Difference between revisions of "Pandora: Documentation en: Policy"

From Pandora FMS Wiki
Jump to: navigation, search
(Gestión centralizada de colecciones)
(Policy management from the Metaconsole)
 
(40 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
[[Pandora:Documentation_en|Go back to Pandora FMS documentation index]]
 
[[Pandora:Documentation_en|Go back to Pandora FMS documentation index]]
 +
 +
{{WIP}}
  
 
= Policies =
 
= Policies =
Line 5: Line 7:
 
== Introduction ==
 
== Introduction ==
  
Pandora FMS is able to manage thousands of devices, containing thousands of modules and alerts. We've developed the policy functionality with the purpose of rendering the administrators work a lot easier as the systems which are the target of the monitoring could be composed of a very high number of components.
+
The policy system is conceived to make large monitoring environment management easier. It allows to propagate modules, alerts, external alerts, plugins, remote inventories and collections to the agents in a centralized and homogeneous way, by modifying its configuration files through the remote edition feature called [[Pandora:Documentation_en:Operations#Agent_Configuration | '''Agent Configuration''']].
  
The policy appliance allows you to propagate modules, alerts, external alerts and collections to the agents in a centralized and homogeneous way by modifying its configuration files by the remote edition feature called [[Pandora:Documentation_en:Operations#Agent_Configuration | '''Agent Configuration''']].
+
Policy available operations are the following:
  
The available operations pertaining to policies in general are the following:
+
* Create/delete/duplicate a policy
 +
* Add/delete one or several existing policy agents
 +
* Create/edit/delete a module
 +
* Create/edit/delete an alert
 +
* Create/edit/delete an external alert
 +
* Create/delete an already existing collection
 +
* Create/delete an already existing inventory module
 +
* Link the policy to one or several adopted modules
 +
* Apply policy changes
  
* To create, delete and duplicate one policy
+
For policy changes to become effective, '''apply the policy''' to the corresponding section (queue).
* To add and delete one or several existing agents
 
* To create, edit and delete one module
 
* To create, edit and delete one alert
 
* To create, edit and delete an external alert
 
* To add and delete an already existing collection
 
* To add and delete an already existing inventory module
 
* To link the policy to one or several adopted modules
 
  
The operations conducted within a policy are '''not''' going to be effective until the policy is applied.
+
Policy management can be performed by clicking on ''Configuration'' > ''Manage Policies'' on the left side of the Pandora FMS web console as shown below.
 
 
The application of the different policies is managed by one queue, in which they could be introduced in order to apply to an agent or to all of the policy. It's also possible to introduce the application of one policy from the database, if the changes don't affect the remote configuration.
 
 
 
You may invoke the policy management by clicking on 'Administration' and 'Manage Policies' on the left side of the Pandora FMS web console as shown below.
 
  
 +
<br>
 
<center>
 
<center>
[[image:politicas.jpg]]  
+
[[image:pt11.png]]  
 
</center>
 
</center>
 +
<br>
  
 
== Adding a Policy ==
 
== Adding a Policy ==
  
If you click on the 'Administration' and 'Manage Policies' menus, all available policies are going to be shown.
+
Click on ''Configuration'' > ''Manage Policies'' and all available policies will be shown.
  
 +
<br>
 
<center>
 
<center>
[[image:politicas1.jpg|800px]]  
+
[[image:pt12.png|799px]]  
 
</center>
 
</center>
 +
<br>
  
Please click on the 'Create' button to create a new policy. You have a policy creation screen here, in which we're required to insert the name, the group to which it's going to belong to, and an optional description.
+
To create a new policy, click on 'Create' to create a new policy. Then the policy creation form will be displayed, where you must enter the name, the group it belongs to, and an optional description.
  
 +
<br>
 
<center>
 
<center>
[[image:policia.jpg|800px]]  
+
[[image:pt13.png|800px]]  
 
</center>
 
</center>
 +
<br>
  
 
== Deleting a Policy ==
 
== Deleting a Policy ==
  
If you intend to delete any policy, please make sure that it doesn't have any agent associated to it.
+
If you intend to delete any policy, make sure it does not have any agents associated.
  
If one policy contains agents, the delete button is disabled and a button to delete all its agents is shown next to it. This button is going to introduce the deletion process into the queue. Once it has been processed, the policy deletion button is going to be in an active state again.
+
If a policy contains agents, the delete button is disabled and a button to delete all its agents is shown. This button will add the delete process to the queue. Once it has been processed, the policy delete button will be enabled again.
  
 
<center>
 
<center>
Line 56: Line 61:
 
== Duplicating a Policy ==
 
== Duplicating a Policy ==
  
There is also a button to duplicate a policy. It's located in the middle of the policy operation buttons.
+
There is also a button to duplicate a policy.
  
 +
<br>
 +
<br>
 
<center>
 
<center>
[[image:duplicar_politica.jpg|800px]]  
+
[[image:pt15.png|799px]]  
 
</center>
 
</center>
 +
<br>
 +
<br>
  
The copy of the policy which will be created here is going to be shown as 'not applied', regardless of the original policy's state.
+
The created policy copy will appear as "not applied", regardless of the original policy's state.
  
 
== Configuring a Policy ==
 
== Configuring a Policy ==
  
In order to configure the policy, please click on the policy's name under 'Administration' and 'Manage Policies' or access it directly by hovering the mouse over it and clicking on the policy you intend to configure.
+
In order to configure the policy, use the policy name under ''Configuration'' > ''Manage Policies''. Once inside, access the different setup sections through the upper right menu. You may also edit elements directly by clicking on the direct accesses provided when hovering the mouse over the policy you intend to configure.
  
 
<center>
 
<center>
Line 72: Line 81:
 
</center>
 
</center>
  
The policy configuration contains options for the following elements:
+
Policy configuration contains the following tabs in addition to the setup:
  
 
* Agents
 
* Agents
 
* Modules
 
* Modules
* Inventory Modules
+
* Inventory modules
 
* Alerts
 
* Alerts
* External Alerts
+
* External alerts
 
* Collections
 
* Collections
 
* Linking
 
* Linking
 
* Queue
 
* Queue
* Agent Plug Ins
+
* Agent plugins
 +
* Agent wizards
  
The different executable actions aren't going to be applied until the policy is applied. If you're adding an agent to the policy, you're e.g. able to create several modules and alerts, but they're not going to come into effect until you're applying the policy.
+
The different executable actions are not applied until the policy is applied. For instance, if you add an agent to the policy, you may create several modules and alerts, but they do not go into effect until the policy is applied.
  
If we e.g. have one policy applied and we're modifying or deleting elements, the changes aren't going to come into effect until its next execution.
+
Likewise, if you have a policy applied and you modify or delete elements, the changes do not take effect until it is applied again.
  
All changes are displayed shown within the 'Queue' window. You're able to introduce the policy into the process queue there, in which it's going to wait for its turn to be applied.
+
All changes are displayed within the ''Queue'' window, where changes may be applied.
  
  
=== Policy Queues Management ===
+
=== Policy queue management ===
  
 
<br>
 
<br>
Line 101: Line 111:
 
<br>
 
<br>
  
The policy operations queue contains a summary of the elements which have been changed since their last application:
+
The policy operations queue contains a summary of the elements changed since their last application:
  
This list contains the elements which are required to be updated and the ones pending to delete:
+
This list contains the elements yet to be updated and the ones yet to be deleted:
  
* Pending to update
+
* Pending to be updated
 
** Agents
 
** Agents
** Adopted modules pending to link
+
** Groups
** Adopted modules pending to unlink
+
** Adopted modules pending to be linked
* Pending to delete
+
** Adopted modules pending to be unlinked
 +
* Pending to be deleted
 
** Agents
 
** Agents
 +
** Groups
 
** Modules
 
** Modules
** Inventory Modules
+
** Inventory modules
 
** Alerts
 
** Alerts
** External Alerts
+
** External alerts
** Collections
+
** Plugins
  
This summary is going to show you whether you should apply the policy or not. Sometimes, a button will be shown to apply them next to the icon of agents pending to apply.
+
This summary shows whether the policy should be applied or not. Sometimes, a button will be shown to apply them next to the icon of agents pending to be applied.
  
If the pending changes only affect the database, e.g. changes in alerts, this button is going to conduct the changes on this level only, so the application will be quicker.
+
If the pending changes only affect the database, e.g. changes in alerts, this button will apply the changes just at that level, so the application will be faster.
  
 
<center>
 
<center>
Line 125: Line 137:
 
</center>
 
</center>
  
If the configuration which affects the configuration files has been changed, e.g. if collections or local modules have been modified, the application is complete.
+
However, if the configuration that affects configuration files has been changed, e.g. if collections or local modules have been modified, the application is complete.
  
 
<center>
 
<center>
Line 131: Line 143:
 
</center>
 
</center>
  
Under summary, there is a button called 'Apply All', regardless of the pending modifications.
+
Under summary, there is a button called 'Apply All' at the right side, to apply everything regardless of the pending modifications.
 
