Difference between revisions of "Pandora: Documentation en: Satellite"

From Pandora FMS Wiki
Jump to: navigation, search
(agents_blacklist_wmi (Version > 7.0OUM13))
(Agent creation through Recon Task)
 
(102 intermediate revisions by 8 users not shown)
Line 3: Line 3:
 
== Introduction ==
 
== Introduction ==
  
The Satellite Server is used for network and remote systems monitoring and discovery. It can discover network elements (routers, switches, etc) using SNMP or ICMP, or Windows (using WMI) or Linux (using SNMP) servers. This is no ordinary server, it can be considered to be a broker agent with extended functions. It is an exclusive component for the Enterprise version. It is especially useful to monitor inaccessible, by the Pandora Server, remote networks, where a software agent just isn't and option.  
+
The Satellite Server is used for network and remote system both monitoring and discovery. It can discover network elements (routers, switches, etc) using SNMP or ICMP, or Windows servers (using WMI) and Linux servers (using SNMP). This is no "ordinary" server, it can be considered to be agent in [https://pandorafms.com/docs/index.php?title=Pandora:Documentation_en:Operations broker mode] with extended features. It is an exclusive component for the Enterprise version. It is particularly useful to monitor inaccessible remote networks where a software agent is not even an option from Pandora FMS server.
 +
 
 +
{{Tip|The Satellite Server is an exclusive Enterprise component.}}
  
 
[[File:Esquema-satellite.png|700px|center]]
 
[[File:Esquema-satellite.png|700px|center]]
  
This server doesn't require a connection with the pandora database. It sends all information in XML format using the tentacle protocol like and agent.  
+
The Satellite server can be used in Windows and Linux (recommended) alike, and it has some features that make it more special, highly recommended in certain environments.
  
The satellite server can be used in Windows and Linux alike although the installation process in both cases is a little different.
+
* It can execute network tests (ICMP, Latency and SNMP v1 and v2) at an extremely high pace (500 checks per second).
  
This server has some characteristics witch make it unique and more than recommended on many occasions:
+
* It only sends information to the server every X seconds (300 seconds by default), but it can execute latency, ICMP and SNMP tests within a smaller interval (30 seconds for example). That way, it can warn Pandora FMS Server almost instantly when there is a status change. This status changes must have been previously defined if the module type is not a *_proc (network interfaces or general network connectivity for example).
  
* It can execute network tests (ICMP, Latency and SNMP v1 and v2) at an extremely high pace (500 checks per second).
+
* It does not require connection to the database, rather it is autonomous. It sends all files in XML format the same way as an independent server, similar to a broker agent or an export server.
  
* It only sends information to the server after some period of time (300 seconds by default), but it can execute the latency, ICMP and SNMP tests within a smaller interval (30 seconds for example). This way it can notify the Pandora Server almost instantly when a change in the status is detected. This status changes must be previosly defined if the module type isn't a generic_proc type (network interfaces or general network connectivity for example)
+
* It has an auto-discovery system for SNMP and WMI. It creates detected agents (by IP address), it detects dynamic elements (network interfaces, storage) and monitors them automatically.
  
* It doesn't require connection to the database. It sends all files in XML format the same way as an independent server, similar in many ways to a broker agent or an export server.
+
* In Windows systems, it can detect hard drives, CPUs, and memories.
  
* It has an autodiscovey mechanism for SNMP and WMI. Once an agent is detected (by IP address), it detects the dynamic elements (network interfaces, storage) and monitors them automatically.  
+
* In systems with SNMP, it can detect interface status, inbound and outbound traffic for each interface and the name of the system.
  
* In Windows systems it can detect the discdrive, CPU, and memory.
+
* Auto-genarated modules can be modified, like every other module, managing the agent from the console as if it was an ordinary agent (in ''Mass operations menu'' > ''Satellite'').
  
* In systems with SNMP it can detect the status of the interfaces, inbound and outbound traffic for each interface and the name of the system.
+
* Agents can be created manually by creating an agent configuration file in the Satellite server directory for agent configuration files (explained later on).
  
* The autogenarated modules can be modified, like every other module, administrating the agent from the console like any other agent in the massive operations menu and for these modules from the Satellite section.
+
=== Capacity ===
  
* Agents can be created directly by the creation o an agent configuration file in the satellite server directory for agent configuration files.
+
It is difficult to pinpoint the maximum capacity of the Satellite, as it depends entirely on the server running and the type of checks you want to perform. In the test environment, 500 checks ICMP/SNMP per second have been made, but that depends a lot on the response times of remote devices (it is not the same a device which answers in 0.5ms than one that takes 2 seconds to answer back). Under ideal conditions, an amount of 150,000 checks could be monitored with a single Satellite server. In real conditions, it has been tested in controlled environments (LAN) made of about 50,000 modules with a single Satellite server in a low-end computer hardware (Intel i5, 2GZ, 4GB RAM).
  
=== Capacity and performance of Satellite Server ===
+
{{Warning|IF THERE ARE MANY CRITICAL MODULES, THE PERFORMANCE WILL BE AFFECTED. Take into account the configured timeout, since there is only one check for each critical monitor for timeout. If there are 1000 critical modules and the timeout is configured to 4 seconds, it will take 4000 seconds to execute all the checks with only one thread.}}
  
It is difficult to pinpoint the maximum capacity of the satellite, as it depends entirely on the server running, and the type of checks you want to perform. In the best case, we have managed to make 500 checks ICMP/SNMP per second, but that depends a lot on the response times of the remote devices (is not the same a device which answers in 0.5ms than one that takes 2sec to respond). Under ideal conditions we can talk about monitor 150,000 checks with a single server. In real conditions, we tested in controlled environments (LAN) about 50,000 modules with a single satellite server in a low-end computer hardware (Intel i5, 2GZ, 4GB RAM).
+
{{Tip|}}
  
 
== Installation ==
 
== Installation ==
  
The Satellite Server is distributed in binary format this way no additional library is required. In both Windows and Linux versions the functionality of this server is the same. In Windows systems it is installed as a service and in Linux systems it is installed as a daemon. The configuration file and specifications in both cases are the same.
+
The Satellite Server is distributed as tarball (Linux) or .exe (Windows), so it is not necessary to install Perl or any additional library. It works the same in Windows or Linux versions. In Windows systems, it is installed as a service, and in Linux systems, it is installed as a daemon. The configuration file and specifications in both cases are the same.
 +
 
 +
Satellite server Linux version depends on external packages that are specified in the corresponding version of this documentation.
  
 
== Satellite Server Installation in Linux Systems ==
 
== Satellite Server Installation in Linux Systems ==
  
  
Once downloaded the binary witch contains the satellite server we must go to the download directory with root privileges and extract the files from the binary:
+
Once downloaded the binary witch contains the Satellite server, go to the download directory with root privileges and unzip the binary:
 +
 
 +
tar -xvzf pandorafms_satellite_server_X.XNG.XXX_x86_64.tar.gz
  
 
<center>
 
<center>
[[File:Desarchivar.png|700px]]
+
<br>
 +
[[File:Desarchivar_nuevo.png]]
 
</center>
 
</center>
  
The a satellite_server will be created. We must enter that folder typing:
+
Then, a folder called satellite_server will be created. Get in typing:
 +
 
 +
cd satellite_server/
 +
 
 +
Before proceeding with the installation, these are the main dependencies of the Satellite server: '''fping''', '''nmap''', '''wmic''' y '''braa'''.
  
'''cd satellite_server/'''
+
It is also necessary for server execution to have installed Perl in the device. It can be installed with the following command:
 +
yum install perl.}}
  
Before proceeding with installation it is necessary to clarify that fping, nmap, wmic and braa are absolutely necessary for the Satellite Server:
+
In the installer, Braa and Wmic dependencies are included. Fping and Nmap must be installed independently.
  
