1 What is Pandora FMS Discovery?
2 Discovery Task list
- 2.1 Console tasks
  - 2.1.1 Edit Console tasks
    - 2.1.1.1 Parameters of different tasks
- 2.2 Server tasks
  - 2.2.1 Operations
3 Discovery Applications
4 Discovery Cloud
- 4.1 Discovery Cloud: AWS
- 4.2 Discovery Cloud: Microsoft Azure
5 Discovery Console Tasks
- 5.1 Parameters of different tasks
6 Discovery Host&Devices

1 What is Pandora FMS Discovery?

Available for Pandora FMS 732 versions or higher.

Discovery provides a set of tools to simplify monitoring through wizards.

The following tools are included:

Task list: Pandora FMS Discovery tool allows you to see a list of all the tasks programmed in your environment, both at console and server levels.
Discovery Applications: It allows to monitor MySQL, Oracle or VMware environments from a new management console.
Discovery Cloud: Through this feature, you may monitor your cloud infrastructure, ranging from virtual machines created through Amazon Web Services (EC2) or relational databases in AWS RDS, to virtual machines running in Azure Compute.
Console Tasks: It allows you to automate console tasks within the Discovery system, from scheduling reports, doing backups or executing custom scripts from Pandora FMS Console.
Discovery Host&Devices: It includes the tools needed to discover or import devices and equipment to your network.

2 Discovery Task list

Pandora FMS Discovery tool allows you to see a list of all the tasks programmed in your environment, both at console and server levels.

2.1 Console tasks

This section allows you to see the list of scheduled tasks in the console. The information is shown according to the following parameters:

User: It is the user who created the task.
Task: Description of the programmed task
Scheduled: Specifies how often the task will be executed.
Next Execution: Specifies the next execution of the task.
Last Execution: Indicates when the task was last executed.
Group: The group to which the task belongs.
Operations: It shows the actions that can be performed on the task, edited and deleted.

2.1.1 Edit Console tasks

This button allows access to the creation section, where the desired task can also be edited according to the following parameters:

Task: The task that will be executed among the following:
- Backup Pandora FMS database.
- Execute custom script.
- Save custom report to disk.
- Save custom XML report to disk.
- Send custom report (from template) by email.
- Send custom report by email.

Scheduled: It is used to specify how often the task will be executed.
Next execution: It shows the date of the next execution, being able to modify it if necessary.
Group: Group to which the task belongs.
Parameters: They are the specific parameters of each task.

2.1.1.1 Parameters of different tasks

Backup Pandora FMS database

Description: Backup description.
Save to disk in path: path where the backup will be stored.

Execute custom script

Custom script: The script to be executed will be indicated.

“Save custom report to disk” and “Save custom XML report to disk”

Report pending to be created: The report to be created.
Save to disk in path: Path where the created report will be stored.

Send custom report (from template) by email

Template pending to be created: Custom template to be created.
Agents: Agents from which the information that will be reflected in the report will be obtained.
Report per agent: If you wish to generate separate reports for each report.
Report name: Name that you wish to give the report.
Send to email addresses: Email addresses to which the report will be sent.
Subject: Topic of the mail to be sent.
Message: Body of the message with which the reports will be sent.

Send custom report by email

Report pending to be created: Report to be generated.
Send to email addresses: Email addresses the report will be sent to.
Subject: Topic of the mail to be sent.
Message: Body of the message with which the reports will be sent.
Report Type: Type of report that will be sent.

2.2 Server tasks

This section reflects the recognition tasks programmed by the server. The information is shown according to the following parameters:

Force: Option that will allow forcing the task execution.
Task name: Name assigned to the task.
Server name: Server that will execute the task.
Interval: Time interval in which the task will be performed.
Network: Network where the checks will be made.
Status: Status of the scheduled task
Task type: Type of the task that has been generated.
Progress: Progress of the task in case of being executed.
Updated at: Indicates when the task was last executed.
Operations: Actions that can be performed on the task. Visualization of the status of the task, visualization of the map of the discovered network, editing and deletion.

2.2.1 Operations

The edition of the server recognition tasks allows to adjust the following parameters:

Interval: The task execution interval can be set, either manually or defined.
Task name: Task Name
Discovery server: Server that will perform the recognition task. It is a mandatory parameter for the correct recognition operation.
Network: Network on which the checks are to be carried out.
Group: Group to which it belongs.
Comment: Comments to add.