 
 
 
 
<center>
 
<center>
Line 137: Line 149:
 
</center>
 
</center>
  
If we select to apply we're going to add the policy agents to the application queue. The Pandora FMS Server will be in charge of applying the pending policies to the queue. If we refresh the screen, we're able to see the application's progress. In the moment it's completed, it's going to be mentioned in the queue as completed, along with the time which passed since it has finished the process.
+
When selecting "apply", the policy agents are added to the application queue. The Pandora FMS Server will be in charge of applying the pending policies to the queue. You may see in the same screen the application's progress, and when it is finished, it will appear as complete in the queue together with the time passed since it finished.
 
   
 
   
 
<center>
 
<center>
Line 145: Line 157:
 
=== Agents and Groups===
 
=== Agents and Groups===
  
This window was designed to add or to delete agents from the policy, filtered by agents or groups.
+
This window was designed to add or to delete both agents and groups from the policy. Use the selector located at the top to select agents and groups.
  
  
Line 158: Line 170:
 
<br>
 
<br>
  
At the top part we will have the possibility to select different agents or groups using Control or Shift keys.
+
At the top there are filtering options to select the desired agents in bulk using Control or Shift keys.
  
 
<br>
 
<br>
Line 168: Line 180:
 
<br>
 
<br>
  
At the bottom part we will have a list of all agents asociated to the policy and even all of that agents that are pending to be deleted from the policy.
+
At the bottom, there is a list with all agents associated to the policy and even those that are yet to be deleted from the policy.
  
  
Line 184: Line 196:
 
*Agent Name
 
*Agent Name
 
*Remote Configuration
 
*Remote Configuration
*Status of the agent in the policy
+
*Policy agent status
 
*Number of unlinked modules in the agent
 
*Number of unlinked modules in the agent
*Button to add that agent to the policy.
+
*Button to add the agent to the policy
*Icon group in order to know if that agent was applied by a policy group.
+
*Icon group in order to find out whether that agent was applied by a policy group
*Timestamp of the last time that the policy was applied.
+
*Timestamp of the last time that the policy was applied
*Delete/Undo buttom.
+
*Delete/Undo buttom
  
Adding or deleting agents from a policy won't be performed until you have applied the queue.
+
When an agent is deleted, its name will appear crossed out and the delete button will be replaced by a button to undo the deletion and link the agent to the policy again.
 +
 
 +
<br>
 +
<br>
 +
<center>
 +
[[File:pt21.png|800px]]
 +
</center>
 +
<br>
 +
<br>
 +
Of course, adding or deleting policy agents will take effect when the policy is applied on the ''Queue'' page.
  
 
====Groups====
 
====Groups====
Line 203: Line 224:
 
<br>
 
<br>
  
Group recursion option will be available.
+
At the top there is the group recursion option. If it is checked, all child groups will be also added to the policy. The desired groups can be selected through the Control or Shift keys.
  
 
<br>
 
<br>
Line 213: Line 234:
 
<br>
 
<br>
  
At the bottom part we will have a list of all groups asociated to the policy and even all of that agents that are pending to be deleted from the policy.
+
At the bottom, there is a list containing all the groups linked to the policy, including those yet to be deleted.
  
 
<br>
 
<br>
Line 224: Line 245:
  
  
The list of groups will shown the following information:
+
The group list shows the following information:
  
 
*Group Name
 
*Group Name
*State of the group in the policy
+
*Policy group status
*Button to add that group to the policy
+
*Button to add that group to the queue in order to be applied
*Number of agent belonged to that group that have applied that policy.
+
*Number of agents belonging to that group that have that policy applied, over the total number of group agents
*Timestamp of the last time that the policy was applied.
+
*Timestamp of the last time that the policy was applied
 
*Delete/Undo button.
 
*Delete/Undo button.
  
Adding or deleting groups from a policy won't be performed until you have applied the queue.
+
When a group is deleted, its name will appear crossed out and the delete button will be replaced by a button to undo the deletion and link the group to the policy again. The agents belonging to that group will also appear crossed out.
 +
 
 +
<br>
 +
<br>
 +
<center>
 +
[[File:pt25.png|800px]]
 +
</center>
 +
<br>
 +
<br>
  
 +
Of course, adding of deleting policy groups will not take affect until this one is applied.
  
 
=== Modules ===
 
=== Modules ===
  
The modules menu allows to configure the modules which are going to be added to the policy.
+
The modules menu allows to configure the modules to be added to the policy.
  
 
<center>
 
<center>
Line 244: Line 274:
 
</center>
 
</center>
  
In order to add modules, you're required to pick the type of module in the drop-down menu, to select one module, e.g. 'data server', 'network', 'red', 'plug in', 'WMI', 'prediction' and 'web' and to click on the 'Create' button.
+
In order to add modules, choose the type of module in the drop-down menu. Select one of the available ones,(data server, network, plugin, WMI, Web) and click on the "Create" button. It is the same procedure as creating a module within an agent.
  
 +
<br>
 +
<br>
 
<center>
 
<center>
[[image:windows7.png|550px]]  
+
[[image:pt27.png|800px]]  
 
</center>
 
</center>
 +
<br>
 +
<br>
  
==== Creating a Data Server Module ====
+
==== Creating a Data Server module ====
  
The Data Server Modules are the modules which are going to be added to the software agents. In order to work with these modules, it's necessary for the agents to have the remote configuration enabled.
+
Data Server modules are modules added to software agents. In order to work with these modules, the agents must have remote configuration enabled.
  
Please select the option 'Create a new data server module' and click on the 'Create' button in order to create a new data server module.
+
Select the option "Create a new data server module" and click on the "Create" button in order to create a new data server module.
  
 
<center>
 
<center>
Line 260: Line 294:
 
</center>
 
</center>
  
Subsequently, a screen intended to configure all the module fields is going to be displayed. The field called 'Data Configuration' is the one which allows you to introduce the module's code which is going to be applied to the agents subscribed to this policy. This change will be contained in this particular agent's 'pandora_agent.conf' file.
+
Later, configure all module fields. The field called "Data Configuration" is the one that allows to enter the module's code which is applied to the agents subscribed to this policy. This change will be displayed in this particular agent's "pandora_agent.conf" file.
  
 
<center>
 
<center>
Line 266: Line 300:
 
</center>
 
</center>
  
You're able to gain access to the advanced options by clicking on the 'Advanced Options' button.
+
Go to advanced options by clicking on the "Advanced Options" button.
  
 
<center>
 
<center>
Line 272: Line 306:
 
</center>
 
</center>
  
It's possible to review the description of these particular features in the [http://wiki.pandorafms.com/index.php?title=Pandora:Documentation_en:Templates_and_components '''Templates and Components'''] section. There are two options: To fill out the fields or to have a previously defined local component ready to invoke here.
+
Check the description of these particular features in the [http://wiki.pandorafms.com/index.php?title=Pandora:Documentation_en:Templates_and_components '''Templates and Components'''] section. There are two options: filling out the fields or having previously defined a local. See [[Pandora:Documentation_en:Templates_and_components#Local_Components|Local components]]
  
 
==== Creating a Network Server Module ====
 
==== Creating a Network Server Module ====
  
The network server modules are modules which are managed by the Network Server.
+
To create a Network Server module, choose the option 'Create a new Network Server Module' and click on "Create".
 
 
Please select the option called 'Create a new Network Server Module' and click on the 'Create' button in order to create a new network server module.
 
  
 
<center>
 
<center>
Line 284: Line 316:
 
</center>
 
</center>
  
Subsequently, a window intended to configure all the module fields is going to be displayed.
+
Then configure all module fields.
  
 
<center>
 
<center>
Line 290: Line 322:
 
</center>
 
</center>
  
Please click on the 'Advanced Options' button to gain access to the advanced options.
+
Click on "Advanced Options" to access advanced options.
  
 
<center>
 
<center>
Line 296: Line 328:
 
</center>
 
</center>
  
It's possible to review the description of these particular features and options in the [http://wiki.pandorafms.com/index.php?title=Pandora:Documentation_en:Templates_and_components '''Templates and Components'''] section. Please click on 'Create' button once all fields have been filled out.
+
Check the description of these fields and screens in the [http://wiki.pandorafms.com/index.php?title=Pandora:Documentation_en:Templates_and_components '''Templates and Components'''] section.  
 +
 
 +
Click on 'Create' once all fields have been filled out.
  
Please keep in mind that the modules are quite similar most of the time. Instead of filling out the fields any time one module is added, the best option is to preliminarily define it as a component and to use it as such. In order to use a component, please fill out the combo which is located under 'Using module component' in which it's possible to choose between the different component groups.
+
Keeping in mind that modules are repeated most of the time. Instead of filling out the fields any time a module is added, the best option is to preliminarily define it as a component and to use it as such.  
 +
 
 +
To use a component, fill out the combo located under "Using module component" where it is possible to choose between the different component groups.
  
 
<center>
 
<center>
Line 304: Line 340:
 
</center>
 
</center>
  
Once the group has been selected, another combo pops up in which you're able to choose the component you intend to use.
+
Once the group has been selected, another combo pops up where to choose the desired component.
  
 
<center>
 
<center>
Line 310: Line 346:
 
</center>
 
</center>
  
In this example, we've selected the component called 'Catalyst CPU Usage' of the Cisco MIBs Group.
+
In this example, the component called "Catalyst CPU Usage" from the Cisco MIBs Group has been chosen.
  
 
<center>
 
<center>
Line 316: Line 352:
 
</center>
 
</center>
  
Once the component is selected, it's possible to modify any of the fields. Please click on the 'Create' button once all the fields have been filled out appropriately.
+
Once the component is selected, any of its fields may be modified. Click on "Create" once all fields have been filled out appropriately.
  