In the installer the Braa and Wmic packages are included. Fping and Nmap must be installed independently.
+
To install the Satellite Server we can just execute the installing command:
 +
  ./satellite_server_installer --install
  
To install the Satellite Server we can just follow the instructions in the following image:
 
  
 
<center>
 
<center>
[[File:Instalacion linux.png|700px]]
+
<br>
 +
[[File:Instalacion linux_nuevo.png]]
 
</center>
 
</center>
  
Once finished we need to edit the satellite_server.conf file, located in /etc/pandora/
+
Once finished, edit the satellite_server.conf file (located in ''/etc/pandora/satellite_server.conf''), look for the token ''pandora_license'', uncomment it and '''enter the Pandora FMS server license'''. Afterwards, save the file and activate the service executing this:
To start the Satellite Server we need to type the following:
+
sudo /etc/init.d/satellite_serverd start
 
 
'''sudo /etc/init.d/satellite_serverd start'''
 
  
In case of an error take a look at the satellite_server.log file, located in /var/log/
+
In case of failure, take a look at the satellite_server.log file, located in ''/var/log/satellite_server.log''.
  
 
== Windows Installation ==
 
== Windows Installation ==
  
  
The Satellite Server can be installed following these simple steps:
+
The installation process in Windows can be carried out following the images shown below:
  
We start by chosing the installation language:
+
Start by choosing the installation language:
  
 
<center>
 
<center>
Line 78: Line 89:
 
</center>
 
</center>
  
Then we click on Next  
+
Click on Next  
  
 
<center>
 
<center>
[[File:English installation2.png|700px]]
+
<br>
 +
[[File:Instalacion windows2_nuevo.png]]
 
</center>
 
</center>
  
Then we choose where to install the Satellite Server:
+
Choose where to install the program:
  
 
<center>
 
<center>
[[File:English installation3.png|700px]]
+
<br>
 +
[[File:Instalacion windows3_nuevo.png]]
 
</center>
 
</center>
  
Installation of WinPCap is required. The WinPCap installation window would appear at this step of the installation process:
+
WinPCap installation is required. The installation window will appear at this step of the installation process:
  
 
<center>
 
<center>
Line 96: Line 109:
 
</center>
 
</center>
  
Then we must configure WinPCap to start on when system starts.
+
Then configure WinPCap to start when system starts.
  
 
<center>
 
<center>
Line 102: Line 115:
 
</center>
 
</center>
  
Once finished the installation of WinPCap we would see the following window:
+
Once WinPCap installation is finished, this window will appear:
  
 
<center>
 
<center>
Line 108: Line 121:
 
</center>
 
</center>
  
The the license number must be introduced:
+
Enter the Pandora FMS license number to continue the installation:
  
 
<center>
 
<center>
[[File:English installation4.png|700px]]
+
<br>
 +
[[File:Instalacion windows4_nuevo.png]]
 
</center>
 
</center>
  
Then the parameters of the recon task must be configured:
+
 
 +
Then, set the Pandora FMS server address to send data. Define the network recon rules for Satellite server:
  
 
<center>
 
<center>
[[File:English installation5.png|700px]]
+
<br>
 +
[[File:Instalacion windows5_new.png]]
 
</center>
 
</center>
  
At the end a restart of the system is required for all changes to take place.
+
At the end, restart the system so that all changes are applied.
  
 
<center>
 
<center>
[[File:English installation6.png|700px]]
+
<br>
 +
[[File:Instalacion windows6_nuevo.png]]
 
</center>
 
</center>
  
Once finished the Satellite Server can be started from the start menu.
+
Once ther process is finished, start and stop the Satellite server from the Start menu.
  
=== Operation WMI modules in some Windows versions ===
+
=== WMI module operation in some Windows versions ===
  
For security reasons in Windows, some versions have limited users who can remotely query WMI. If these modules were not carried out, the solution is to run the service Satellite Server as an Administrator user.
+
For Windows security reasons, some versions have limited users who can remotely query WMI. If these queries were not carried out, the solution would be to run the service Satellite server as an Administrator user.
  
 
The process to follow is:
 
The process to follow is:
Line 137: Line 154:
  
 
<center>
 
<center>
[[File:Instalacion windows7e.png|400px]]
+
<br>
 +
[[File:Instalacion windows7_nuevo.png]]
 
</center>
 
</center>
 +
<br
 +
 +
Right click on the service and go to Properties:
  
We click right click on the service and enter in Properties
 
  
 
<center>
 
<center>
[[File:Instalacion windows8e.png|700px]]
+
<br>
 +
[[File:Instalacion windows8_nuevo.png]]
 
</center>
 
</center>
 +
<br>
 +
 +
On the Log In window, select an account with Administrator permissions and apply changes:
  
On the Log On window, select an account with Administrator permissions and apply changes:
 
  
 
<center>
 
<center>
[[File:Instalacion windows9e.png|500px]]
+
<br>
 +
[[File:Instalacion windows9_nuevo.png]]
 
</center>
 
</center>
 +
<br>
  
And following these changes, restart the service.
+
Finally, restart the service.
  
 
== Configuration ==
 
== Configuration ==
Line 158: Line 183:
 
All parameters that require a timeout or some time are specified in seconds, for example 300 = 5 minutes.
 
All parameters that require a timeout or some time are specified in seconds, for example 300 = 5 minutes.
  
It is important to keep in mind that the latency and snmp intervals are specific for the status change. In case of Boolean checks (port or machine status) the threshold witch defines the change of state is automatic. For the numerical values (latency, network traffic in an interface, disk space, CPU, etc) it is based in a threshold that must be defined in each module.
+
It is important to keep in mind that the latency and snmp intervals are specific for the status change. In case of Boolean checks (port or machine status) the threshold that defines the status change is automatic. For numerical values (latency, network traffic in an interface, disk space, CPU, etc), it is based an a threshold that must be defined in each module.
  
 
=== agent_interval xxx ===
 
=== agent_interval xxx ===
  
300 seconds by default (5 minutes), it creates agents with an interval of 5 minutes. Information ins't send to the server till this time has passed. Independently that the checks done by the network server have a lower interval.  
+
300 seconds by default (5 minutes), it creates agents with a 5 minute interval. After that time, information is sent to the server. Regardless of checks done by the network server having a lower interval.  
  
 
=== agent_theads xxx ===
 
=== agent_theads xxx ===
Line 170: Line 195:
 
=== xxxxxx_interval xxx ===
 
=== xxxxxx_interval xxx ===
  
Executes all checks (latency, snmp, etc) with some interval. If the current information is different compared with the previous one it sends it instantly. If it is the same it will send it when the agent interval has passed. It is useful to do intesive checks and notify only in case of a status change.
+
It executes all checks (latency, snmp, etc) every xxx seconds. If the collected data is different compared to the previous one, it sends it instantly. If it is the same, it will send it when the agent interval says so. It is useful to perform intesive checks and notify only in case of status change.
  
 
=== xxxxx_retries xxx ===
 
=== xxxxx_retries xxx ===
  
Number of retries in checks (latency, snmp, ping...)
+
Number of retries in checks (latency, snmp, ping...).
  
 
=== xxxxx_timeout xxx ===
 
=== xxxxx_timeout xxx ===
  
Timeout in seconds for the SNMP, Latency and Ping checks.
+
Timeout in seconds for SNMP, Latency and Ping checks.
  
 
=== xxxxx_block xxx ===
 
=== xxxxx_block xxx ===
  
Forces the server to execute the checks in blocks of XXX checks. The higher the number (500 tops) the more capacity it would have, but with an increased latency. In some cases it mind be recommended to lower this number (latency, ping and snmp)
+
It forces the server to execute checks into blocks of XXX checks. The higher the number (500 tops) the more capacity it will have, but at the expense of an increased latency. Sometimes, it might be recommended to lower that number (latency, ping and snmp).
  
 
=== xxxxx_threads n ===
 
=== xxxxx_threads n ===
  
Number of assigned threads to every type of check. It depends on the capacity (CPY and Memory) of the machine. The higher the threads more pressure would be put on the machine but the processing speed would be higher for the satellite server.
+
Number of assigned threads to every type of check. It depends on the capacity (CPY and RAM) of the machine. The higher the threads, the higher the load on the machine but the processing capacity will be higher. The performance may become poor when exceeding 20 threads, depending on each system.
  