3 Discovery Applications

Now, it is possible to monitor applications remotely using Discovery Applications.

3.1 Discovery Applications: MySQL

From Pandora FMS 7.0-733 version on, MySQL environments can be monitored using Discovery Applications.

For that purpose, it will be necessary to define the following parameters:

Task name: name of the task that will perform MySQL monitoring.
Discovery Server: server that will perform the execution of the specified task.
Group: Group to which it belongs.
MySQL server IP: IP of the server where the MySQL environment to be monitored is.
MySQL server port: Port of the specified address through which the information of MySQL monitoring will be obtained.
User: MySQL user with which it will be accessed. (Important: It must be a user with permissions on the database where the queries will be executed, since otherwise the connection will never be established.)
Password: MySQL user password specified above.
Interval: Time interval in which monitoring will be executed.

Once the parameters with the data needed for installation are defined, you will be shown a new window where you must specify the agent on which you wish to create all the modules resulting from MySQL monitoring.

The options to be displayed are the following:

Target agent: Agent on which the modules resulting from monitoring will be created.
Custom module prefix: Defines a custom prefix that will be concatenated with the name of the modules generated by the task.
Scan databases: It will scan the databases.
Create agent per database: This option will allow an agent to be created for each database found in MySQL environment.
Check engine uptime: It will check the time that MySQL engine is operational.
Retrieve query statistics: It allows to recover the statistics of the executed queries.
Analyze connections: Analyzes connections.
Retrieve InnoDB statistics: Returns InnoDB statistics.
Retrieve cache statistics: Returns cache statistics.
Custom queries: Allows defining custom statements.

3.2 Discovery Applications: Oracle

From Pandora FMS 7.0-733 version on, Oracle can be monitored using Discovery Applications.

Oracle monitoring will allow to define the following parameters:

Task name: Task Name
Discovery server: Server that will run the Oracle monitoring task.
Group: Group it belongs to.
Oracle target strings: Where the target strings of the task will be defined.
User: Oracle user that will access to perform the monitoring.
Password: Password of the previously defined user.
Interval: Execution interval

Once defined, it will be necessary to specify the agent that will store the information and the checks that will be made. The information that can be defined in this section is the following:

Target agent: Agent that will receive Oracle monitoring information.
Custom module prefix: Defines a custom prefix that will be concatenated with the name of the modules generated by the task.
Check engine uptime: It will check the time that Oracle is operational.
Retrieve query statistics: It allows to recover the statistics of the executed queries.
Analyze connections: Analyzes connections.
Calculate fragmentation ratio: Calculates the fragmentation rate.
Monitor tablespaces: It monitors tablespaces.
Retrieve cache statistics: Returns cache statistics.
Execute custom queries: Executes custom queries.
Custom queries: Allows to define customized queries.

3.2.1 Installing Oracle packages

It is very important to bear in mind that for the correct integration and operation of Oracle with Pandora FMS it is necessary to have the appropriate packages. Pandora FMS ISO includes everything necessary, but for installations carried out in another way, the installation process will be as follows:

Install oracle instant client from the Oracle page:

https://www.oracle.com/technetwork/database/database-technologies/instant-client/downloads/index.html

Required packages:

oracle-instantclient11.1-basic-11.1.0.7.0-1.x86_64.rpm
oracle-instantclient11.1-devel-11.1.0.7.0-1.x86_64.rpm
oracle-instantclient11.1-sqlplus-11.1.0.7.0-1.x86_64.rpm

Prepare the boot environment of pandora_server:

In the pandora_server path you need to create a file called pandora_server.env with the following information. Its execution is needed ./pandora_server.env

# Set Oracle environment for pandora_server
cat > /etc/pandora/pandora_server.env << 'EOF_ENV'
#!/bin/bash
VERSION=11.1
export PATH=$PATH:$HOME/bin:/usr/lib/oracle/$VERSION/client64/bin
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/lib/oracle/$VERSION/client64/lib
export ORACLE_HOME=/usr/lib/oracle/$VERSION/client64
EOF_ENV

Restart pandora_server

/etc/init.d/pandora_server restart

If package E7 is being used, version 12.2 of both library and environment variables must be installed, and Oracle (v12.2) packages must be used

3.3 Discovery Applications: VMware

From Pandora FMS 7.0-733 version on, VMware infrastructures can be monitored using Discovery Applications.