==== Creating a Module for the Plug-in Server ====
+
==== Creating a Plug-in Server module ====
  
The modules of the plug-in servers are the modules which are getting managed by it.
+
Plug-in server modules are created by choosing the option "Create a new Plug-In Server Module" and clicking on "Create".
 
 
In order to create a module for the complement server, please click on 'Create a new Plug-In Server Module' and click on the 'Create' button.
 
  
 +
<br>
 +
<br>
 
<center>
 
<center>
[[image:cosa1.jpg]]  
+
[[image:pt32.png|800px]]  
 
</center>
 
</center>
 +
<br>
 +
<br>
  
In this moment, a window intended to configure all the module's fields is going to appear.
+
Then configure all module fields.
  
 +
<br>
 +
<br>
 
<center>
 
<center>
[[image:cosa2.jpg|800px]]  
+
[[image:pt41.png|800px]]  
 
</center>
 
</center>
 +
<br>
 +
<br>
  
You may gain access to the advanced options by clicking on the 'Advanced Options' button as shown on the bottom left on the picture above.
+
You may access advanced options by clicking on "Advanced Options".
  
 +
<br>
 +
<br>
 
<center>
 
<center>
[[image:cosa3.jpg|800px]]  
+
[[image:pt42.png|800px]]  
 
</center>
 
</center>
 +
<br>
 +
<br>
  
You're also able to review the description of the above mentioned features and options within the [http://wiki.pandorafms.com/index.php?title=Pandora:Documentation_en:Templates_and_components '''Templates and Components'''] section again.
+
Check the description of the above mentioned features and options within the [http://wiki.pandorafms.com/index.php?title=Pandora:Documentation_en:Templates_and_components '''Templates and Components'''] section.
  
Once you have filled out all the fields appropriately, please click on the 'Create' button.
+
Once you have filled out all the fields appropriately, click on "Create".
  
Please keep in mind that the modules are quite similar most of the time. Instead of always filling out the fields any time a module is added, the best option is to preliminarily define it as a component and to use it as such. The use of components is thoroughly explained in the section called [http://wiki.pandorafms.com/index.php?title=Pandora:Documentation_en:Policy#Creating_a_Network_Server_Module '''Creating a Network Server Module.''']
+
Keep in mind that the modules are repeated most of the time. Instead of always filling out the fields any time a module is added, the best option is to preliminarily define it as a component and to use it as such. The use of components is thoroughly explained in the section called [http://wiki.pandorafms.com/index.php?title=Pandora:Documentation_en:Templates_and_components '''templates and components.''']
  
{{warning|Use macros to configure dynamic parameters, like the IP address of an agent.}}
+
{{warning|Use macros to configure dynamic parameters, like the IP address of an agent. To see the list of available macros, click on the help(?) button on ''Plugin(?)''}}
  
 +
<br>
 +
<br>
 
<center>
 
<center>
[[image:Policy plugin macro.png|800px]]  
+
[[image:Pt1.png|803px]]  
 
</center>
 
</center>
 +
<br>
 +
<br>
  
==== Creating a Module for the WMI Server ====
+
==== Creating a WMI Server module ====
  
The modules of the WMI Server are the ones which are getting managed by it.
+
To create a WMI Server module, click on "Create a new  WMI Server Module" and click on "Create".
 
 
In order to create a module of the Network Server, please click on 'Create a new  WMI Server Module' and click on the 'Create' button as shown below.
 
  
 +
<br>
 +
<br>
 
<center>
 
<center>
[[image:cosa4.jpg]]  
+
[[image:pt34.png]]  
 
</center>
 
</center>
 +
<br>
 +
<br>
 +
Then define all module fields.
  
In this moment, a window intended configure all the module's fields is going to appear.
+
<br>
 
+
<br>
 
<center>
 
<center>
[[image:cosa5.jpg|800px]]  
+
[[image:pt43.png|800px]]  
 
</center>
 
</center>
 +
<br>
 +
<br>
 +
By clicking on "Advanced Options", access advanced options.
  
You may gain access to the advanced options by clicking on the 'Advanced Options' button as shown on the bottom left on the picture above.
+
<br>
 
+
<br>
 
<center>
 
<center>
[[image:cosa6.jpg|800px]]  
+
[[image:pt44.png|800px]]  
 
</center>
 
</center>
 +
<br>
 +
<br>
  
It's also possible to review the description of these features and options in the [http://wiki.pandorafms.com/index.php?title=Pandora:Documentation_en:Templates_and_components '''Templates and Components'''] section.
+
Check the description of the fields of these screens in the [http://wiki.pandorafms.com/index.php?title=Pandora:Documentation_en:Templates_and_components '''Templates and Components'''] section.
  
Once all the fields have been filled out appropriately, please click on the 'Create' button.
+
Once all the fields have been filled out appropriately, click on "Create".
  
Please keep in mind that the modules are quite similar most of the time. Instead of always filling out the fields any time a module is added, the best option is to preliminarily define it as a component and to use it as such.
+
Keeping in mind that the modules are repeated most of the time. Instead of always filling out the fields any time a module is added, the best option is to preliminarily define it as a component and to use it as such. Component use is further explained in the section named "create a network module". For more information, check [[Pandora:Documentation_en:Remote_Monitoring| Windows remote monitoring through WMI]].
  
==== Creating a Module for the Prediction Server ====
 
  
The modules of the prediction server are the ones which are getting managed by it.
+
==== Creating a Web Server module ====
  
In order to create a module for the prediction server, please select the option called 'Create a new Prediction Server Module' and click on the 'Create' button.
+
To create a Web Server module, select the option called "Create a new Web Server module" and click on the "Create" button.
  
 +
<br>
 +
<br>
 
<center>
 
<center>
[[image:cosa7.jpg]]  
+
[[image:pt35.png]]
 
</center>
 
</center>
 +
<br>
 +
<br>
  
Subsequently, a window intended to configure all the module's fields is going to appear.
+
Then configure all the module's fields.
  
 +
<br>
 +
<br>
 
<center>
 
<center>
[[image:cosa8.jpg|550px]]  
+
[[image:pt45.png|800px]]
 
</center>
 
</center>
 +
<br>
 +
<br>
  
You may gain access to the advanced options by clicking on the 'Advanced Options' button.
+
Access advanced options by clicking on "Advanced Options".
  
 +
<br>
 +
<br>
 
<center>
 
<center>
[[image:cosa9.jpg|800px]]
+
[[image:pt46.png|800px]]
</center>
 
 
 
Please feel free to review these features and options in the [http://wiki.pandorafms.com/index.php?title=Pandora:Documentation_en:Templates_and_components '''Templates and Components'''] section.
 
 
 
Once all the fields have been filled out appropriately, please click on the 'Create' button.
 
 
 
 
 
{{Warning|In this particular context, the modules of the prediction server are '''not''' considered components.}}
 
 
 
==== Creating a Module for the Web Server ====
 
 
 
The modules of the web server are the modules which are getting managed by it.
 
 
 
In order to create a module for the web server, please select the option called 'Create a new Web Server Module' and click on the 'Create' button.
 
 
 
<center>
 
[[image:monstruo1.jpg]]
 
</center>
 
 
 
Subsequently it's going to display a window intended to configure all the module's fields.
 
 
 
<center>
 
[[image:monstruo2.jpg|800px]]
 
</center>
 
 
 
You may gain access to the advanced options by clicking on the 'Advanced Options' button.
 
 
 
<center>
 
[[image:monstruo3.jpg|800px]]
 
 
</center>
 
</center>
 +
<br>
 +
<br>
  
Please feel free to review these features and options in the [http://wiki.pandorafms.com/index.php?title=Pandora:Documentation_en:Templates_and_components '''Templates and Components'''] section.
+
Check the description of the fields in the [http://wiki.pandorafms.com/index.php?title=Pandora:Documentation_en:Templates_and_components '''Templates and Components'''] section.
  
Once all the fields have been filled out appropriately, please click on the 'Create' button.
+
Once all the fields have been filled out appropriately, click on "Create".
  
 +
In the particular case of Web modules, there are no components.
  
{{Warning|In this particular context, the modules of the web server are '''not''' considered components.}}
+
For more information about Web module creation check [[Pandora:Documentation_en:User_Monitorization|Web monitoring]].
  
==== Modifying a previously created Module ====
+
==== Modifying a previously created module ====
  
It's possible to modify all modules created in a preliminarily generated policy.
+
It is possible to modify all modules assigned to a policy.
  
 
<center>
 
<center>
Line 446: Line 487:
 
</center>
 
</center>
  
In order to do so, please click on the module's name so the module configuration options are shown.
+
In order to do so, click on the module's name so the module configuration options are shown.
  
Once they have been modified appropriately, please click on the 'Update' button.
+
Once they have been modified appropriately, click on "Update".
  