=== log_file /dev/null ===
+
=== log_file /var/log/satellite_server.log ===
  
Satellite server logfile. It can grow quickly, so it is recommended, if not going to be used, to be redirected to /dev/null/. It is usefull at the beginning to try and discover possible errors and later on comment it.
+
It indicates the file where the Satellite server log is written, by default the path is /var/log/satellite_server.log.
  
 
=== recon_task xxxxx[,yyyy] ===
 
=== recon_task xxxxx[,yyyy] ===
  
IP Address and network addresses for autodiscovery for example:
+
IP networks and addresses for autodiscovery separated by commas, for example:
  
 
  192.168.50.0/24,10.0.1.0/22,192.168.70.64/26
 
  192.168.50.0/24,10.0.1.0/22,192.168.70.64/26
Line 200: Line 225:
 
=== server_ip <ip> ===
 
=== server_ip <ip> ===
  
Pandora FMS Server ip address where the information is send using the tentacle protocol (port 41121/tcp)
+
IP address or DNS name of Pandora FMS Server where the information is sent. It is done using the Tentacle protocol, so communication with the system must be possible through Tentacle port (port 41121/tcp).
  
 
=== recon_mode [icmp,snmp,wmi] ===
 
=== recon_mode [icmp,snmp,wmi] ===
  
Autodiscovery mode. The system would use the following protocols to in recon checks:
+
Autodiscovery mode. The system will use the following protocols to discover systems:
  
* ICMP: It would just check if the host is alive and the latency time.
+
* '''ICMP''': It will just check whether the host is alive (ping) and measure latency time.
* SNMP: If capable it would look for all the interfaces and get it's trafic, general status etc..  
+
* '''SNMP''': If it is capable of communicating by SNMP (only v1 and v2), it will look for all the interfaces and get its trafic from all of them, as well as its operative status and device name and location. It will try different communities provided in the configuration file to connect.  
It can only use v1 and 2 of SNMP.
+
* '''WMI''': Similar to the previous case, but in this case showing CPU usage, memory and hard drives (all available ones).
* WMI: Similar to the previous but in this case it would show: CPU Usage, Memory and Diskdrives
 
  
 
=== recon_community aaa,bbb,ccc... ===
 
=== recon_community aaa,bbb,ccc... ===
  
States a list of SNMP communities to be used in autodiscovery mode.
+
It states a list of SNMP communities to be used in SNMP discovery, separated by commas. It will use this list in SNMP exploration: for each IP found, it will try to see whether it answers to any of these communities.
  
 
=== wmi_auth Administrator%password ===
 
=== wmi_auth Administrator%password ===
  
Specifies a list of groups of User%Password, f.e: admin%1234,super%qwerty. This list is used in autodiscovery mode.
+
It specifies a list of User%Password pairs, e.g: admin%1234,super%qwerty. This list is used in WMI discovery. For each IP found, it will try to see whether it answers to any of these combinations.
  
 
=== agent_conf_dir <path to agente conf dir> ===
 
=== agent_conf_dir <path to agente conf dir> ===
  
In this directory the config files are automatically of each agent discovered by the satellite server is stored.
+
In this directory, configuration files of each agent discovered by the satellite server are automatically created, it is ''/etc/pandora/conf'' by default. They may also be manually created, as explained later on.
  
 
=== group <grupo> ===
 
=== group <grupo> ===
  
Specifies the default group for the agents created by the Satellite Server.  
+
It specifies the default group for agents created by the Satellite Server. For instance: "Servers".
  
 
=== daemon 1|0 ===
 
=== daemon 1|0 ===
  
When set to 1 starts the daemon in the background (by default).  
+
When set to 1, it starts the daemon in the background (by default).
  
 
=== hostfile <file> ===
 
=== hostfile <file> ===
  
It is an alternative method for network scanning. A file is provided with an adress in each line. It can include the hostname as well.
+
It is an alternative/complementary method for network scanning. A file is provided with an adress in each line. It can include the hostname followed by the IP as well, so that the agent created bears that name and uses that IP for modules (e.g. 193.168.0.2 hostname). It must be possible to send and fping to those addresses for them to be valid.
  
 
=== pandora_license xxxxxxx ===
 
=== pandora_license xxxxxxx ===
  
Here you must input the license number of your Pandora FMS server the same way it appears in the Setup->Licency section. The total number of agents is verified in the pandora console.
+
Type in there the Pandora FMS server license number, as it appears in the Setup->Licence section in Pandora FMS console. It may use the same licence in as many Satellite servers as you need, since the total amount of agents that use the licence is verified in Pandora FMS server, not in the Satellite.
  
 
=== remote_config 1|0 ===
 
=== remote_config 1|0 ===
  
Specifies if the autodiscovery agents have enabled remote config to edit them from the console. It enable itself remote config too.
+
It enables remote configuration in detected agents by default. It is mandatory if you wish yo manage them from the console after detecting them. It also activates Satellite server remote configuration. To find out more, see [[Pandora:Documentation_en:Operations|Remote configuration]].
  
 
=== temporal_min_size ===
 
=== temporal_min_size ===
  
If the free space (in MB) of the partition in which the temporary directory is located. If it's smaller than this value, it would continue generating data packages. It avoids the disk becoming full if the connection with the server is lost during an extended interval under any circumstances.
+
If the free space (in MB) in the partition where the temporary directory is located is smaller than this value, data packages are not generated anymore. It prevents the disk from becoming full if the connection with the server is lost during an extended interval for some reason.
  
 
=== xml_buffer ===
 
=== xml_buffer ===
  
The default value is '0'. If set to '1', the agent is going to save any XML data files which couldn't be sent and retries later.
+
The default value is '0'. If set to '1', the agent will save any XML data files that could not be sent to retry it later on.
  
if you are in a secured environment under UNIX and want to enable the XML buffer, you should consider changing the temporal directory, since anyone has the right to write into '/tmp'.
+
In a safe UNIX environment, consider changing the temporal directory, '/tmp' gives writting permissions to all users.
  
 
=== snmp_version ===
 
=== snmp_version ===
Line 266: Line 290:
  
 
Path to the fping binary (/usr/sbin/fping by default).
 
Path to the fping binary (/usr/sbin/fping by default).
 +
 +
=== fsnmp <path a fsnmp> ===
 +
 +
 +
Path to the SNMP binary(/usr/bin/pandorafsnmp by default).
  
 
=== latency_packets xxx ===
 
=== latency_packets xxx ===
Line 285: Line 314:
 
=== recon_enabled 0|1 ===
 
=== recon_enabled 0|1 ===
  
Enable (1) or disable (0) host auto-discovery.
+
It enables (1) or disables (0) host auto-discovery.
  
 
=== recon_timing_template xxx ===
 
=== recon_timing_template xxx ===
  
Like nmap_timing_template, but applies to Satellite Server and Recon Server network scans. 3 by default.
+
Like nmap_timing_template, but applied to network scans.
  
 
=== server_port xxxxx ===
 
=== server_port xxxxx ===
  
 
Tentacle server port.
 
Tentacle server port.
 +
 +
=== server_name xxxxx ===
 +
 +
Satellite server name (by default the machine's hostname).
 +
 +
=== server_path xxxxx ===
 +
 +
Path where the XML files are copied when the transfer_mode is in local (by default /var/spool/pandora/data_in).
 +
 +
=== server_opts ===
 +
 +
Server parameters passed to the Tentacle.
 +
 +
=== transfer_mode XXX ===
 +
 +
File transfer mode. It can be Tentacle or local (by default Tentacle).
  
 
=== Secondary Server ===
 
=== Secondary Server ===
  
An special kind of general configuration parameter is the definition of a secondary server. This allows the definition of a server to send data to, in a complementary way to the server defined the standard way. The secondary server mode works in two different ways:
+
An special kind of general configuration parameter is the definition of a secondary server. This allows defining a server to send data to, in a complementary way to the server defined the standard way. The secondary server mode works in two different ways:
  
* '''on_error''': Send data to the secondary server only in cases it could not send them to the primary one.
+
* '''on_error''': It sends data to the secondary server only when it cannot send them to the primary one.
* '''always''': Always send data to the secondary server, no matter if it's able to contact the main server or not.
+
* '''always''': It always sends data to the secondary server, both if it can contact the main server or not.
  