The following must be specified:

A name to identify the task.
A Discovery server where to run it.
A group to which the agents generated by the VMware task will be associated.

It must be taken into account that if the Pandora FMS server has the autocreate_group token active, priority will be given to the group corresponding to the indicated ID, instead of applying the configuration of the wizard.

The data required to monitor VMware are:

V-Center IP
The name of the datacenter (it can be seen through VMware installation management screen).
User with enough permissions.
User password.
Monitoring interval.

Password encryption can be enabled by pressing the button encrypt passwords. This only applies to the wizard in progress.

On the next page, VMware monitoring details can be specified:

Max threads: Choose the number of threads that the VMware monitoring script will use to speed up data collection.
Retry send: The information of the detected agents is sent by XML to the DataServer. This option must be activated to retry sending in case of error.
Event mode: Only for VCenter. VMware VCenter event-based monitoring is enabled. This working mode is exclusive and independent from standard monitoring.
Virtual network monitoring: It enables monitoring of virtual network devices which are defined in VMware.
Extra settings: Any advanced settings needed to customize VMware monitoring should be included here in text mode. For more information, visit the following link [1].

4 Discovery Cloud

Discovery Cloud allows you to monitor structures in the AWS cloud. Thanks to Pandora FMS, you can manage many Amazon Web Services accounts, concentrating information management in a single tool.

The management of every account, both from AWS and Microsoft Azure, will be made through the Credential Store located in Profiles -> Manage agent groups -> Credential Store.

4.1 Discovery Cloud: AWS

This section is under construction.

To monitor an infrastructure in Amazon Web Services, follow the different pages of the wizard step by step.

4.1.1 AWS. Credential validation

Pandora FMS allows managing several AWS accounts. Once you have accessed the Amazon Web Services menu, the navigation will be automatically redirected to the window to select the account with which you need to access the service. If there is a previously created account in previous versions of Pandora FMS, it will be shown as "imported_aws_account".

You can add as many accounts as necessary through the "Manage Accounts" option next to the AWS Account drop-down.

This will allow access to the "Credential store" section of Profiles> Manage agent groups and it will act as the store of all the Amazon Web Services accounts previously created to be registered.

Query accounts in Amazon AWS must be created with the following permissions:

Billing (read)
CloudWatch (list,read)
Cost Explorer Service (Full access)
EC2 (full read, limited: list)

Summary of the policy in JSON:

{
   "Version": "2012-10-17",
   "Statement": [
       {
           "Sid": "VisualEditor0",
           "Effect": "Allow",
           "Action": [
               "ec2:DescribeInstances",
               "ec2:DescribeVolumesModifications",
               "ec2:GetHostReservationPurchasePreview",
               "ec2:DescribeSnapshots",
               "aws-portal:ViewUsage",
               "ec2:DescribePlacementGroups",
               "ec2:GetConsoleScreenshot",
               "ec2:DescribeHostReservationOfferings",
               "ec2:DescribeInternetGateways",
               "ec2:GetLaunchTemplateData",
               "ec2:DescribeVolumeStatus",
               "ec2:DescribeScheduledInstanceAvailability",
               "ec2:DescribeSpotDatafeedSubscription",
               "ec2:DescribeVolumes",
               "ec2:DescribeFpgaImageAttribute",
               "ec2:DescribeExportTasks",
               "ec2:DescribeAccountAttributes",
               "aws-portal:ViewBilling",
               "ec2:DescribeNetworkInterfacePermissions",
               "ec2:DescribeReservedInstances",
               "ec2:DescribeKeyPairs",
               "ec2:DescribeNetworkAcls",
               "ec2:DescribeRouteTables",
               "ec2:DescribeReservedInstancesListings",
               "ec2:DescribeEgressOnlyInternetGateways",
               "ec2:DescribeSpotFleetRequestHistory",
               "ec2:DescribeLaunchTemplates",
               "ec2:DescribeVpcClassicLinkDnsSupport",
               "ec2:DescribeVpnConnections",
               "ec2:DescribeSnapshotAttribute",
               "ec2:DescribeVpcPeeringConnections",
               "ec2:DescribeReservedInstancesOfferings",
               "ec2:DescribeIdFormat",
               "ec2:DescribeVpcEndpointServiceConfigurations",
               "ec2:DescribePrefixLists",
               "cloudwatch:GetMetricStatistics",
               "ec2:GetReservedInstancesExchangeQuote",
               "ec2:DescribeVolumeAttribute",
               "ec2:DescribeInstanceCreditSpecifications",
               "ec2:DescribeVpcClassicLink",
               "ec2:DescribeImportSnapshotTasks",
               "ec2:DescribeVpcEndpointServicePermissions",
               "ec2:GetPasswordData",
               "ec2:DescribeScheduledInstances",
               "ec2:DescribeImageAttribute",
               "ec2:DescribeVpcEndpoints",
               "ec2:DescribeReservedInstancesModifications",
               "ec2:DescribeElasticGpus",
               "ec2:DescribeSubnets",
               "ec2:DescribeVpnGateways",
               "ec2:DescribeMovingAddresses",
               "ec2:DescribeAddresses",
               "ec2:DescribeInstanceAttribute",
               "ec2:DescribeRegions",
               "ec2:DescribeFlowLogs",
               "ec2:DescribeDhcpOptions",
               "ec2:DescribeVpcEndpointServices",
               "ce:GetCostAndUsage",
               "ec2:DescribeSpotInstanceRequests",
               "cloudwatch:ListMetrics",
               "ec2:DescribeVpcAttribute",
               "ec2:GetConsoleOutput",
               "ec2:DescribeSpotPriceHistory",
               "ce:GetReservationUtilization",
               "ec2:DescribeNetworkInterfaces",
               "ec2:DescribeAvailabilityZones",
               "ec2:DescribeNetworkInterfaceAttribute",
               "ce:GetDimensionValues",
               "ec2:DescribeVpcEndpointConnections",
               "ec2:DescribeInstanceStatus",
               "ec2:DescribeHostReservations",
               "ec2:DescribeIamInstanceProfileAssociations",
               "ec2:DescribeTags",
               "ec2:DescribeLaunchTemplateVersions",
               "ec2:DescribeBundleTasks",
               "ec2:DescribeIdentityIdFormat",
               "ec2:DescribeImportImageTasks",
               "ec2:DescribeClassicLinkInstances",
               "ec2:DescribeNatGateways",
               "ec2:DescribeCustomerGateways",
               "ec2:DescribeVpcEndpointConnectionNotifications",
               "ec2:DescribeSecurityGroups",
               "ec2:DescribeSpotFleetRequests",
               "ec2:DescribeHosts",
               "ec2:DescribeImages",
               "ec2:DescribeFpgaImages",
               "ec2:DescribeSpotFleetInstances",
               "ec2:DescribeSecurityGroupReferences",
               "ec2:DescribeVpcs",
               "ec2:DescribeConversionTasks",
               "ec2:DescribeStaleSecurityGroups",
               "ce:GetTags"
           ],
           "Resource": "*"
       }
   ]
}

Assign the policy to a new user.

Back in Pandora FMS, the registered account can be used to link it and be able to access AWS monitoring.

If pandora-cm-api is not available in the installation, it can be obtained from the following link: [2]

4.1.2 Discovery Cloud. AWS

Once the credentials have been validated, access the Discovery Cloud menu => Amazon Web Services

In this section, Amazon EC2 and Amazon RDS are found. For each account that is added to the "Credential store" an instance of EC2 can be monitored, but as many as desired from RDS.

Only one recognition task per AWS account can be active. The account will be the same for all monitored technologies within the provider.

4.1.3 Discovery Cloud. AWS.EC2

Within EC2 monitoring you can find:

Expense monitoring.
Summary of resources registered in AWS.EC2.
Specific instance monitoring.
Volume and elastic IP address monitoring.

To start the monitoring process, a series of basic data is requested:

It is required to provide a name for the task, indicate the Discovery server from where it will be executed and the monitoring interval.

4.1.3.1 Discovery Cloud AWS.EC2 Costs

When clicking next, you will start configuring AWS monitoring expenses:

Amazon Web Services expense monitoring involves extra expenses. You can find more information about it in the following link [https://aws.amazon.com/aws-cost-management/pricing/

Expense monitoring provides a separate monitoring interval to avoid extra charges.