 +
<br>
 +
<br>
 
<center>
 
<center>
[[image:rama2.jpg|800px]]
+
[[image:pt47.png|800px]]
 
</center>
 
</center>
 +
<br>
 +
<br>
  
{{Tip|If the policy module is renamed, the name is going to be renamed like any other field in the moment the policy is applied.}}
+
{{Tip|If the policy module is renamed, the name will be updated like any other field when the policy is applied.}}
  
  
{{Warning|If a module with the new name already exists in one of the agents in the moment the policy module is renamed, this module is going to be adopted while the old module's name is deleted.}}
+
{{Warning|If a policy module is renamed but a module with the new name already exists in one of the agents, this module will be adopted while the module with the old name is deleted.}}
  
 
==== Deleting an already created Module ====
 
==== Deleting an already created Module ====
  
In order to delete the module from the policy and remove it from the agents that have it installed, please click on the x-shaped button on the right of the module's name. Once you've done that, the module is still going to be shown but crossed out. Subsequently, the 'Delete' button will be replaced by the 'Undo' button.
+
In order to delete the module from the policy and remove it from agent configuration, click on the trash button to the right of the module's name. Once done, the module will still appear but crossed out. The "Delete" button will have been replaced by the "Undo" button.
  
<center>
+
If you wish to delete several modules, select the check box to the right of the trash icon and click "Delete".
[[image:rama4.jpg|800px]]
 
</center>
 
 
 
==== Using Plug Ins within the Policies ====
 
 
 
The format used is quite simple. You're only required to 'outwit' the system, declaring one module for each type of module that the plug in returns. In order to do this, you're required to foreknow how many modules the plug in would return. If you're not completely sure, you're able to choose to register the plug in once and that the modules, which are going to be created, are going to work from outside of the policy. The data will arrive, but we can't parametrize them by the policies, because they are modules which are going to arrive without being associated to the policy.
 
 
 
All the data linked to one policy has to be previously defined. The policies don't specifically contain 'non-defined' information.
 
 
 
Supposing that we're going to execute this plug in which dynamically returns the free space in bytes which all the units of the system have.
 
 
 
In this example, the plug-in exit returns several unities (C:, D: and Z:)
 
  
 +
<br>
 +
<br>
 
<center>
 
<center>
[[image:Plugin_exec_sample.png]]
+
[[image:pt48.png|800px]]
 
</center>
 
</center>
 +
<br>
 +
<br>
  
If you intend to manage them as policy modules, it's recommended to define several modules and the real call of the plug in within only one of them.
+
=== Inventory modules ===
Please leave the field called 'module_plugin' empty in any other cases.
 
  
module_begin
+
It is also possible to create inventory modules within a policy by picking one from the list of the available ones in the system, thereby picking an interval and the credentials.
module_name C:
 
module_type generic_data
 
module_plugin cscript //B "%ProgramFiles%\pandora_agent\util\df.vbs"
 
module_end
 
 
module_begin
 
module_name D:
 
module_type generic_data
 
module_plugin
 
module_end
 
 
module_begin
 
module_name Z:
 
module_type generic_data
 
module_plugin
 
module_end
 
 
 
=== Inventory Modules ===
 
 
 
It's also possible to create inventory modules within a policy by picking one from the list of the available ones in the system, thereby picking an interval and the credentials for it.
 
  
 +
<br>
 +
<br>
 
<center>
 
<center>
[[image:policy_inventory_modules.png|800px]]
+
[[image:pt49.png|800px]]
 
</center>
 
</center>
 +
<br>
 +
<br>
  
Like the rest of the policy's elements, if we remove an inventory module, it's going to be shown as crossed out. The 'Undo' button is going to be displayed instead in case you intend to undo the action.
+
Like the rest of the policy elements, if you remove an inventory module, it will appear crossed out. The "Undo" button will replace the delete one to undo the action.
  
 +
<br>
 +
<br>
 
<center>
 
<center>
 
[[image:policy_inventory_modules_undo.png|800px]]
 
[[image:policy_inventory_modules_undo.png|800px]]
 
</center>
 
</center>
 +
<br>
 +
<br>
 +
 +
For more information about adding remote inventory modules check [[Pandora:Documentation_en:Inventory#Inventory_modules|Inventory modules]].
  
 
=== Alerts ===
 
=== Alerts ===
  
The Alert menu allows you to configure the alerts which are going to be added to the policy.
+
The Alert menu allows to configure the alerts of the modules that belong to the policy.
  
 
<center>
 
<center>
Line 526: Line 552:
 
==== Adding Alerts ====
 
==== Adding Alerts ====
  
In order to add an alert, you just have to link it to one of the predefined templates or to one module which belongs to the policy and to click on the 'Add' button.
+
In order to add an alert, link it to one of the predefined templates or to a module that belongs to the policy and click on "Add".
  
 +
<br>
 +
<br>
 
<center>
 
<center>
[[image:salva2.jpg|800px]]
+
[[image:AlertasNodo2.JPG|800px]]
 
</center>
 
</center>
 +
<br>
 +
<br>
  
 
==== Modifying Alerts ====
 
==== Modifying Alerts ====
  
It's possible to add actions to alerts, to put them in a stand-by mode or to deactivate them.
+
It is possible to add actions to alerts, set them on stand-by mode or disable them.
  
If you intend to change any module or template, it's recommended to delete it and to create a new one.
+
If you intend to change any module or template, delete it and create a new one.
  
 
==== Deleting Alerts ====
 
==== Deleting Alerts ====
  
In order to delete an alert from the policy and remove it from the agents that have it installed, please click on the x-shaped button on the right of the module's name. Once you've done that, the alert is still going to be shown but crossed out. Subsequently, the 'Delete' button will be replaced by an 'Undo' button.
+
In order to delete an alert from the policy and remove it from the agents that have it installed, click on the trash button at the right of the module's name. Once done, the alert will still be visible but crossed out. Then, the "Delete" button will be replaced by an "Undo" button.
  
 
<center>
 
<center>
Line 548: Line 578:
 
=== External Alerts ===
 
=== External Alerts ===
  
The external alerts are very similar to the regular alerts. The difference is that this type allows you to link alerts to agent modules which aren't contained in the policy module's main list. It's sometimes very useful to only assign alerts to some agent modules but not to all of them.
+
External alerts allow to link alerts to agent modules not included in the policy module's main list. It is sometimes very useful to assign alerts to some agent modules but not to all of them.
  
 
==== Adding External Alerts ====
 
==== Adding External Alerts ====
  
In order to create an external alert, you're required to fill out the form shown on the picture below. The first field is intended to select the agent's modules. Only the ones which aren't contained in the policies are mentioned here. The second field is intended to select the appropriate alert template.
+
In order to create an external alert, fill out this form. The first field is intended to select the agent's modules. Only those not contained in the policy. The second field is intended to select the appropriate alert template. This feature is available both in the Metaconsole and the nodes.  
  
 +
<br>
 
<center>
 
<center>
[[image:External-alert-filled.png|800px]]
+
[[image:AlertasMeta1.JPG|800px]]
 
</center>
 
</center>
 +
<br>
  
 
==== Modifying External Alerts ====
 
==== Modifying External Alerts ====
  
Considering how easy it is to create new external alerts along with their few variables, the possibility of modifying external alerts doesn't exist. In order to modify an external alert, it's recommended to just delete it and to create a new one.
+
Considering how easy it is to create new external alerts and their few variables, the possibility of modifying external alerts does not exist. In order to modify an external alert, delete it and create a new one.
  
 
==== Deleting External Alerts ====
 
==== Deleting External Alerts ====
  
In order to delete an external alert from the policy and remove it from the agents that have it installed, please click on the x-shaped button on the right of the module's name.  
+
In order to delete an external alert from the policy and remove it from the agents that have it installed, click on the trash button on the right of the external alert.  
  
 
<center>
 
<center>
Line 570: Line 602:
 
</center>
 
</center>
  
The deletion system is the same as the one of the regular alerts. The deletion isn't going to come into effect until the policy is applied. The 'Delete' button is going to be replaced by an 'Undo' button in order to undo an e.g. accidental deletion.
+
The deletion system is the same as the one of the regular alerts. The deletion does not take effect until the policy is applied. Until that very moment, the policy will still appear but crossed out and the "Delete" button will be replaced by an "Undo" button to undo the action.
 +
 
 +
=== Agent plugins ===
 +
 
 +
The process to add policy plugins is the same as that of the agent. Check the section ''[[Pandora:Documentation_en:Operations#Plugins_in_software_agents|Plugins in software agents]]''.
  
=== Agent Plug Ins ===
 
  
Since Pandora FMS 5.0 it's possible propagate the agent's plug ins easily by the plug ins editor within the policies.
+
{{Warning|In order for the agent plugin to be applied by a policy, the plugin must exist in the path specified by the agent.}}
  
It's possible to add agent plug ins to be created in each local agent within a policy in the moment of applying it.
+
For more information about the development of these plugins go to ''[[Pandora:Documentation_es:Anexo_Agent_Plugins|Agent plugin development]]''.
  
 +
 +
<br>
 
<center>
 
<center>
[[image:Policy_plugins_editor.png|800px]]
+
[[image:pt54.png|750px]]
 
</center>
 
</center>
 +
<br>
  
=== Types of Modules ===  
+
=== Policy module states ===  
  
If a policy is applied, it's possible to review the different modules within the agent's view. If you click on 'Manage Agents' and 'Modules' menu, there are three different types of modules:
+
When a module is created based on a policy is applied, it is referenced through the policy icon. These policy modules may have several states:
 +
 
 +
* Linked
 +
* Unlinked
 +
* Adopted
 +
* Linked adopted
  
 
<center>
 
<center>
Line 590: Line 633:
 
</center>
 
</center>
  
==== Adopted Modules ====
 
  
These modules were created in the policy with the same name of an already existing module within the agent. When applying the policy, Pandora FMS is going to use the existing module's data instead of creating a new one.
+
==== Linked Modules ====
 +
 
 +
These modules are created in the policy and once the policy is applied, they are also created within the agent. These are the average modules created within policies.
  