 
Configuration example:
 
Configuration example:
Line 312: Line 357:
 
=== snmp_verify 0|1 ===
 
=== snmp_verify 0|1 ===
  
Enable (1) or disable (0) the verification of SNMPv1 modules that break braa in realtime. These modules will be discarded and stop being executed.
+
It enables (1) or disables (0) the verification of SNMPv1 modules that make braa fail in real time. These modules will be discarded and stop being executed.
  
 
=== snmp2_verify 0|1 ===
 
=== snmp2_verify 0|1 ===
  
Enable (1) or disable (0) the verification of SNMPv2 modules that break braa in realtime. These modules will be discarded and stop being executed.
+
It enables (1) or disables (0) the verification of SNMPv2 module that make braa fail in real time. These modules will be discarded and stop being executed.
 +
 
 +
{{warning|Verifying SNMP version 2 modules can take lots of time!}}
  
{{warning|Verifying  SNMP version 2 modules can be very slow!}}
+
=== snmp3_verify 0|1 ===
 +
It enable (1) or disables (0) the verification of SNMPv3 modules that make braa fail in real time. These modules will be discarded and stop being executed.
  
 
=== startup_delay xxx ===
 
=== startup_delay xxx ===
  
Wait startup_delay seconds before sending XML data files for the first time.
+
It waits xxx seconds before sending XML data files for the first time.
  
=== temporal /tmp ===
+
=== temporal <directory> ===
  
Temporal directory where XML files are created.
+
Temporal directory where XML files are created, ''/tmp'' by default.
  
 
=== tentacle_client <path to tentacle_client> ===
 
=== tentacle_client <path to tentacle_client> ===
Line 334: Line 382:
 
=== wmi_client <path to wmic> ===
 
=== wmi_client <path to wmic> ===
  
Full path to the WMI client binary (/usr/bin/wmic by default).
+
Full path to the wmic (/usr/bin/wmic by default).
  
 
=== snmp_blacklist <path to the blacklist> ===
 
=== snmp_blacklist <path to the blacklist> ===
  
Path to the SNMP blacklist file (/etc/pandora/satellite_server.blacklist by default).
+
Path to the SNMP module blacklist file (/etc/pandora/satellite_server.blacklist by default).
  
=== add_host <IP address> [agent name] (Version >= 6.0) ===
+
=== add_host <IP address> [agent name] ===
  
Adds the given host to the list of monitored agents. The name for the agent can be specified after the IP address. Multiple hosts may be added, one per line. For example:
+
It adds the given host to the list of monitored agents. The name for the agent can be specified after the IP address. Multiple hosts may be added, one per line. For example:
  
 
  add host 192.168.0.1
 
  add host 192.168.0.1
 
  add host 192.168.0.2 localhost.localdomain
 
  add host 192.168.0.2 localhost.localdomain
  
=== ignore_host <agent name> (Version >= 6.0) ===
+
=== ignore_host <agent name> ===
  
Removes the given host from the list of monitored agents, even if it is found in a network scan by a recon task. The host must be identified by the name of the agent. Multiple hosts may be ignored, one per line.For example:
+
It removes the given host from the list of monitored agents, even if it is found in a network scan by a recon task. The host must be identified by agent name. Multiple hosts may be ignored, one per line. For example:
  
 
  ignore host 192.168.0.1
 
  ignore host 192.168.0.1
 
  ignore host localhost.localdomain
 
  ignore host localhost.localdomain
  
=== keepalive xxx (Version >= 6.0) ===
+
=== keepalive xxx ===
  
Satellite Server reports its status to Pandora Server and checks remote configurations (from agent generated and itself) every '''keepalive''' seconds. It is 30 seconds by default.
+
Satellite Server reports its status and checks remote configuration changes (from agents and its own) every '''keepalive''' seconds. It is 30 seconds by default.
  
=== credential_pass xxx (Version >= 6.0) ===
+
=== credential_pass xxx ===
  
Password used to encrypt credential box passwords. It must match the one defined in the Pandora FMS Console. The hostname is used by default.
+
Password used to encrypt credential box passwords. It must match the one defined in Pandora FMS console. The hostname is used by default.
  
=== timeout_bin <path to timeout> (Version > 6.0SP3) ===
+
=== timeout_bin <path to timeout> ===
 
If defined, the timeout program (usually /usr/bin/timeout) will be used to call the Tentacle client.
 
If defined, the timeout program (usually /usr/bin/timeout) will be used to call the Tentacle client.
  
=== timeout_seconds xxx (Version > 6.0SP3) ===
+
=== timeout_seconds xxx ===
Timeout in seconds for the timeout command. timeout_bin must be configured.
+
Timeout in seconds for the timeout command. The timeout_bin parameter must be configured.
 +
 
 +
=== proxy_traps_to <address[:port]>  ===
  
=== proxy_traps_to <address[:port]> (Version > 6.0SP3) ===
+
It redirects SNMP traps received by the Satellite server to the given address (and port). Port 162 is used by default.
  
Proxy SNMP traps received by the Satellite Server to the given address (and port). Port 162 is used by default.
+
=== proxy_tentacle_from <address[:port]>  ===
  
=== proxy_tentacle_to <address[:port]> (Version > 6.0SP3) ===
+
It redirects data received by Tentacle server from the specified address and port. Port 41121 is used by default.
  
Proxy Tentacle client requests received by the Satellite Server to the given address (and port). Port 41121 is used by default.
+
=== proxy_tentacle_to <address[:port]>  ===
  
=== dynamic_inc 0|1 (Version > 6.0SP4) ===
+
It redirects Tentacle client requests received by the Satellite Server to the given address (and port). Port 41121 is used by default.
  
Set to 1 to move dynamic auto-discovered modules (SNMP, WMI...) to separate files so that they don't interfere with remote agent configuration.
+
{{Warning|This option may be in conflict with remote agent configuration.
 +
 
 +
This happens if the Satellite server is intended to be used as proxy for some software agents and monitor them remotely from the Satellite server itself (ICMP, SNMP, etc.) and remote configuration is enabled in both cases.
 +
 
 +
In this situation, it is necessary to either use different agents for the performed checks (i.e. with different agent_name), or leave the remote configuration enabled only on one of them (Satellite Server or software agents).}}
 +
 
 +
=== dynamic_inc 0|1  ===
 +
 
 +
Set to 1 to move dynamic auto-discovered modules (SNMP, WMI...) to separate files so that they do not interfere with remote agent configuration.
 +
 
 +
=== vlan_cache_enabled 0|1 ===
 +
 
 +
It enables (1) or disables (0) the VLAN cache in the auto-discovered hosts.
  
 
=== verbosity <0-10> (Version > 7.0OUM204) ===
 
=== verbosity <0-10> (Version > 7.0OUM204) ===
Line 386: Line 448:
 
=== agents_blacklist_icmp (Version > 7.0OUM713) ===
 
=== agents_blacklist_icmp (Version > 7.0OUM713) ===
  
Blacklist of ICMP checks . This field can be configured with a list of IPs using CIDR notation to prevent ICMP-type modules from running. You can specify multiple subnets by separating them with commas.
+
ICMP check blacklist. This field can be configured with a list of IPs, using CIDR notation to prevent ICMP-type modules from running. To specify multiple subnets, separate them with commas.
  
 
=== agents_blacklist_snmp (Version > 7.0OUM713) ===
 
=== agents_blacklist_snmp (Version > 7.0OUM713) ===
  
Blacklist of SNMP checks. This field can be configured with a list of IPs using CIDR notation to prevent SNMP-type modules from running. You can specify multiple subnets by separating them with commas.
+
SNMP check blacklist. This field can be configured with a list of IPs, using CIDR notation to prevent SNMP-type modules from running. Specify multiple subnets by separating them with commas.
  