Both the overall cost and the independent cost per region can be monitored.

4.1.3.2 Discovery Cloud AWS.EC2 Summary

The Discovery task can be configured to collect general information on the stock status in all regions.

To enable it, the Scan and general monitoring option must be activated.

Generic CPU usage counters can be added, as well as output (disk) input operations or volume of disk and network transferred data (bytes).

4.1.3.3 Discovery Cloud AWS.EC2 Specific Instance Monitoring

Specific instances can be monitored to obtain readings of:

CPUUtilization: Average CPU usage
DiskReadBytes: Reading bytes (disk)
DiskWriteBytes: Writing bytes (disk)
DiskReadOps: Read operations (disk)
DiskWriteOps: Writing operations (disk)
NetworkPacketsIn: Input packets (network)
NetworkPacketsOut: Output packets (network)

The agents that represent the specific instances will have as their parent the agent that represents the region in which they are hosted.

It must be verified that the update_parent token is configured to 1 in the Pandora FMS server configuration to keep the parent-child relationships updated.

Navigation must be carried out through the browser by selecting the instances that need to be monitored:

4.1.3.4 Discovery Cloud AWS.EC2 Extras

In this last screen you can indicate whether you want to monitor the volumes used by the reserved instances.

Two extra modules will appear in the region agents:

Total reserved volume (GB)
Total registered volumes (number)

You can also choose to activate the Elastic IP addresses token. The number of elastic IPs registered in the AWS.EC2 account will be reported.

Once the wizard is completed, the progress of the execution in Discovery Task list can be seen:

4.1.4 Discovery Cloud. AWS.RDS

AWS RDS allows you to monitor relational databases provided by Amazon Web Services.

The RDS service provides a database server and allows creating the instance related to said database. In addition, RDS offers the possibility to connect to its instances through clients such as SSMS, MySQL workbench or through JDBC or ODBC DB APIs.

Through Pandora FMS, different RDS rooms can be monitored by filling in the parameters included in the menu shown at the top.

4.1.5 Discovery Cloud. Overview

Discovery Cloud includes an overview where the key points of the infrastructure in Amazon Web Services can be reviewed. Pandora FMS allows displaying different maps based on existing accounts.

In the AWS view, the account from which you wish to display the information can be selected:

It includes:

Current expenses
Previous expenses
Expense evolution chart (6 months)
Reserve / instance evolution chart (1 month)
Map of regions with the number of instances per region.

4.2 Discovery Cloud: Microsoft Azure

To monitor an infrastructure in Microsoft Azure, follow these instructions step by step.

4.2.1 How to register a user to use the Azure API

Go to https://portal.azure.com/#home
Open the "Azure Active Directory" service

Go to 'App registrations'> 'New registration'

Enter the data.

Write down the data "client_id" and "directory".

Next, access 'certificates & secrets' and create a new one:

Write down the key that is shown, it is the application_secret.

4.2.2 Assigning permissions

Assign a role to the account that will operate (app). To that effect, access "home" and get into the subscription.

Within the subscription, select "Access control (IAM)".

Add a new role assignment and once there, select the "reader" role for the created app.

It is important to save the changes by pressing "save".

From that moment onwards, you can connect to the service and make requests through pandora-cm-api.

4.2.2.1 Examples

The status of Azure can be checked from Pandora FMS as follows:

Preload the environment.
Run . load_env.sh
pandora-cm-api --product Azure --get availability

If the environment is operational, the system should return a response of 1.

An example of the contents of the load_env.sh script would be the following:

Azure

export CLIENT_ID=XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX

export DOMAIN=XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX

export APPLICATION_SECRET="XXXXXXXXXXXXXXXXXXXXXXXXX"

export AZURE_SUBSCRIPTION_ID=XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX

4.2.3 Configure a task in Pandora FMS

Pandora FMS allows managing several Microfost Azure accounts.

You can add as many accounts as needed through the "Manage Accounts" option next to the Account drop-down.

This will allow access to the "Credential store" section of Profiles> Manage agent groups and it will act as the store of all previously created Microsoft Azure accounts to be registered.