 +
<br>
 
<center>
 
<center>
[[image:Modules1.jpg]]
+
[[image:pt58.png|800px]]
 
</center>
 
</center>
 +
<br>
  
If you delete a policy, the adopted modules aren't going to be deleted from the agents. They're only going to be defined as 'non-adopted' modules. The data column for these modules is going to look like the one shown on the picture below.
+
You may link and unlink modules from the module setup page by clicking on this button.
  
 +
<br>
 
<center>
 
<center>
[[image:Modules1_1.jpg]]
+
[[image:pt56.png|800px]]
 
</center>
 
</center>
 +
<br>
  
==== Linked Modules ====
+
==== Unlinked Modules ====
  
These modules are created in the policy. If you're applying the policy, they're also being created within the agent. These are the average modules created in the policies.
+
Unlinked modules are modules that belong to a policy but which are not affected by policy changes. They can be useful because the enable establishing ''individual exceptions'' to modules that belong to a certain policy. That way you may "customize" a specific agent module within a policy without taking it out from said policy.
  
 
<center>
 
<center>
[[image:Modules2.jpg]]
+
[[image:Modules5.jpg]]
 
</center>
 
</center>
  
You're able to link and unlink modules by clicking on 'Manage Agents' and 'Modules'. Please select the appropriate module and click the button on the picture below in order to unlink the module ...
+
{{Warning|Policy changes are only applied if the module is linked again.}}
 +
 
 +
==== Adopted Modules ====
  
<center>
+
These modules were created within the policy with the same name of an already existing module within the agent. When applying the policy, Pandora FMS uses the existing module's data instead of creating a new module and it will keep on being managed from the agent.
[[image:Modules3.jpg]]
 
</center>
 
  
... and this button to link it.
+
{{Warning|A este tipo de módulos no les afectan los cambios que se realicen en las políticas}}
  
 +
<br>
 +
<br>
 
<center>
 
<center>
[[image:Modules4.jpg]]
+
[[image:pt60.png|800px]]
 
</center>
 
</center>
 +
<br>
 +
<br>
 +
 +
{{Warning|If you delete a policy, adopted modules are not deleted from the agents, they use the local definition again.}}
  
If you delete a policy, the linked and unlinked modules are deleted from the agents.
 
  
==== Unlinked Modules ====
+
====Linked adopted modules====
  
If a module is unlinked, the future changes conducted in the policy aren't going to be applied onto them. The unlinked modules are useful, because they allow to define 'individual exceptions' to modules which belong to a certain policy. You're able to 'customize' an agent in a policy without removing it from the policy and only for a specific module in this way.
+
An adopted module can be linked to use the definition set in the policy instead of the local one. That way, when managing the module from the policy, when there is some change the module changes too.
  
 +
<br>
 +
<br>
 
<center>
 
<center>
[[image:Modules5.jpg]]
+
[[image:pt61.png|800px]]
 
</center>
 
</center>
 +
<br>
 +
<br>
  
The changes in the policies are only going to be applied if the module is linked again.
+
{{Warning|When a policy is deleted, linked adopted modules go back to using the local definition.}}
 +
 
 +
{{Warning|When an agent is deleted from a policy, linked modules are deleted and just the linked and linked adopted modules are kept (with their local definition prior to the policy.)}}
  
 
=== File Collections ===
 
=== File Collections ===
  
A file collection is not just an option to policies - it's usually utilized in them. A file collection is a group of files (e.g. scripts or executables) which are automatically copied to a specific directory of the agent (under Windows or UNIX). The file collections allow to be propagated along with the policies in order to be used by a group of agents, using a 'package' of scripts and modules which use them.
+
They are normally used to mass deploy scripts or plugins, which will be later on executed by the very policy agents.
  
First we learn how to use the file collections in the agent's view, how to conduct it manually, agent by agent, without using collections, and how to do the same thing by using policies.
+
The first point to discuss is how to use file collections in the agent's view, how to use manual mode, agent by agent, without using collections, and how to do the same thing by using policies.
  
Our first task is to arrange a compilation of files. In order to do this, please go to the agent's administrator. Subsequently, we're going to see a 'sub option' called 'Collections'. Please click on it in order to create a new collection as we can see on the picture below.
+
The first task is to arrange a life compilation. In order to do it, go to the agent's administrator. There you will see a "sub-option" called "Collections". Click on it so that you may create a new collection as seen on the picture below.
  
 
<center>
 
<center>
Line 648: Line 707:
 
</center>
 
</center>
  
Once you've created the file collection, please feel free to upload any appropriate file to it. These files can be binaries, scripts or data files. All files are moved to the same base directory. It's '''extremely''' important that each file collection has its own base directory. In the console, file collections are stored under a directory called '/pandora_console/attachment/collection', bearing a name like 'fc_XXX', where 'XXX' is the collection's numerical ID. The file collections are also able to contain subdirectories. The file collections are transferred as ZIP files to the agent.  
+
Once you have created the file collection, upload any appropriate file. These files can be binaries, scripts or data files. All files are moved to the same base directory. It is '''extremely''' important that each file collection has its own base directory. In the console, file collections are stored under a directory called '''/pandora_console/attachment/collection''', bearing a name like '''fc_XXX''', where "XXX" is the collection's numerical ID. File collections may also contain subdirectories. File collections are transferred as ZIP files to the agent through Tentacle.  
  
File collections are only supported if you use the Tentacle transference mode.
+
File collections are only supported by the Tentacle transference mode.
  
On the second picture below, you can see how the example collection we've created (fc_1383033439) has received two files:
+
On the picture below, you may see how the created example collection (fc_1383033439) has two files downloaded:
  
 
<center>
 
<center>
Line 658: Line 717:
 
</center>
 
</center>
  
If we go back to the mail collection screen, we can see both collections as a triangular icon, which indicates a problem. This happens because the collections aren't synchronized. It's recommended to synchronize them by clicking on the triangular icon shown below.
+
If we go back to the main collection screen, you can see both collections as a triangular icon, which indicates that there is a problem. This happens because collections are not synchronized. It is recommended to synchronize them by clicking on that same triangular icon.
  
 
<center>
 
<center>
Line 664: Line 723:
 
</center>
 
</center>
  
When a file collection is synchronized, a green arrow-shaped icon is displayed as shown on the picture below.
+
When a file collection is synchronized, a green arrow-shaped icon is displayed as shown on the screenshot below.
  
 
<center>
 
<center>
Line 670: Line 729:
 
</center>
 
</center>
  
Once we've synchronized the collection, it's going to be applied onto the agent - this time without using any policies. Please go to the agent's administrator mode and look for the collection's tabulator (it's a disk-shaped icon). The available collections are going to be displayed there in order to pick one of them and apply it to the agent, as you can see in the windows utilities example on the picture below.
+
Once the collection is synchronized, it will be applied onto the agent - this time without using any policies. Go to the agent administrator mode and look for the collection's tabulator (it is a disk-shaped icon). The available collections are displayed there in order to pick one of them and apply it to the agent, as you can see in the windows utilities example on the picture below.
  
 
<center>
 
<center>
Line 676: Line 735:
 
</center>
 
</center>
  
Now it has been applied. Next time the agent contacts the server, we're going to receive the file and a little modification in the '.conf' file, which is going to look like this:
+
Now it has been applied. Next time the agent contacts the server, you will obtain the file and a little modification in the '.conf' file, which will look like this:
  
 
  file_collection fc_1383033439
 
  file_collection fc_1383033439
Line 684: Line 743:
 
</center>
 
</center>
  
==== File Collections and Policies ====
+
==== File collections and policies ====
  
This works in a similar way as the single agent collections. Instead of applying a collection on a specific agent it's applied to one policy, as we can see below.
+
This works in a similar way as the single agent collections. Instead of applying a collection on a specific agent, it is applied to a policy, as seen here.
  
 
<center>
 
<center>
Line 692: Line 751:
 
</center>
 
</center>
  
It's very easy to use a module which works with a file included in the collection: Only refer to the directory which contains the collection by using its fixed ID. This is an example which uses a plug-in module:
+
It is very easy to use a module which works with a file included in the collection: only refer to the directory that contains the collection by using its fixed ID. This is an example that employs a plug-in module:
  
 
<center>
 
<center>
Line 699: Line 758:
  
  
==== Centralized management of collections ====
+
==== Collection centralized management ====
  
  
From Pandora FMS OUM729 onwards, you can centralize the management of collections from the Meta Console.
+
From Pandora FMS OUM729 onwards, you can centralize the collection management from the Metaconsole.
  
For more information, please visit this [[Pandora:Metaconsole:Documentation_en:Synchronization_and_propagation#Colecciones|link]].
+
For more information, click [[Pandora:Metaconsole:Documentation_en:Synchronization_and_propagation#Colecciones|here]].
  