 
=== agents_blacklist_wmi (Version > 7.0OUM713) ===
 
=== agents_blacklist_wmi (Version > 7.0OUM713) ===
  
Blacklist of WMI Checks. This field can be configured with a list of IPs using the CIDR notation to prevent WMI-type modules from running. You can specify multiple subnets by separating them with commas.
+
WMI Check blacklist. This field can be configured with a list of IPs, using the CIDR notation to prevent WMI-type modules from running. Specify multiple subnets by separating them with commas.
 +
 
 +
=== general_gis_exec (Version > 7.0OUM734) ===
 +
 
 +
GIS positioning script for all agents detected by the Satellite server. The script must be executable and must print on screen the coordinates with the format <longitude>,<latitude>[,<altitude>]. The third parameter, latitude, is optional.
 +
 
 +
== Agent creation in Satellite Server ==
 +
 
 +
There are three ways of creating an agent in the Satellite server: '''Recon Task''', '''Satellite_hosts.txt''' file, or '''manually''' creating the .conf of the agents to monitor.
 +
 
 +
=== Agent creation through Recon Task ===
 +
 
 +
The creation of agents through Recon Task is the most used by PandoraFMS users. To be able to do it, go to the Satellite server configuration file and set the following parameters:
 +
 
 +
* '''recon_community''': Specify a list of SNMP communities to use in SNMP discovery separated by commas (in case of performing a recon of the SNMP type).
 +
 
 +
* '''recon_enabled''': It must be set to 1 to enable the recon task of the Satellite server.
  
== Specific Configurations (per agent) ==
+
* '''recon_interval''': Time interval where a certain network is scanned, in seconds (604800 seconds by default, 7 days).
  
In addition to autodiscovered modules, all kinds of TCP, SNMP or WMI tests can be added, using a similar syntax to the local modules in software agents.
+
* '''recon_mode''':Recon task mode (snmp,icmp,wmi) separated by commas.
 +
 
 +
* '''recon_task''': List of networks to be recognized, separated by commas.
 +
 
 +
* '''recon_timing_template''': A value that specifies how aggressive  nmap must be, from 1 to 5. 1 means slower but more reliable, 5 means faster but less reliable (3 by default).
 +
 
 +
An example of Recon Task would be:
 +
 
 +
recon_community public
 +
recon_enabled 1
 +
recon_interval 604800
 +
recon_mode icmp,snmp,wmi
 +
recon_task 192.168.0.0/24,192.168.1.0/24
 +
recon_timing_template 3
 +
 
 +
Once the data has been configured, run the satellite server using the command:
 +
 
 +
/etc/init.d/satellite_serverd start
 +
 
 +
{{Warning|The agents without modules in their configuration files will be ignored by the Satellite Server.}}
 +
 
 +
=== Agent creation through Satellite_hosts.txt ===
 +
 
 +
First, in order to create an agent through the satellite_hosts.txt file, go to the configuration file of the Satellite server and uncomment the line:
 +
 
 +
host_file /etc/pandora/satellite_hosts.txt
 +
 
 +
Secondly, create the file satellite_hosts.txt with the IP of the host that you wish to create by entering IP and name of the agent to create:
 +
 
 +
192.168.10.5 Server.5
 +
192.168.10.6 Server.6
 +
192.168.10.7 Server.7
 +
 
 +
{{Warning|In order for these IPs to be created, it is necessary to be able to make the fping call to each one of the IPs in the list, otherwise it will not be created.}}
 +
 
 +
Once the data has been configured, run the satellite server using the command:
 +
 
 +
/etc/init.d/satellite_serverd start
 +
 
 +
The reading of the indicated file is done every "recon_interval" seconds.
 +
 
 +
=== Manual Agent Creation ===
 +
 
 +
Firstly, look at the configuration file of the Satellite server in the parameter agent_conf_dir, which is where the new agent configuration files are created (''/etc/pandora/conf'').
 +
 
 +
cd /etc/pandora/conf
 +
 
 +
Once this path is located, create a .conf file of the agents you wish to create, taking for example the server agent as example, and manually filling in the following fields:
 +
 
 +
* '''agent_name''': Agent name.
 +
* '''agent_alias''': Agent alias.
 +
* '''address''': IP of the element to monitor.
 +
* '''group''': Group to assign the agent to.
 +
* '''gis_exec''': Positioning script (optional). It overwrites the ''general_gis_exec'' location of the Satellite server.
 +
* Modules to be monitored by the agent.
 +
 
 +
An example would be:
 +
 
 +
agent_name Example1
 +
agent_alias It is an example
 +
address X.X.X.X
 +
group Servers
 +
module_begin
 +
module_name Ping
 +
module_ping
 +
module_end
 +
module_begin
 +
module_name Latency
 +
module_latency
 +
module_end
 +
 
 +
Once the data has been configured, run the Satellite server using the command:
 +
/etc/init.d/satellite_serverd start
 +
 
 +
== Agent removal in Satellite Server ==
 +
 
 +
There are several cases regarding agent removal from the Satellite server: total agent removal of partial agent removal.
 +
 
 +
For agent ''total removal'', take into account the method used in agent creation.
 +
 
 +
* '''Manual''': First remove the .conf files from the agents created in the /etc/pandora/conf folder and then remove the agents in the console.
 +
 
 +
* '''Satellite_hosts.txt file''': Delete the file .txt, as well as the .conf that have been created in the folder /etc/pandora/conf and later delete the agents from the console.
 +
 
 +
* '''Recon_task''': Deconfigure the recon_task in the conf file of the Satellite server, then remove the conf created in the folder /etc/pandora/conf and then remove the agents from the console.
 +
 
 +
For agent '''partial removal''' also take into account the method used in the agent creation.
 +
 
 +
* '''Manual''': First of all, remove the .conf files from the agents you wish to delete in the /etc/pandora/conf folder and then remove the agents from the console.
 +
 
 +
* '''Satellite_hosts.txt file''': Delete the lines of the IPs from the file.txt, as well as the conf that have been created in the folder /etc/pandora/conf with those IPs and then delete the agents from the console.
 +
 
 +
* '''Recon_task''': Configure the blacklist of the recon_task in the conf file of the Satellite server, then remove the .conf created in the folder /etc/pandora/conf with those IPs and then remove the agents in the console.
 +
 
 +
== Custom settings (by agent) ==
 +
 
 +
In addition to "automatic" modules, all kinds of available TCP, SNMP or WMI tests can be added, using a similar syntax to the local modules in software agents. Here are some module examples valid for Satellite server, just as they are autogenerated after being detected by the system.
  
 
{{warning |Make sure OIDs start with a leading dot, otherwise SNMP modules will not work!}}
 
{{warning |Make sure OIDs start with a leading dot, otherwise SNMP modules will not work!}}
  
Status of the Interface (SNMP). The Satellite Server detects automatically each interface.
+
Interface status through SNMP. The Satellite server detects automatically each interface.
  
 
  module_begin
 
  module_begin
 
  module_name if eth1 OperStatus
 
  module_name if eth1 OperStatus
 
  module_description IP address N/A. Description: The current operational state of the interface. The testing(3) state indicates that no operational packets can be passed.
 
  module_description IP address N/A. Description: The current operational state of the interface. The testing(3) state indicates that no operational packets can be passed.
  module_type remote_snmp_string
+
  module_type generic_data_string
 
  module_snmp 192.168.70.225
 
  module_snmp 192.168.70.225
 
  module_oid .1.3.6.1.2.1.2.2.1.8.3
 
  module_oid .1.3.6.1.2.1.2.2.1.8.3
Line 413: Line 587:
 
  module_end
 
  module_end
  
To force the module to use SNMP version 2c add the line:
+
To force the module to use SNMP version 2c, add the line:
  
 
  module_version 2c
 
  module_version 2c
  
To force the module to use SNMP version 1 add the line:
+
To force the module to use SNMP version 1, add the line:
  
 
  module_version 1
 
  module_version 1
Line 426: Line 600:
 
  module_name if eth1 OperStatus
 
  module_name if eth1 OperStatus
 
  module_description IP address N/A. Description: The current operational state of the interface. The testing(3) state indicates that no operational packets can be passed.
 