To configure a new task, follow these steps:

Add a new password to the "credential store".

Access 'Discovery> Cloud> Azure' and validate the Azure account.

From this point onwards, just follow the described steps.

5 Discovery Console Tasks

Virtually identical to what was previously seen in Task List, Console Task will allow creating new tasks taking into account the following parameters:

Task: The task that will be executed among the following:
- Backup Pandora FMS database.
- Execute custom script.
- Save custom report to disk.
- Save custom XML report to disk.
- Send custom report (from template) by email.
- Send custom report by email.

Scheduled: It is used to specify how often the task will be executed.
Next execution: It shows the date of the next execution, being able to modify it if necessary.
Group: Group to which the task belongs.
Parameters: They are the specific parameters of each task.

5.1 Parameters of different tasks

Backup Pandora FMS database

Description: Backup description.
Save to disk in path: path in which the backup will be stored.

Execute custom script

Custom script: The script to be executed will be indicated.

“Save custom report to disk” and “Save custom XML report to disk”

Report pending to be created: The report to be created.
Save to disk in path: Path where the created report will be stored.

Send custom report (from template) by email

Template pending to be created: Custom template to be created.
Agents: Agents from which the information that will be reflected in the report will be obtained.
Report per agent: If you wish to generate separate reports for each report.
Report name: Name that you want to give the report.
Send to email addresses: Email addresses the report is going to be sent to.
Subject: Topic of the mail to be sent.
Message: Body of the message which will be sent together with the reports.

Send custom report by email

Report pending to be created: Report to be generated.
Send to email addresses: Email addresses the report is going to be sent to.
Subject: Topic of the mail to be sent.
Message: Body of the message with which the reports will be sent.
Report Type: Type of report that will be sent.

6 Discovery Host&Devices

The Discovery Host & Devices section offers a multitude of options to help manage and discover devices within as many environments as needed.

Therefore, it features the following tools:

Net Scan.
Import CSV.
Custom NetScan.
Manage NetScan scripts.

6.1 NetScan

With the NetScan tool, you can discover devices in a network and apply different monitoring rules.

First, define the name of the task, the Discovery server that will run it, the network to be scanned, the group to which the discovered agents will be assigned and the scan interval.

The intervals selected as manuals must be manually launched. Discovery will not launch a manual task automatically.

In the characteristics section, you can indicate the following options:

Apply a module template.

Apply automatic configuration rules to the detected agents. For more information go to the following [3]

Automatic configuration allows you to apply policies, group changes and settings, as well as launch custom events or execute scripts on actions.

Agents detected by NetScan are remote agents without a configuration file. You cannot apply local monitoring policies or add configuration changes in block if you do not deploy an agent to the targets.

Improve detection by scanning SNMP information available on discovered targets:
- To improve the information obtained from discovered devices, enable SNMP.
- A comma-separated list of communities to be tested on the discovered targets will be requested.
- Found devices that support SNMP will report detailed information on the use of their interfaces as well as a series of useful modules by default.
- SNMP is supported in versions 1, 2c and 3.

WMI scanning can be enabled. Simply add the credentials to be tested in auth. strings separated by commas, for example:

Administrator%P4ssw0rd,Administrator%S3cr3t

The different credentials provided against the detected objectives that support WMI will be tested, complementing monitoring with modules that will inform about CPU, memory and disk usage.

Detect the target's operating system.

Solve the name of the target.

Parent detection: Through the information collected through SNMP, the different interconnections between devices will be calculated, in order to represent their network infrastructure.

Parent recursion: Improves parent detection by adding recursion to the process.

VLAN detection: Detects VLANs to which the different devices are connected.

Once the wizard is completed, Discovery will start executing it in each defined interval, if the interval is manual, the task should be started manually:

6.2 Automatic agent deployment

Please confirm winexe command is installed and working in your server before using this feature. This utility is provided by Pandora FMS Enterprise server installer. You must install zlib.i686 and glibc.i686 to get winexe working.

In Windows environments it is recommended to install as an administrator user. Before starting the service it will be necessary to define an administrator account for its use.

From Pandora FMS version 737 onwards, it is possible to deploy agents from the console itself using the deployment center.

The steps to deploy agents from the console are:

Register the versions of the software agents to be deployed in the agent repository.