==== Location of File Collections within Agents ====
+
==== Agent file collections location ====
  
Each file collection has a 'short name'. In this example, it's called 'fc_1383033439', which means the utilities, scripts or executables contained in the collection are located in '%Archivos de programa%\pandora_agent\collections\fc_1383033439'. It's important to keep in mind that the collection is sent in a compressed format to the agent, so this file collection should contain the unzip tool to be able to unpack the file. Since the agent's version 3.2, this utility is installed under '%Archivos de programa%\pandora_agent\utils'.
+
Each file collection has a "short name". In this example, it is called "fc_1383033439", which means the features, scripts or executables contained in the collection are located at "%Archivos de programa%\pandora_agent\collections\fc_1383033439". It is important to keep in mind that the collection is sent in a compressed format to the agent, so this file collection should contain the unzip tool to be able to unzip the file. Since the agent version 3.2, this feature is installed under "%Archivos de programa%\pandora_agent\utils".
  
This information is important in order to use modules which work by using these files and to be able to specify the complete 'real' path.
+
This information is important in order to use modules that work by using these files and to be able to specify the complete "real" path.
  
  
 
This is another example:
 
This is another example:
  
If the collection's short name is 'fc_18', the location will be '%ProgramFiles%\pandora_agent\collections\fc_18' in case the English language is used on this particular computer.
+
If the collection's short name is "fc_18", the location will be "%ProgramFiles%\pandora_agent\collections\fc_18" in case the English language is used on this particular computer.
  
Each file collection is stored in a different location in order to avoid the file collections to overwrite each other or to create conflicts among them.
+
Each file collection is stored in a different location in order to prevent file collections from overwriting each other or having conflicts among them.
  
Any locally modified file (on the same system on which the agent is executed) will be overwritten by the agent in the moment it establishes contact to the server. This is done in order to avoid local modifications and to ensure the collections are identical in all the systems in which they've been shown on. This mechanism utilizes the same method the remote configurations management does. It's based on MD5 hashes.
+
Collection control system is based on md5 hashes, similarly to agent configuration file management. When creating the collection in Pandora FMS console, a md5 hash is created that is later sent to the agent. This md5 will only be updated when changes in the collection next to the Pandora FMS console are made and not in the agent. Therefore, local collection changes will stay within the console while the collection is not modified in the console. If you make some change in the collection next to the console the md5 will be recalculated and if it does not match that of the agents, the last collection configuration will be applied, overwriting what was written before and deleting possible loca modifications on the collections.
  
This is an example of one plug in which uses the 'df_percent.vbs' file, contained in one collection called 'fc_1383033439' for a windows-based agent:
+
This is an example of a plugin used by the "df_percent.vbs" file, contained in a collection called "fc_1383033439" for a windows-based agent:
  
 
  module_plugin cscript //B "%ProgramFiles%\pandora_agent\collections\fc_1383033439\df_percent.vbs"
 
  module_plugin cscript //B "%ProgramFiles%\pandora_agent\collections\fc_1383033439\df_percent.vbs"
Line 727: Line 786:
 
[[Pandora:Documentation_en|Go back to Pandora FMS Documentation Index]]
 
[[Pandora:Documentation_en|Go back to Pandora FMS Documentation Index]]
 
[[Category:Pandora FMS]]
 
[[Category:Pandora FMS]]
 +
 +
==Policy search==
 +
 +
It is possible to perform policy searches from the Pandora FMS search header both in the Metaconsole and the node.
 +
 +
In the section of policy result, there is a table with the following fields:
 +
 +
* Name.
 +
* Description.
 +
* Group.
 +
* Status.
 +
 +
<center>
 +
[[file:newsearch2.JPG]]
 +
</center>
 +
 +
There are 2 types of results in the Metaconsole:
 +
 +
* Centralized search: The policies shown are those from the Metaconsole itself. In the table, there is the Server field that is filled out with the symbol "-" to indicate that the data are obtained from the Metaconsole itself.
 +
 +
<center>
 +
[[file:newsearch3.JPG]]
 +
</center>
 +
 +
<center>
 +
[[file:newsearch4.JPG]]
 +
</center>
 +
 +
* Non-centralized search: The policies shown are obtained directly from each node. In the table, there is the Server field that is filled out with the name of each node.
 +
 +
<center>
 +
[[file:newsearch5.JPG]]
 +
</center>
 +
 +
<center>
 +
[[file:newsearch6.JPG]]
 +
</center>
  
 
==Policy management from the Metaconsole==
 
==Policy management from the Metaconsole==
Line 738: Line 834:
 
===Configuration. Centralized management mode===
 
===Configuration. Centralized management mode===
  
TheMetaconsole has a centralized management mode. This means that, as far as policies are concerned, management is done from the meta console and not from the node. In the Metaconsole, the selection of this mode is made from the general configuration.
+
The Metaconsole has a centralized management mode. This means that, as far as policies are concerned, management is done from the Metaconsole and not from the node. In the Metaconsole, the selection of this mode is made from the general configuration.
  
 
<center>
 
<center>
Line 748: Line 844:
 
</center>
 
</center>
  
For the configured nodes to know that the mode is centralized, just go to the license screen and synchronize. In this way, all policy management pages will be informative only, that is, available in read-only mode. The new nodes that are added will be automatically configured in this mode.
+
For the configured nodes to know that the mode is centralized, just go to the license screen and synchronize. That way, all policy management pages will be informative only, that is, available in read-only mode. The new nodes that are added will be automatically configured in this mode.
  
 
Finding out if a node is in centralized mode or not. If so, a warning message will appear in the policy view.
 
Finding out if a node is in centralized mode or not. If so, a warning message will appear in the policy view.
Line 758: Line 854:
 
===Policy queue in Metaconsole===
 
===Policy queue in Metaconsole===
  
The policy queue in the Metaconsole is different from that of the nodes. While in the latter, you can see the status of the implementation of the incomplete policies and a history of those already completed, in the Metaconsole this second part has been deleted. Only those that have not been applied or are in progress are shown indicating the node to which they belong.
+
The policy queue in the Metaconsole is different from that of the nodes. While in the latter, you can see the status of the implementation of the incomplete policies and a history of those already completed, in the Metaconsole this second part has been deleted. Only those that have not been applied or are in progress are shown indicating the node they belong to.
  
However, if you want to consult the history, it is available at the node. In fact, it is the only thing that can be managed from the node since all other pages are in read-only mode.
+
However, if you want to check the history, it is available at the node. In fact, it is the only thing that can be managed from the node since all other pages are in read-only mode.
  
===Data Integrity===
+
===Data integrity===
  
The data that the nodes and the Metaconsole of each policy have to be the same. Modules, alerts, inventory module, collections... have to be consistent. Therefore, when applying a policy from the Metaconsole, all this data is copied to the involved nodes.
+
Node and Metaconsole data of each policy must match. Modules, alerts, inventory module, collections... have to be consistent. Therefore, when applying a policy from the Metaconsole, all this data is copied to the involved nodes.
  
It is very diverse and very sensitive information. There may be an error when copying the data. In this case, the console will display an error and the node will be rolled up with the previous data. In clean installations there is not going to be any problem, but it is recommended to delete the previous policy configurations made manually in the nodes, passing them to the metaconsole to later synchronize them from there.
+
It is very diverse and very sensitive information. There may be an error when copying the data. In this case, the console will display an error and the node will be rolled back with the previous data. In clean installations there should be no problem, but it is recommended to delete the previous policy configurations made manually in the nodes, transferring them to the metaconsole to later synchronize them from there.

Latest revision as of 14:15, 21 November 2019

Go back to Pandora FMS documentation index

Template wip.png

We are working on the translation of the Pandora FMS documentation. Sorry for any inconvenience.

 


1 Policies

1.1 Introduction

The policy system is conceived to make large monitoring environment management easier. It allows to propagate modules, alerts, external alerts, plugins, remote inventories and collections to the agents in a centralized and homogeneous way, by modifying its configuration files through the remote edition feature called Agent Configuration.

Policy available operations are the following:

  • Create/delete/duplicate a policy
  • Add/delete one or several existing policy agents
  • Create/edit/delete a module
  • Create/edit/delete an alert
  • Create/edit/delete an external alert
  • Create/delete an already existing collection
  • Create/delete an already existing inventory module
  • Link the policy to one or several adopted modules
  • Apply policy changes

For policy changes to become effective, apply the policy to the corresponding section (queue).

Policy management can be performed by clicking on Configuration > Manage Policies on the left side of the Pandora FMS web console as shown below.


Pt11.png


1.2 Adding a Policy

Click on Configuration > Manage Policies and all available policies will be shown.


Pt12.png


To create a new policy, click on 'Create' to create a new policy. Then the policy creation form will be displayed, where you must enter the name, the group it belongs to, and an optional description.


Pt13.png


1.3 Deleting a Policy

If you intend to delete any policy, make sure it does not have any agents associated.

If a policy contains agents, the delete button is disabled and a button to delete all its agents is shown. This button will add the delete process to the queue. Once it has been processed, the policy delete button will be enabled again.

Borrar agentes.jpg

1.4 Duplicating a Policy

There is also a button to duplicate a policy.



Pt15.png



The created policy copy will appear as "not applied", regardless of the original policy's state.

