Pandora: Documentation en: Discovery

From Pandora FMS Wiki
Revision as of 15:39, 6 March 2019 by Irene (talk | contribs) (Discovery Applications)
Jump to: navigation, search

Volver a Indice de Documentacion Pandora FMS

Template wip.png

We are working on the translation of the Pandora FMS documentation. Sorry for any inconvenience.


1 What is Pandora FMS Discovery?

Template warning.png

Available for versions of Pandora FMS 732 or higher.


Discovery provides a set of tools to simplify monitoring through wizards.

The following tools are included:

Discovery Host&Devices
Includes the necessary tools to discover or import devices and equipment into your network.
Discovery Applications
Allows you to monitor a VMware environment from a new management console.
Discovery Cloud
Through this utility you can monitor an infrastructure hosted in Amazon Web Services (AWS.EC2).
Console Tasks
Allows you to automate console tasks within the Discovery system, from programming reports, making backups or executing customized scripts from Pandora FMS Console.


2 Discovery Host&Devices

Inside Host&Devices it's possible to:

  • Import devices using a CSV file.
  • Discover devices in a network using NetScan.


2.1 Import a list of your devices in CSV

You can import a list of devices to represent them as agents using the agent import wizard via CSV.


Select the separator used, the server into which you want to import and the file containing the data, then click on next.


2.2 NetScan

With the NetScan tool you can discover devices in a network and apply different monitoring rules to them.

First, you must define the name of the task, the Discovery server that will execute it, the network to be scanned, the group to which the discovered agents will be assigned and the scanning interval.



The intervals selected as manual must be triggered manually. Discovery will not launch a manual task automatically.


In the characteristics section, you can specify the following options:


  • Apply a module template.
  • Apply the automatic configuration rules to the detected agents. For more information go to the following [1]


Automatic configuration allows you to apply policies, group and configuration changes, as well as launch custom events or execute scritps on actions.



The agents detected by NetScan are remote agents without a configuration file. You won't be able to apply local monitoring policies or add configuration changes in block if you don't deploy an agent in the targets.


  • Improve detection by scanning available SNMP information on discovered targets:
    • To improve the information obtained from discovered devices, SNMP must be enabled.
    • A comma-separated list of communities to test in the discovered targets will be requested.
    • Devices found to support SNMP will report detailed information on the use of their interfaces as well as a series of useful default modules.
    • SNMP is supported in versions 1,2c and 3.
  • The WMI scanning can be enabled. Simply add credentials to be tried in auth. strings separated by commas, for example:


The different credentials provided will be tested against the detected targets that support WMI, complementing the monitoring with modules that will report on the use of CPU, memory and disk.


  • Detect the operating system of the objetive.
  • Resolve the objective's name.
  • Parent detection: Through the information collected through SNMP, the different interconnections between devices will be calculated in order to represent their network infrastructure.
  • Parent recursion: Improves parent detection adding recursion to the process.
  • VLAN detection: Detects the VLANs to which the different devices are connected.

Once the wizard is complete, Discovery will start running it at each defined interval, if the interval is manual you must manually start the task:


3 Discovery Applications

Now it's possible to monitor applications remotely using Discovery Applications.


3.1 Discovery Applications: VMware

From Pandora FMS version 7.0-732 VMware infrastructures can be monitored using Discovery Applications.


It must be specified:

  • A name to identify the task.
  • A Discovery server to run it.
  • A group to which the agents generated by the VMware task will be associated.


It must be taken into account that if Pandora FMS server has the token autocreate_group active, priority will be given to the group corresponding to the ID indicated, instead of applying the configuration of the wizard.


The necessary data to monitor VMware are:

  • V-Center IP
  • The datacenter's name (it can be seen through the admin screen of the VMware installation).
  • User with enough permissions.
  • User password.
  • Monitoring interval.

Password encryption can be enabled by pressing the button encrypt passwords. Only applies to the current wizard.

On the next page you can specify the details of VMware monitoring:


  • Max threads: The number of threads used by the VMware monitoring script is chosen to speed up data collection.
  • Retry send: The information of the detected agents is sent by XML to the DataServer. This option must be activated to retry the shipments in case of error.
  • Event mode: Only for VCenter. Event based monitoring of the VMware VCenter is enabled. This working mode is exclusive and independent of the standard monitoring.
  • Virtual network monitoring: Enables the monitoring of the virtual network devices defined in VMware.
  • Extra settings: Any advanced settings needed to customize VMware monitoring must be included here in text mode. For more info, visit this [2].