The installers of the agents to be deployed throughout the infrastructure are needed. You may use custom agents.

For more information about the use of the agent repository, visit this link

Register the credentials to be used to connect the targets in the credential manager.

Specify the credentials with which the accesses to found or specified targets will be tested.

For more information about the use of the Credential Store, visit this link

Check that your environment is ready for deployment.

When visiting the deployment center for the first time, the following notices will be shown:

This message points out that objectives for deployment have not been defined yet.

These messages indicate:

The first message indicates that the public_url public access URL must be configured so that the targets can get connected to the console and be configured.

This system does not perform PUSH operations. All deployments are sent by offering the software and ordering the target to install it.

The second one indicates that no installers have been added to the agent repository. Register installers to deploy the software.

6.2.1 Target Search

Search or point out the targets in the deployment center.

Use any of the methods described below to register new targets.

You may use any of the following options to define targets:

6.2.1.1 Scan one or more networks in pursuit of targets.

By pressing the scan targets button, a pop-up with the following fields will be displayed:

Firstly indicate:

The network or networks (separated by commas) to scan.
The Discovery server that will perform the scan.
The credentials used to try to connect to the discovered targets.
The software agent version registered as "desired" for the discovered targets.
The IP of the target server where these software agents will point when they are installed (corresponds to the "server_ip" field in the agent configuration file).

When pressing 'Scan', you will receive a confirmation, with a link that you can follow to check the progress of this task.

A new entry will appear in the task list:

Discovery tasks related to agent deployment are volatile tasks. Once completed, they will be automatically deleted. Information about scan or deployment, both successful and failing, can be consulted from the deployment center itself.

As possible targets are found, they will appear in the deployment center:

The discovered targets added to this list are all found devices whose operating system matches Windows or Linux / Unix based systems, regardless of whether valid credentials were found or not

6.2.1.2 Define a target manually.

You may manually register the target by defining:

IP.
OS. This version only allows Windows and those operating systems based on Linux / Unix (compatible with the tar.gz agent installer).
Architecture.
Credentials used to try to connect to the target.
The agent version you wish to deploy.
The IP address of the server where that agent will point once installed (corresponds to the field server_ip of the software agent configuration).

6.2.1.3 Upload a CSV file with target information.

If you wish to mass register targets, upload a CSV file with the following format:

IP; OS; Architecture; Target agent version; Credential identifier; Target server ip

The system will create the objectives based on what is defined in the CSV.

6.2.2 Deploy the software

You may only schedule deployment against targets whose information is complete, specifying both credentials and software versions to deploy

When you have possible targets on the list, launch agent deployment:

Select the IPs of the objectives from the list (only valid objectives will appear) and press deploy.

A Discovery task for background deployment will automatically be created, which will install the agent on the desired targets.

You can confirm that the agent has been successfully installed from the list of objectives of the deployment center:

The name of the target also becomes a link to the corresponding Pandora FMS agent.

Failure example: The user not only entered the IP of the target, but also its netmask (THE IP IS ENOUGH).

When the system tries to deploy the software, it will notice that the IP format is not correct and will warn the user:

6.3 Import a list of your devices in CSV

A list of devices can be imported to represent them as agents using the agent import wizard through CSV.

Select the separator used, the server on which you wish to import and the file that contains the data, then click on "next".

6.4 Custom NetScan

Allows the execution of custom scripts for the execution of network recognition tasks.

Create a recognition task specifying:

Task name: Name of the recognition task.
Comment: Allows adding comments.
Discovery server: Server that will execute the task.
Group: Group it belongs to.
Interval: Execution interval.

Once the process of creating the task is complete, specify the script that you wish to run, as well as the configuration file necessary for its execution.

6.5 Net scan scripts

This section will show the different scripts that have been created for custom recognition tasks. A view is displayed in which the name and description of the task are defined.

Pandora FMS allows adding additional scripts to make monitoring and recognition of required networks easier.

The parameters that can be defined are the following:

Name: Script name.
Script fullpath: Path where the script is located.
Description: Script description. You can define descriptions of the different fields, as well as default values for them.
Hide value: In case you wish to hide the value of a field.
Help: Help fields.

Creating scripts allows adding macros with which to define all the parameters needed for the correct execution of the script.

Pandora: Documentation en: Discovery

Contents