent.
  • Message: Body of the message with which the reports will be sent.
  • Report Type: Type of report that will be sent.

6 Discovery Host&Devices

The Discovery Host & Devices section offers a multitude of options to help manage and discover devices within as many environments as needed.

Therefore, it features the following tools:

  • Net Scan.
  • Import CSV.
  • Custom NetScan.
  • Manage NetScan scripts.


800

6.1 NetScan

With the NetScan tool, you can discover devices in a network and apply different monitoring rules.

First, define the name of the task, the Discovery server that will run it, the network to be scanned, the group to which the discovered agents will be assigned and the scan interval.

Hostdevices4.png

Template warning.png

The intervals selected as manuals must be manually launched. Discovery will not launch a manual task automatically.

 



In the characteristics section, you can indicate the following options:

800


  • Apply a module template.
  • Apply automatic configuration rules to the detected agents. For more information go to the following [3]

Info.png

Automatic configuration allows you to apply policies, group changes and settings, as well as launch custom events or execute scripts on actions.

 


Info.png

Agents detected by NetScan are remote agents without a configuration file. You cannot apply local monitoring policies or add configuration changes in block if you do not deploy an agent to the targets.

 



  • Improve detection by scanning SNMP information available on discovered targets:
    • To improve the information obtained from discovered devices, enable SNMP.
    • A comma-separated list of communities to be tested on the discovered targets will be requested.
    • Found devices that support SNMP will report detailed information on the use of their interfaces as well as a series of useful modules by default.
    • SNMP is supported in versions 1, 2c and 3.
  • WMI scanning can be enabled. Simply add the credentials to be tested in auth. strings separated by commas, for example:
Administrator%P4ssw0rd,Administrator%S3cr3t

Info.png

The different credentials provided against the detected objectives that support WMI will be tested, complementing monitoring with modules that will inform about CPU, memory and disk usage.

 


  • Detect the target's operating system.
  • Solve the name of the target.
  • Parent detection: Through the information collected through SNMP, the different interconnections between devices will be calculated, in order to represent their network infrastructure.
  • Parent recursion: Improves parent detection by adding recursion to the process.
  • VLAN detection: Detects VLANs to which the different devices are connected.


Once the wizard is completed, Discovery will start executing it in each defined interval, if the interval is manual, the task should be started manually:

800


6.2 Despliegue automático de agentes

Template wip.png

We are working on the translation of the Pandora FMS documentation. Sorry for any inconvenience.

 


A partir de la versión 737 de Pandora FMS es posible desplegar agentes desde la consola utilizando la central de despliegues.

Depl1.png


Los pasos para desplegar agentes desde la consola son:

Registrar las versiones de agentes software a desplegar en el repositorio de agentes.

Necesitará los instaladores de los agentes que quiera desplegar a lo largo de su infraestructura. Puede utilizar agentes personalizados.

Para más información acerca del uso del repositorio de agentes visite este enlace


Registrar las credenciales que se utilizarán para conectar a los objetivos en el administrador de credenciales.

Deberá especificar las credenciales con las que se testearán los accesos a los objetivos encontrados o especificados.

Para más información acerca del almacén de credenciales visite este enlace


Confirme que su entorno está preparado para el despliegue.

La primera vez que visite la central de despliegues verá los siguientes avisos:

Depl info1.png

Este mensaje indica que todavía no se han definido objetivos para el despliegue.


Depl info2.png

En estos mensajes se indica:

El primer mensaje le indica que deberá configurar la URL de acceso público public_url para que los objetivos puedan conectar con la consola y configurarse.

Template warning.png

Este sistema no realiza operaciones tipo PUSH; todos los despliegues se transmiten ofertando el software y ordenando al objetivo instalarlo.

 



En el segundo se indica que aún no ha agregado ningún instalador al repositorio de agentes. Deberá registrar instaladores para desplegar el software.



6.2.1 Búsqueda de objetivos

Buscar o indicar los objetivos en la central de despliegue.

Utilice cualquiera de los métodos descritos a continuación para registrar nuevos objetivos.

Puede utilizar cualquiera de las siguientes opciones para definir objetivos:

Depl action buttons.png


6.2.1.1 Escanear una o varias redes en busca de objetivos.

Al pulsar el botón de escanear objetivos se mostrará un pop-up con los siguientes campos:

Depl2.png


Deberá indicar:

  • La red o redes (separadas por comas) a escanear.
  • El servidor Discovery que realizará el escaneo.
  • Las credenciales que se utilizarán para intentar conectar con los objetivos descubiertos.
  • La versión del agente software que se registra como deseada para los objetivos descubiertos.
  • La IP del servidor objetivo donde apuntarán estos agentes software cuando se instalen (se corresponde con el campo server_ip del fichero de configuración del agente).