  module_description IP address N/A. Description: The current operational state of the interface. The testing(3) state indicates that no operational packets can be passed.
  module_type remote_snmp_string
+
  module_type generic_data_string
 
  module_snmp 192.168.70.225
 
  module_snmp 192.168.70.225
 
  module_version 2c
 
  module_version 2c
Line 441: Line 615:
 
  module_end
 
  module_end
  
General SNMP check. In this case the server extracts automatically the traffic for each interface with it's descriptive name.
+
Port check (using TCP)
 +
 
 +
module_begin
 +
module_name Port 80
 +
module_type generic_proc
 +
module_tcp
 +
module_port 80
 +
module_end
 +
 
 +
General SNMP check. In this case, the server retrieves automatically the traffic from each interface with its"real" descriptive name.
 
  module_name if eth0 OutOctets
 
  module_name if eth0 OutOctets
 
  module_description The total number of octets transmitted out of the interface, including framing characters.
 
  module_description The total number of octets transmitted out of the interface, including framing characters.
  module_type remote_snmp_inc
+
  module_type generic_data_inc
 
  module_snmp 192.168.70.225
 
  module_snmp 192.168.70.225
 
  module_oid .1.3.6.1.2.1.2.2.1.16.2
 
  module_oid .1.3.6.1.2.1.2.2.1.16.2
Line 459: Line 642:
 
  module_end
 
  module_end
  
Memory free wmi check (percentage).  
+
Memory free WMI check (percentage).  
  
 
  module_begin
 
  module_begin
Line 468: Line 651:
 
  module_end
 
  module_end
  
General WMI Querry
+
General WMI Query
  
 
  module_begin
 
  module_begin
Line 487: Line 670:
 
  module_end
 
  module_end
  
To introduce a threshold we must do it in the text definition of the module and the definition in the console for each module (module_min_warning, module_min_critical):
+
To add a threshold, do it both in the module's text definition and threshold definition in the web interface (module_min_warning, module_min_critical). For example:
  
 
  module_begin
 
  module_begin
Line 497: Line 680:
 
  module_end
 
  module_end
  
Manually we can create execution modules. The scripts or commands that the satellite server executes must be previously established and available for the server to use. The use of module_exec can make the performance speed of the satellite server to shrink.
+
Execution modules can be created manually. The scripts or commands executed by the Satellite server must be previously established and available for the server to use. The use of module_exec can make the performance of the Satellite server to become poor.
  
 
  module_begin
 
  module_begin
Line 507: Line 690:
 
  module_end
 
  module_end
  
== Credential boxes (> 6.0) ==
+
From Pandora FMS version 7 on, plugins can be added. Like those, note that the plugins will run on the machine where the Satellite server is running. Therefore, it will be necessary to implement in these plugins some method to connect to the remote computer you wish to monitor. The advantage over the previous ones is their great flexibility. In this way, preconditions and other mechanisms for which a module_exec falls short can be implemented. The syntax is the same as that of the agents. An example of using a plugin might be as follows:
 +
 
 +
module_plugin /usr/share/pandora/remote_advanced_checks.sh 192.168.0.1
 +
 
 +
=== SNMPv3 ===
 +
 
 +
To configure an SNMPv3 module, set ''module_version'' to 3 and specify the security level (''noauth'', ''authnopriv'' or ''authpriv''), security name, authentication protocol (''md5'' or ''sha''), authentication password, privacy protocol (''aes'' or ''des'') and privacy password as required. For example:
 +
 
 +
module_begin
 +
module_name snmp_noauth
 +
module_type generic_data_string
 +
module_snmp 127.0.0.1
 +
module_version 3
 +
module_oid .1.3.6.1.2.1.1.1.0
 +
module_seclevel noauth
 +
module_secname snmpuser
 +
module_end
 +
 
 +
module_begin
 +
module_name snmp_authnopriv
 +
module_type generic_data_string
 +
module_snmp 127.0.0.1
 +
module_version 3
 +
module_oid .1.3.6.1.2.1.1.2.0
 +
module_seclevel authnopriv
 +
module_secname snmpuser
 +
module_authproto md5
 +
module_authpass 12345678
 +
module_end
 +
 
 +
module_begin
 +
module_name snmp_authpriv
 +
module_type generic_data_string
 +
module_snmp 127.0.0.1
 +
module_version 3
 +
module_oid .1.3.6.1.2.1.1.2.0
 +
module_seclevel authpriv
 +
module_secname snmpuser
 +
module_authproto sha
 +
module_authpass 12345678
 +
module_privproto aes
 +
module_privpass 12345678
 +
module_end
 +
 
 +
SNMPv3 specific configuration can be shared between modules by placing it outside the module declaration, in case it is the same for all of them (it can also be shared between agents by moving it to the Satellite's configuration file):
 +
 
 +
agent_name snmp
 +
address 127.0.0.1
 +
 +
seclevel authpriv
 +
secname snmpuser
 +
authproto md5
 +
authpass 12345678
 +
privproto des
 +
privpass 12345678
 +
 +
module_begin
 +
module_name snmp_authpriv_1
 +
module_type generic_data_string
 +
module_snmp
 +
module_version 3
 +
module_oid .1.3.6.1.2.1.1.1.0
 +
module_end
 +
 +
module_begin
 +
module_name snmp_authpriv_2
 +
module_type generic_data_string
 +
module_snmp
 +
module_version 3
 +
module_oid .1.3.6.1.2.1.1.2.0
 +
module_end
 +
 
 +
== Credential boxes  ==
  
 
Unless key-based authentication is properly configured, SSH modules require a username and a password in order to work. These are configured in the main configuration file, satellite_server.conf, using credential boxes with the following format:
 
Unless key-based authentication is properly configured, SSH modules require a username and a password in order to work. These are configured in the main configuration file, satellite_server.conf, using credential boxes with the following format:
Line 528: Line 783:
  
  
If the configuration of the satellite server is correct we should be able to see the following in Agent Detail:
+
If the configuration of the satellite server is correct, you should an aent view similar to this one:
  
 
<center>
 
<center>
Line 534: Line 789:
 
</center>
 
</center>
  
Generally in all machines ICMP (Ping and Latency) modules would be created but in some machines SNMP and WMI modules can be created.
+
Generally, in all machines ICMP (Ping and Latency) modules will be created, but in some machines SNMP and WMI modules can be created. In machines where WMI is enabled, the following modules will be generated if available:
 
 
In machines witch have enabled WMI the following modules can generate.
 
  
 
<center>
 
<center>
Line 542: Line 795:
 
</center>
 
</center>
  
In machines with enabled SNMP the following modules will generate:
+
In machines with SNMP enabled, the following modules will be generated if available:
  
 
<center>
 
<center>
Line 548: Line 801:
 
</center>
 
</center>
  
In the massive operations menu of the pandora console there is a specific section for the satellite server where different edition, deletion actions can be performed on agents and modules massively.
+
In the massive operations menu of the Pandora FMS console, there is a specific section for the Satellite server where different edition and deletion actions can be performed on agents and modules massively.
  
 
<center>
 
<center>
Line 556: Line 809:
 
== SNMP blacklist ==
 
== SNMP blacklist ==
  
When monitoring big networks SNMP modules that return invalid data can affect the performance of the Satellite Server and many modules may become unknown. The Satellite Server can read a blacklist of SNMP modules that will be discarded at startup before execution.
+
When monitoring big networks, SNMP modules that return invalid data may affect the performance of the Satellite server and many modules may become Unknown. To avoid that, the Satellite Server can read a blacklist of SNMP modules that will be discarded at startup before execution.
  
To create a new blacklist edit the ''/etc/pandora/satellite_server.conf'' configuration file and make sure ''snmp_blacklist'' if configured. Then run:
+
To create a new blacklist, edit the ''/etc/pandora/satellite_server.conf'' configuration file and make sure ''snmp_blacklist'' if uncommented and configured with the path of the file where blacklist modules are saved. Then run:
  
    satellite_server -v /etc/pandora/satellite_server.conf
+
satellite_server -v /etc/pandora/satellite_server.conf
  
And restart the Satellite Server. The blacklist can be regenerated as many times as needed.
+
Restart the Satellite server. The blacklist can be regenerated as many times as needed.
  