1.5 Configuring a Policy

In order to configure the policy, use the policy name under Configuration > Manage Policies. Once inside, access the different setup sections through the upper right menu. You may also edit elements directly by clicking on the direct accesses provided when hovering the mouse over the policy you intend to configure.

Windows5.jpg

Policy configuration contains the following tabs in addition to the setup:

  • Agents
  • Modules
  • Inventory modules
  • Alerts
  • External alerts
  • Collections
  • Linking
  • Queue
  • Agent plugins
  • Agent wizards

The different executable actions are not applied until the policy is applied. For instance, if you add an agent to the policy, you may create several modules and alerts, but they do not go into effect until the policy is applied.

Likewise, if you have a policy applied and you modify or delete elements, the changes do not take effect until it is applied again.

All changes are displayed within the Queue window, where changes may be applied.


1.5.1 Policy queue management



Policy queue2.png



The policy operations queue contains a summary of the elements changed since their last application:

This list contains the elements yet to be updated and the ones yet to be deleted:

  • Pending to be updated
    • Agents
    • Groups
    • Adopted modules pending to be linked
    • Adopted modules pending to be unlinked
  • Pending to be deleted
    • Agents
    • Groups
    • Modules
    • Inventory modules
    • Alerts
    • External alerts
    • Plugins

This summary shows whether the policy should be applied or not. Sometimes, a button will be shown to apply them next to the icon of agents pending to be applied.

If the pending changes only affect the database, e.g. changes in alerts, this button will apply the changes just at that level, so the application will be faster.

Queue onlydb.png

However, if the configuration that affects configuration files has been changed, e.g. if collections or local modules have been modified, the application is complete.

Queue onlydbconf.png

Under summary, there is a button called 'Apply All' at the right side, to apply everything regardless of the pending modifications.

Queue applyall.png

When selecting "apply", the policy agents are added to the application queue. The Pandora FMS Server will be in charge of applying the pending policies to the queue. You may see in the same screen the application's progress, and when it is finished, it will appear as complete in the queue together with the time passed since it finished.

Queue progress.png

1.5.2 Agents and Groups

This window was designed to add or to delete both agents and groups from the policy. Use the selector located at the top to select agents and groups.


1.5.2.1 Agents



Policy agentstop2.png



At the top there are filtering options to select the desired agents in bulk using Control or Shift keys.



Policy agents filter.png



At the bottom, there is a list with all agents associated to the policy and even those that are yet to be deleted from the policy.




Policy agents agent.png



The list of agents has the possibility to filter by group, substring or state. List of items displayed:

  • Agent Name
  • Remote Configuration
  • Policy agent status
  • Number of unlinked modules in the agent
  • Button to add the agent to the policy
  • Icon group in order to find out whether that agent was applied by a policy group
  • Timestamp of the last time that the policy was applied
  • Delete/Undo buttom

When an agent is deleted, its name will appear crossed out and the delete button will be replaced by a button to undo the deletion and link the agent to the policy again.



Pt21.png



Of course, adding or deleting policy agents will take effect when the policy is applied on the Queue page.

1.5.2.2 Groups



Policy groupsfull.png



At the top there is the group recursion option. If it is checked, all child groups will be also added to the policy. The desired groups can be selected through the Control or Shift keys.



Policy groups filter.png



At the bottom, there is a list containing all the groups linked to the policy, including those yet to be deleted.



Policy groups bottom.png




The group list shows the following information:

  • Group Name
  • Policy group status
  • Button to add that group to the queue in order to be applied
  • Number of agents belonging to that group that have that policy applied, over the total number of group agents
  • Timestamp of the last time that the policy was applied
  • Delete/Undo button.

When a group is deleted, its name will appear crossed out and the delete button will be replaced by a button to undo the deletion and link the group to the policy again. The agents belonging to that group will also appear crossed out.



Pt25.png



Of course, adding of deleting policy groups will not take affect until this one is applied.

1.5.3 Modules

The modules menu allows to configure the modules to be added to the policy.

Windows6.jpg

In order to add modules, choose the type of module in the drop-down menu. Select one of the available ones,(data server, network, plugin, WMI, Web) and click on the "Create" button. It is the same procedure as creating a module within an agent.



Pt27.png



1.5.3.1 Creating a Data Server module

Data Server modules are modules added to software agents. In order to work with these modules, the agents must have remote configuration enabled.

Select the option "Create a new data server module" and click on the "Create" button in order to create a new data server module.

Windows8.jpg

Later, configure all module fields. The field called "Data Configuration" is the one that allows to enter the module's code which is applied to the agents subscribed to this policy. This change will be displayed in this particular agent's "pandora_agent.conf" file.

Windows9.jpg

Go to advanced options by clicking on the "Advanced Options" button.

Windows10.jpg

Check the description of these particular features in the Templates and Components section. There are two options: filling out the fields or having previously defined a local. See Local components

1.5.3.2 Creating a Network Server Module

To create a Network Server module, choose the option 'Create a new Network Server Module' and click on "Create".

Grafic1.jpg

Then configure all module fields.

Grafic2.jpg

Click on "Advanced Options" to access advanced options.

Grafic3.jpg

Check the description of these fields and screens in the Templates and Components section.

Click on 'Create' once all fields have been filled out.

Keeping in mind that modules are repeated most of the time. Instead of filling out the fields any time a module is added, the best option is to preliminarily define it as a component and to use it as such.

To use a component, fill out the combo located under "Using module component" where it is possible to choose between the different component groups.

Grafic4.jpg

Once the group has been selected, another combo pops up where to choose the desired component.

Grafic5.jpg

In this example, the component called "Catalyst CPU Usage" from the Cisco MIBs Group has been chosen.

Grafic6.jpg

Once the component is selected, any of its fields may be modified. Click on "Create" once all fields have been filled out appropriately.

1.5.3.3 Creating a Plug-in Server module

Plug-in server modules are created by choosing the option "Create a new Plug-In Server Module" and clicking on "Create".



Pt32.png



Then configure all module fields.



Pt41.png



You may access advanced options by clicking on "Advanced Options".



Pt42.png



Check the description of the above mentioned features and options within the Templates and Components section.

Once you have filled out all the fields appropriately, click on "Create".

Keep in mind that the modules are repeated most of the time. Instead of always filling out the fields any time a module is added, the best option is to preliminarily define it as a component and to use it as such. The use of components is thoroughly explained in the section called templates and components.

Template warning.png

Use macros to configure dynamic parameters, like the IP address of an agent. To see the list of available macros, click on the help(?) button on Plugin(?)

 




Pt1.png



1.5.3.4 Creating a WMI Server module

To create a WMI Server module, click on "Create a new WMI Server Module" and click on "Create".



Pt34.png



Then define all module fields.



Pt43.png



By clicking on "Advanced Options", access advanced options.



Pt44.png



Check the description of the fields of these screens in the Templates and Components section.

Once all the fields have been filled out appropriately, click on "Create".

Keeping in mind that the modules are repeated most of the time. Instead of always filling out the fields any time a module is added, the best option is to preliminarily define it as a component and to use it as such. Component use is further explained in the section named "create a network module". For more information, check Windows remote monitoring through WMI.


1.5.3.5 Creating a Web Server module

To create a Web Server module, select the option called "Create a new Web Server module" and click on the "Create" button.



Pt35.png



Then configure all the module's fields.



Pt45.png



Access advanced options by clicking on "Advanced Options".



Pt46.png



Check the description of the fields in the Templates and Components section.

Once all the fields have been filled out appropriately, click on "Create".

In the particular case of Web modules, there are no components.

For more information about Web module creation check Web monitoring.

1.5.3.6 Modifying a previously created module

It is possible to modify all modules assigned to a policy.

Rama1.jpg

In order to do so, click on the module's name so the module configuration options are shown.

Once they have been modified appropriately, click on "Update".



Pt47.png



Info.png

If the policy module is renamed, the name will be updated like any other field when the policy is applied.

 



Template warning.png

If a policy module is renamed but a module with the new name already exists in one of the agents, this module will be adopted while the module with the old name is deleted.

 


1.5.3.7 Deleting an already created Module

In order to delete the module from the policy and remove it from agent configuration, click on the trash button to the right of the module's name. Once done, the module will still appear but crossed out. The "Delete" button will have been replaced by the "Undo" button.

If you wish to delete several modules, select the check box to the right of the trash icon and click "Delete".



Pt48.png



1.5.4 Inventory modules

It is also possible to create inventory modules within a policy by picking one from the list of the available ones in the system, thereby picking an interval and the credentials.



Pt49.png



Like the rest of the policy elements, if you remove an inventory module, it will appear crossed out. The "Undo" button will replace the delete one to undo the action.



Policy inventory modules undo.png



For more information about adding remote inventory modules check Inventory modules.

1.5.5 Alerts

The Alert menu allows to configure the alerts of the modules that belong to the policy.

Salva1.jpg

1.5.5.1 Adding Alerts

In order to add an alert, link it to one of the predefined templates or to a module that belongs to the policy and click on "Add".



AlertasNodo2.JPG



1.5.5.2 Modifying Alerts

It is possible to add actions to alerts, set them on stand-by mode or disable them.

If you intend to change any module or template, delete it and create a new one.

1.5.5.3 Deleting Alerts

In order to delete an alert from the policy and remove it from the agents that have it installed, click on the trash button at the right of the module's name. Once done, the alert will still be visible but crossed out. Then, the "Delete" button will be replaced by an "Undo" button.