4 Discovery Cloud

Se puede monitorizar una infraestructura en Cloud gracias a Discovery Cloud.


4.1 Discovery Cloud: AWS

Para monitorizar una infraestructura en Amazon Web Services se deberán seguir paso a paso las diferentes páginas del asistente.

4.1.1 AWS. Validación de credenciales

Se debe de crear una cuenta de consulta en Amazon WS con los siguientes permisos:


  • Billing (read)
  • CloudWatch (list,read)
  • Cost Explorer Service (Full access)
  • EC2 (full read, limited: list)

Resumen de la política en JSON:

   "Version": "2012-10-17",
   "Statement": [
           "Sid": "VisualEditor0",
           "Effect": "Allow",
           "Action": [
           "Resource": "*"

Se debe de asignar la política a un usuario nuevo.


De vuelta en Pandora FMS, se debe introducir las credenciales de Amazon Web Services.



Si no se dispone de pandora-cm-api en la instalación, se puede obtener del siguiente enlace: [3]


4.1.2 Discovery Cloud. AWS

Una vez validadas las credenciales, se accederá al menú de Discovery Cloud => Amazon Web Services



Solo se puede tener activa una tarea de reconocimiento por tecnología Cloud. La cuenta será la misma para todas las tecnologías monitorizadas dentro del proveedor.


4.1.3 Discovery Cloud. AWS.EC2

Dentro de la monitorización de EC2 se puede encontrar:

  • Monitorización de costes.
  • Resumen de recursos registrados en AWS.EC2.
  • Monitorización de instancias específicas.
  • Monitorización de volúmenes y direcciones IP elásticas.

Para iniciar el proceso de monitorización se solicitan una serie de datos básicos:


Se necesitará un nombre para la tarea, indicar el servidor Discovery desde donde se ejecutará y el intervalo de la monitorización. Discovery Cloud AWS.EC2 Costes

Al pulsar siguiente, se pasará a configurar la monitorización de costes de AWS:

Template warning.png

La monitorización de costes de Amazon Web Services supone costes extra. En el sigueiente enlace se puede obtener más información al respecto [


La monitorización de costes proporciona un intervalo independiente de monitorización para evitar cargos extra.


Se puede monitorizar tanto el coste global como los costes independientes por región. Discovery Cloud AWS.EC2 Resumen

Se puede configurar la tarea Discovery para recolectar información general del estado de reservas en todas las regiones.

Para habilitarlo, se debe de activar la opción de Scan and general monitoring.


Se puede agregar contadores genéricos de uso de CPU, operaciones de entrada salida (disco), volumen de datos transferidos (bytes) de disco y de red. Discovery Cloud AWS.EC2 Monitorización de instancias específicas

Se puede monitorizar instancias específicas para obtener lecturas de:

  • CPUUtilization: Uso promedio de CPU
  • DiskReadBytes: Bytes de lectura (disco)
  • DiskWriteBytes: Bytes de escritura (disco)
  • DiskReadOps: Operaciones de lectura (disco)
  • DiskWriteOps: Operaciones de escritura (disco)
  • NetworkPacketsIn: Paquetes de entrada (red)
  • NetworkPacketsOut: Paquetes de salida (red)

Los agentes que representan las instancias específicas tendrán como padre el agente que representa la región en la que se alojan.

Se debe verificar que se tiene configurado el token update_parent a 1 en la configuración del servidor de Pandora FMS para mantener las relaciones padre-hijo actualizadas.

Se debe navegar por el explorador seleccionando las instancias que se necesite monitorizar:

Cloud6.png Discovery Cloud AWS.EC2 Extras

En esta última pantalla se puede indicar si se desea monitorizar los volúmenes que utilizan las instancias reservadas.

Aparecerán dos módulos extra en los agentes de región:

  • Total de volumen reservado (GB)
  • Total de volúmenes registrados (número)

También se pueden elegir activar el token Elastic IP addresses. Se informará del número de IP elásticas registradas en la cuenta AWS.EC2.


Una vez completado el asistente, se podrá ver el progreso de la ejecución en Discovery Task list:


4.1.4 Discovery Cloud. Vista general

Discovery Cloud incluye una vista general donde revisar los puntos claves de la infraestructura en Amazon Web Services.


  • Coste actual
  • Coste en el periodo previo
  • Gráfica de evolución de costes (6 meses)
  • Gráfica de evolución de reservas/instancias (1 mes)
  • Mapa de regiones con el número de instancias por región.