 
The format of the blacklist file is:
 
The format of the blacklist file is:
Line 572: Line 825:
 
For example:
 
For example:
  
  192.168.0.1:1.3.6.1.4.1.9.9.27  
+
  192.168.0.1:.1.3.6.1.4.1.9.9.27  
  192.168.0.2:1.3.6.1.4.1.9.9.27  
+
  192.168.0.2:.1.3.6.1.4.1.9.9.27  
  
 
[[Category:Pandora FMS]]
 
[[Category:Pandora FMS]]

Latest revision as of 15:59, 20 May 2020

Contents

1 Satellite Server

1.1 Introduction

The Satellite Server is used for network and remote system both monitoring and discovery. It can discover network elements (routers, switches, etc) using SNMP or ICMP, or Windows servers (using WMI) and Linux servers (using SNMP). This is no "ordinary" server, it can be considered to be agent in broker mode with extended features. It is an exclusive component for the Enterprise version. It is particularly useful to monitor inaccessible remote networks where a software agent is not even an option from Pandora FMS server.

Info.png

The Satellite Server is an exclusive Enterprise component.

 


Esquema-satellite.png

The Satellite server can be used in Windows and Linux (recommended) alike, and it has some features that make it more special, highly recommended in certain environments.

  • It can execute network tests (ICMP, Latency and SNMP v1 and v2) at an extremely high pace (500 checks per second).
  • It only sends information to the server every X seconds (300 seconds by default), but it can execute latency, ICMP and SNMP tests within a smaller interval (30 seconds for example). That way, it can warn Pandora FMS Server almost instantly when there is a status change. This status changes must have been previously defined if the module type is not a *_proc (network interfaces or general network connectivity for example).
  • It does not require connection to the database, rather it is autonomous. It sends all files in XML format the same way as an independent server, similar to a broker agent or an export server.
  • It has an auto-discovery system for SNMP and WMI. It creates detected agents (by IP address), it detects dynamic elements (network interfaces, storage) and monitors them automatically.
  • In Windows systems, it can detect hard drives, CPUs, and memories.
  • In systems with SNMP, it can detect interface status, inbound and outbound traffic for each interface and the name of the system.
  • Auto-genarated modules can be modified, like every other module, managing the agent from the console as if it was an ordinary agent (in Mass operations menu > Satellite).
  • Agents can be created manually by creating an agent configuration file in the Satellite server directory for agent configuration files (explained later on).

1.1.1 Capacity

It is difficult to pinpoint the maximum capacity of the Satellite, as it depends entirely on the server running and the type of checks you want to perform. In the test environment, 500 checks ICMP/SNMP per second have been made, but that depends a lot on the response times of remote devices (it is not the same a device which answers in 0.5ms than one that takes 2 seconds to answer back). Under ideal conditions, an amount of 150,000 checks could be monitored with a single Satellite server. In real conditions, it has been tested in controlled environments (LAN) made of about 50,000 modules with a single Satellite server in a low-end computer hardware (Intel i5, 2GZ, 4GB RAM).

Template warning.png

IF THERE ARE MANY CRITICAL MODULES, THE PERFORMANCE WILL BE AFFECTED. Take into account the configured timeout, since there is only one check for each critical monitor for timeout. If there are 1000 critical modules and the timeout is configured to 4 seconds, it will take 4000 seconds to execute all the checks with only one thread.

 


Info.png

 


1.2 Installation

The Satellite Server is distributed as tarball (Linux) or .exe (Windows), so it is not necessary to install Perl or any additional library. It works the same in Windows or Linux versions. In Windows systems, it is installed as a service, and in Linux systems, it is installed as a daemon. The configuration file and specifications in both cases are the same.

Satellite server Linux version depends on external packages that are specified in the corresponding version of this documentation.

1.3 Satellite Server Installation in Linux Systems

Once downloaded the binary witch contains the Satellite server, go to the download directory with root privileges and unzip the binary:

tar -xvzf pandorafms_satellite_server_X.XNG.XXX_x86_64.tar.gz


Desarchivar nuevo.png

Then, a folder called satellite_server will be created. Get in typing:

cd satellite_server/

Before proceeding with the installation, these are the main dependencies of the Satellite server: fping, nmap, wmic y braa.

It is also necessary for server execution to have installed Perl in the device. It can be installed with the following command:

yum install perl.}}

In the installer, Braa and Wmic dependencies are included. Fping and Nmap must be installed independently.

To install the Satellite Server we can just execute the installing command:

 ./satellite_server_installer --install



Instalacion linux nuevo.png

Once finished, edit the satellite_server.conf file (located in /etc/pandora/satellite_server.conf), look for the token pandora_license, uncomment it and enter the Pandora FMS server license. Afterwards, save the file and activate the service executing this:

sudo /etc/init.d/satellite_serverd start

In case of failure, take a look at the satellite_server.log file, located in /var/log/satellite_server.log.

1.4 Windows Installation

The installation process in Windows can be carried out following the images shown below:

Start by choosing the installation language:

English installation1.png

Click on Next


Instalacion windows2 nuevo.png

Choose where to install the program:


Instalacion windows3 nuevo.png

WinPCap installation is required. The installation window will appear at this step of the installation process:

Instalación wincap1.png

Then configure WinPCap to start when system starts.

Instalación wincap2.png

Once WinPCap installation is finished, this window will appear:

Instalación wincap3.png

Enter the Pandora FMS license number to continue the installation:


Instalacion windows4 nuevo.png


Then, set the Pandora FMS server address to send data. Define the network recon rules for Satellite server:


Instalacion windows5 new.png

At the end, restart the system so that all changes are applied.


Instalacion windows6 nuevo.png

Once ther process is finished, start and stop the Satellite server from the Start menu.

1.4.1 WMI module operation in some Windows versions

For Windows security reasons, some versions have limited users who can remotely query WMI. If these queries were not carried out, the solution would be to run the service Satellite server as an Administrator user.

The process to follow is:

Open services:


Instalacion windows7 nuevo.png

<br

Right click on the service and go to Properties:



Instalacion windows8 nuevo.png


On the Log In window, select an account with Administrator permissions and apply changes:



Instalacion windows9 nuevo.png


Finally, restart the service.

1.5 Configuration

All parameters that require a timeout or some time are specified in seconds, for example 300 = 5 minutes.

It is important to keep in mind that the latency and snmp intervals are specific for the status change. In case of Boolean checks (port or machine status) the threshold that defines the status change is automatic. For numerical values (latency, network traffic in an interface, disk space, CPU, etc), it is based an a threshold that must be defined in each module.

1.5.1 agent_interval xxx

300 seconds by default (5 minutes), it creates agents with a 5 minute interval. After that time, information is sent to the server. Regardless of checks done by the network server having a lower interval.

1.5.2 agent_theads xxx

Number of threads used for sending agent XML data files.

1.5.3 xxxxxx_interval xxx

It executes all checks (latency, snmp, etc) every xxx seconds. If the collected data is different compared to the previous one, it sends it instantly. If it is the same, it will send it when the agent interval says so. It is useful to perform intesive checks and notify only in case of status change.

1.5.4 xxxxx_retries xxx

Number of retries in checks (latency, snmp, ping...).

1.5.5 xxxxx_timeout xxx

Timeout in seconds for SNMP, Latency and Ping checks.

1.5.6 xxxxx_block xxx

It forces the server to execute checks into blocks of XXX checks. The higher the number (500 tops) the more capacity it will have, but at the expense of an increased latency. Sometimes, it might be recommended to lower that number (latency, ping and snmp).

1.5.7 xxxxx_threads n

Number of assigned threads to every type of check. It depends on the capacity (CPY and RAM) of the machine. The higher the threads, the higher the load on the machine but the processing capacity will be higher. The performance may become poor when exceeding 20 threads, depending on each system.