Brocha2.png

1.5.6 External Alerts

External alerts allow to link alerts to agent modules not included in the policy module's main list. It is sometimes very useful to assign alerts to some agent modules but not to all of them.

1.5.6.1 Adding External Alerts

In order to create an external alert, fill out this form. The first field is intended to select the agent's modules. Only those not contained in the policy. The second field is intended to select the appropriate alert template. This feature is available both in the Metaconsole and the nodes.


AlertasMeta1.JPG


1.5.6.2 Modifying External Alerts

Considering how easy it is to create new external alerts and their few variables, the possibility of modifying external alerts does not exist. In order to modify an external alert, delete it and create a new one.

1.5.6.3 Deleting External Alerts

In order to delete an external alert from the policy and remove it from the agents that have it installed, click on the trash button on the right of the external alert.

External-alert-action-added.png

The deletion system is the same as the one of the regular alerts. The deletion does not take effect until the policy is applied. Until that very moment, the policy will still appear but crossed out and the "Delete" button will be replaced by an "Undo" button to undo the action.

1.5.7 Agent plugins

The process to add policy plugins is the same as that of the agent. Check the section Plugins in software agents.


Template warning.png

In order for the agent plugin to be applied by a policy, the plugin must exist in the path specified by the agent.

 


For more information about the development of these plugins go to Agent plugin development.



Pt54.png


1.5.8 Policy module states

When a module is created based on a policy is applied, it is referenced through the policy icon. These policy modules may have several states:

  • Linked
  • Unlinked
  • Adopted
  • Linked adopted

Modules0.jpg


1.5.8.1 Linked Modules

These modules are created in the policy and once the policy is applied, they are also created within the agent. These are the average modules created within policies.


Pt58.png


You may link and unlink modules from the module setup page by clicking on this button.


Pt56.png


1.5.8.2 Unlinked Modules

Unlinked modules are modules that belong to a policy but which are not affected by policy changes. They can be useful because the enable establishing individual exceptions to modules that belong to a certain policy. That way you may "customize" a specific agent module within a policy without taking it out from said policy.

Modules5.jpg

Template warning.png

Policy changes are only applied if the module is linked again.

 


1.5.8.3 Adopted Modules

These modules were created within the policy with the same name of an already existing module within the agent. When applying the policy, Pandora FMS uses the existing module's data instead of creating a new module and it will keep on being managed from the agent.

Template warning.png

A este tipo de módulos no les afectan los cambios que se realicen en las políticas

 




Pt60.png



Template warning.png

If you delete a policy, adopted modules are not deleted from the agents, they use the local definition again.

 



1.5.8.4 Linked adopted modules

An adopted module can be linked to use the definition set in the policy instead of the local one. That way, when managing the module from the policy, when there is some change the module changes too.



Pt61.png



Template warning.png

When a policy is deleted, linked adopted modules go back to using the local definition.

 


Template warning.png

When an agent is deleted from a policy, linked modules are deleted and just the linked and linked adopted modules are kept (with their local definition prior to the policy.)

 


1.5.9 File Collections

They are normally used to mass deploy scripts or plugins, which will be later on executed by the very policy agents.

The first point to discuss is how to use file collections in the agent's view, how to use manual mode, agent by agent, without using collections, and how to do the same thing by using policies.

The first task is to arrange a life compilation. In order to do it, go to the agent's administrator. There you will see a "sub-option" called "Collections". Click on it so that you may create a new collection as seen on the picture below.

File collection create.png

Once you have created the file collection, upload any appropriate file. These files can be binaries, scripts or data files. All files are moved to the same base directory. It is extremely important that each file collection has its own base directory. In the console, file collections are stored under a directory called /pandora_console/attachment/collection, bearing a name like fc_XXX, where "XXX" is the collection's numerical ID. File collections may also contain subdirectories. File collections are transferred as ZIP files to the agent through Tentacle.

File collections are only supported by the Tentacle transference mode.

On the picture below, you may see how the created example collection (fc_1383033439) has two files downloaded:

File collection addfile.png

If we go back to the main collection screen, you can see both collections as a triangular icon, which indicates that there is a problem. This happens because collections are not synchronized. It is recommended to synchronize them by clicking on that same triangular icon.

File collection sync.png

When a file collection is synchronized, a green arrow-shaped icon is displayed as shown on the screenshot below.

File collection sync1.png

Once the collection is synchronized, it will be applied onto the agent - this time without using any policies. Go to the agent administrator mode and look for the collection's tabulator (it is a disk-shaped icon). The available collections are displayed there in order to pick one of them and apply it to the agent, as you can see in the windows utilities example on the picture below.

Agent collection apply1.png

Now it has been applied. Next time the agent contacts the server, you will obtain the file and a little modification in the '.conf' file, which will look like this:

file_collection fc_1383033439

Agent collection apply2.png

1.5.9.1 File collections and policies

This works in a similar way as the single agent collections. Instead of applying a collection on a specific agent, it is applied to a policy, as seen here.

File collection policyadd.png

It is very easy to use a module which works with a file included in the collection: only refer to the directory that contains the collection by using its fixed ID. This is an example that employs a plug-in module:

Collection module usage plugin.png


1.5.9.2 Collection centralized management

From Pandora FMS OUM729 onwards, you can centralize the collection management from the Metaconsole.

For more information, click here.

1.5.9.3 Agent file collections location

Each file collection has a "short name". In this example, it is called "fc_1383033439", which means the features, scripts or executables contained in the collection are located at "%Archivos de programa%\pandora_agent\collections\fc_1383033439". It is important to keep in mind that the collection is sent in a compressed format to the agent, so this file collection should contain the unzip tool to be able to unzip the file. Since the agent version 3.2, this feature is installed under "%Archivos de programa%\pandora_agent\utils".

This information is important in order to use modules that work by using these files and to be able to specify the complete "real" path.


This is another example:

If the collection's short name is "fc_18", the location will be "%ProgramFiles%\pandora_agent\collections\fc_18" in case the English language is used on this particular computer.

Each file collection is stored in a different location in order to prevent file collections from overwriting each other or having conflicts among them.

Collection control system is based on md5 hashes, similarly to agent configuration file management. When creating the collection in Pandora FMS console, a md5 hash is created that is later sent to the agent. This md5 will only be updated when changes in the collection next to the Pandora FMS console are made and not in the agent. Therefore, local collection changes will stay within the console while the collection is not modified in the console. If you make some change in the collection next to the console the md5 will be recalculated and if it does not match that of the agents, the last collection configuration will be applied, overwriting what was written before and deleting possible loca modifications on the collections.

This is an example of a plugin used by the "df_percent.vbs" file, contained in a collection called "fc_1383033439" for a windows-based agent:

module_plugin cscript //B "%ProgramFiles%\pandora_agent\collections\fc_1383033439\df_percent.vbs"

Go back to Pandora FMS Documentation Index

1.6 Policy search

It is possible to perform policy searches from the Pandora FMS search header both in the Metaconsole and the node.

In the section of policy result, there is a table with the following fields:

  • Name.
  • Description.
  • Group.
  • Status.

Newsearch2.JPG

There are 2 types of results in the Metaconsole:

  • Centralized search: The policies shown are those from the Metaconsole itself. In the table, there is the Server field that is filled out with the symbol "-" to indicate that the data are obtained from the Metaconsole itself.

Newsearch3.JPG

Newsearch4.JPG

  • Non-centralized search: The policies shown are obtained directly from each node. In the table, there is the Server field that is filled out with the name of each node.

Newsearch5.JPG

Newsearch6.JPG

1.7 Policy management from the Metaconsole

P meta summary.png

It is possible to manage policies from the Metaconsole. The process consists of distributing the information to all the nodes for each of the servers in charge of applying them. This distribution of information is complex because it is important that all nodes have the same data as the Metaconsole.

1.7.1 Configuration. Centralized management mode

The Metaconsole has a centralized management mode. This means that, as far as policies are concerned, management is done from the Metaconsole and not from the node. In the Metaconsole, the selection of this mode is made from the general configuration.

P meta central.png

P meta licence.png

For the configured nodes to know that the mode is centralized, just go to the license screen and synchronize. That way, all policy management pages will be informative only, that is, available in read-only mode. The new nodes that are added will be automatically configured in this mode.

Finding out if a node is in centralized mode or not. If so, a warning message will appear in the policy view.

P node warninig.png

1.7.2 Policy queue in Metaconsole

The policy queue in the Metaconsole is different from that of the nodes. While in the latter, you can see the status of the implementation of the incomplete policies and a history of those already completed, in the Metaconsole this second part has been deleted. Only those that have not been applied or are in progress are shown indicating the node they belong to.

However, if you want to check the history, it is available at the node. In fact, it is the only thing that can be managed from the node since all other pages are in read-only mode.

1.7.3 Data integrity

Node and Metaconsole data of each policy must match. Modules, alerts, inventory module, collections... have to be consistent. Therefore, when applying a policy from the Metaconsole, all this data is copied to the involved nodes.

It is very diverse and very sensitive information. There may be an error when copying the data. In this case, the console will display an error and the node will be rolled back with the previous data. In clean installations there should be no problem, but it is recommended to delete the previous policy configurations made manually in the nodes, transferring them to the metaconsole to later synchronize them from there.