Cuando pulse 'Escanear' recibirá una confirmación, con un enlace que puede seguir para consultar el progreso de esta tarea.

Depl info3.png


En la lista de tareas aparecerá una nueva entrada:

Depl2b.png


Info.png

Las tareas de Discovery relacionadas con el despliegue de agentes son tareas volátiles. Una vez concluidas se eliminarán automáticamente. La información acerca de un escaneo o despliegue, tanto satisfactorio como erróneo, podrá consultarla desde la propia central de despliegues.

 



Según vayan encontrándose posibles objetivos, irán apareciendo en la central de despliegues:

Depl3.png


Info.png

Los objetivos descubiertos agregados a esta lista son todos los dispositivos encontrados cuyo sistema operativo coincide con Windows o sistemas basados en Linux/Unix, independientemente de que se hayan encontrado credenciales válidas o no

 




6.2.1.2 Definir manualmente un objetivo.

Puede registrar manualmente el objetivo definiendo:

  • IP.
  • Sistema operativo; en esta versión solo se permite Windows y aquellos basados en Linux/Unix (compatibles con el instalador tar.gz del agente).
  • Arquitectura.
  • Las credenciales que se utilizarán para conectar al objetivo.
  • La versión del agente que desea desplegar.
  • La dirección IP del servidor donde apuntará ese agente una vez instalado (se corresponde con el campo server_ip de la configuración del agente software).

Depl5.png



6.2.1.3 Subir un archivo CSV con información de objetivos.

Si desea registrar objetivos de forma masiva, puede subir un archivo CSV con el siguiente formato:


IP; OS; Architecture; Target agent version; Credential identifier; Target server ip


Depl6.png

El sistema creará los objetivos basándose en lo definido en el CSV.

6.2.2 Desplegar el software

Template warning.png

Solo podrá programar el despliegue contra objetivos cuya información sea completa, especificando tanto credenciales como versiones de software a desplegar

 


En el momento en que tenga posibles objetivos en la lista podrá lanzar el despliegue del agente:

Depl4.png


Seleccione las IP de los objetivos de la lista (solo aparecerán objetivos válidos) y presione desplegar.

Automáticamente se creará una tarea Discovery para despliegue en segundo plano, que se encargará de instalar el agente en los objetivos deseados.

Podrá confirmar que el agente ha sido instalado satisfactoriamente desde la propia lista de objetivos de la central de despliegues:

Depl7.png


El nombre del objetivo también pasa a ser un enlace al agente de Pandora FMS correspondiente.


Ejemplo de error: El usuario no introdujo únicamente la IP del objetivo, sino también su máscara de red (CON LA IP ES SUFICIENTE).

Cuando el sistema intente desplegar el software encontrará que el formato de la IP es incorrecto e informará al usuario:

Depl err1.png


6.3 Import a list of your devices in CSV

A list of devices can be imported to represent them as agents using the agent import wizard through CSV.

Hostdevices2.png

Select the separator used, the server on which you wish to import and the file that contains the data, then click on "next".

Hostdevices3.png

6.4 Custom NetScan

Allows the execution of custom scripts for the execution of network recognition tasks.

Create a recognition task specifying:

  • Task name: Name of the recognition task.
  • Comment: Allows adding comments.
  • Discovery server: Server that will execute the task.
  • Group: Group it belongs to.
  • Interval: Execution interval.

DISC NetScan Custom 1.JPG

Once the process of creating the task is complete, specify the script that you wish to run, as well as the configuration file necessary for its execution.


6.5 Net scan scripts

This section will show the different scripts that have been created for custom recognition tasks. A view is displayed in which the name and description of the task are defined.

DISC Net scan scripts.JPG

Pandora FMS allows adding additional scripts to make monitoring and recognition of required networks easier.

The parameters that can be defined are the following:

  • Name: Script name.
  • Script fullpath: Path where the script is located.
  • Description: Script description. You can define descriptions of the different fields, as well as default values for them.
  • Hide value: In case you wish to hide the value of a field.
  • Help: Help fields.

DISC Net scan scripts 2.JPG

Creating scripts allows adding macros with which to define all the parameters needed for the correct execution of the script.