1.5.8 log_file /var/log/satellite_server.log

It indicates the file where the Satellite server log is written, by default the path is /var/log/satellite_server.log.

1.5.9 recon_task xxxxx[,yyyy]

IP networks and addresses for autodiscovery separated by commas, for example:

192.168.50.0/24,10.0.1.0/22,192.168.70.64/26

1.5.10 server_ip <ip>

IP address or DNS name of Pandora FMS Server where the information is sent. It is done using the Tentacle protocol, so communication with the system must be possible through Tentacle port (port 41121/tcp).

1.5.11 recon_mode [icmp,snmp,wmi]

Autodiscovery mode. The system will use the following protocols to discover systems:

  • ICMP: It will just check whether the host is alive (ping) and measure latency time.
  • SNMP: If it is capable of communicating by SNMP (only v1 and v2), it will look for all the interfaces and get its trafic from all of them, as well as its operative status and device name and location. It will try different communities provided in the configuration file to connect.
  • WMI: Similar to the previous case, but in this case showing CPU usage, memory and hard drives (all available ones).

1.5.12 recon_community aaa,bbb,ccc...

It states a list of SNMP communities to be used in SNMP discovery, separated by commas. It will use this list in SNMP exploration: for each IP found, it will try to see whether it answers to any of these communities.

1.5.13 wmi_auth Administrator%password

It specifies a list of User%Password pairs, e.g: admin%1234,super%qwerty. This list is used in WMI discovery. For each IP found, it will try to see whether it answers to any of these combinations.

1.5.14 agent_conf_dir <path to agente conf dir>

In this directory, configuration files of each agent discovered by the satellite server are automatically created, it is /etc/pandora/conf by default. They may also be manually created, as explained later on.

1.5.15 group <grupo>

It specifies the default group for agents created by the Satellite Server. For instance: "Servers".

1.5.16 daemon 1|0

When set to 1, it starts the daemon in the background (by default).

1.5.17 hostfile <file>

It is an alternative/complementary method for network scanning. A file is provided with an adress in each line. It can include the hostname followed by the IP as well, so that the agent created bears that name and uses that IP for modules (e.g. 193.168.0.2 hostname). It must be possible to send and fping to those addresses for them to be valid.

1.5.18 pandora_license xxxxxxx

Type in there the Pandora FMS server license number, as it appears in the Setup->Licence section in Pandora FMS console. It may use the same licence in as many Satellite servers as you need, since the total amount of agents that use the licence is verified in Pandora FMS server, not in the Satellite.

1.5.19 remote_config 1|0

It enables remote configuration in detected agents by default. It is mandatory if you wish yo manage them from the console after detecting them. It also activates Satellite server remote configuration. To find out more, see Remote configuration.

1.5.20 temporal_min_size

If the free space (in MB) in the partition where the temporary directory is located is smaller than this value, data packages are not generated anymore. It prevents the disk from becoming full if the connection with the server is lost during an extended interval for some reason.

1.5.21 xml_buffer

The default value is '0'. If set to '1', the agent will save any XML data files that could not be sent to retry it later on.

In a safe UNIX environment, consider changing the temporal directory, '/tmp' gives writting permissions to all users.

1.5.22 snmp_version

SNMP version to use by default (only 1 and 2c are supported). 1 by default.

Template warning.png

Some modules could stop working if you change this setting.

 


1.5.23 braa <path to braa>

Path to the braa binary (/usr/bin/braa by default).

1.5.24 fping <path to fping>

Path to the fping binary (/usr/sbin/fping by default).

1.5.25 fsnmp <path a fsnmp>

Path to the SNMP binary(/usr/bin/pandorafsnmp by default).

1.5.26 latency_packets xxx

Number of ICMP packets to send per latency request.

1.5.27 nmap <path to nmap>

Path to the nmap binary (/usr/bin/nmap by default).

1.5.28 nmap_timing_template xxx

A value that specifies how aggressive nmap should be from 1 to 5. 1 means slower but more reliable, 5 means faster but less reliable. 2 by default.

1.5.29 ping_packets xxx

Number of ICMP packets to send per ping request.

1.5.30 recon_enabled 0|1

It enables (1) or disables (0) host auto-discovery.

1.5.31 recon_timing_template xxx

Like nmap_timing_template, but applied to network scans.

1.5.32 server_port xxxxx

Tentacle server port.

1.5.33 server_name xxxxx

Satellite server name (by default the machine's hostname).

1.5.34 server_path xxxxx

Path where the XML files are copied when the transfer_mode is in local (by default /var/spool/pandora/data_in).

1.5.35 server_opts

Server parameters passed to the Tentacle.

1.5.36 transfer_mode XXX

File transfer mode. It can be Tentacle or local (by default Tentacle).

1.5.37 Secondary Server

An special kind of general configuration parameter is the definition of a secondary server. This allows defining a server to send data to, in a complementary way to the server defined the standard way. The secondary server mode works in two different ways:

  • on_error: It sends data to the secondary server only when it cannot send them to the primary one.
  • always: It always sends data to the secondary server, both if it can contact the main server or not.

Configuration example:

secondary_server_ip     192.168.1.123
secondary_server_path   /var/spool/pandora/data_in
secondary_mode          on_error
secondary_transfer_mode tentacle
secondary_server_port   41121

1.5.38 snmp_verify 0|1

It enables (1) or disables (0) the verification of SNMPv1 modules that make braa fail in real time. These modules will be discarded and stop being executed.

1.5.39 snmp2_verify 0|1

It enables (1) or disables (0) the verification of SNMPv2 module that make braa fail in real time. These modules will be discarded and stop being executed.

Template warning.png

Verifying SNMP version 2 modules can take lots of time!

 


1.5.40 snmp3_verify 0|1

It enable (1) or disables (0) the verification of SNMPv3 modules that make braa fail in real time. These modules will be discarded and stop being executed.

1.5.41 startup_delay xxx

It waits xxx seconds before sending XML data files for the first time.

1.5.42 temporal <directory>

Temporal directory where XML files are created, /tmp by default.

1.5.43 tentacle_client <path to tentacle_client>

Full path to the Tentacle client (/usr/bin/tentacle_client by default).

1.5.44 wmi_client <path to wmic>

Full path to the wmic (/usr/bin/wmic by default).

1.5.45 snmp_blacklist <path to the blacklist>

Path to the SNMP module blacklist file (/etc/pandora/satellite_server.blacklist by default).

1.5.46 add_host <IP address> [agent name]

It adds the given host to the list of monitored agents. The name for the agent can be specified after the IP address. Multiple hosts may be added, one per line. For example:

add host 192.168.0.1
add host 192.168.0.2 localhost.localdomain

1.5.47 ignore_host <agent name>

It removes the given host from the list of monitored agents, even if it is found in a network scan by a recon task. The host must be identified by agent name. Multiple hosts may be ignored, one per line. For example:

ignore host 192.168.0.1
ignore host localhost.localdomain

1.5.48 keepalive xxx

Satellite Server reports its status and checks remote configuration changes (from agents and its own) every keepalive seconds. It is 30 seconds by default.

1.5.49 credential_pass xxx

Password used to encrypt credential box passwords. It must match the one defined in Pandora FMS console. The hostname is used by default.

1.5.50 timeout_bin <path to timeout>

If defined, the timeout program (usually /usr/bin/timeout) will be used to call the Tentacle client.

1.5.51 timeout_seconds xxx

Timeout in seconds for the timeout command. The timeout_bin parameter must be configured.

1.5.52 proxy_traps_to <address[:port]>

It redirects SNMP traps received by the Satellite server to the given address (and port). Port 162 is used by default.

1.5.53 proxy_tentacle_from <address[:port]>

It redirects data received by Tentacle server from the specified address and port. Port 41121 is used by default.

1.5.54 proxy_tentacle_to <address[:port]>

It redirects Tentacle client requests received by the Satellite Server to the given address (and port). Port 41121 is used by default.

Template warning.png

This option may be in conflict with remote agent configuration.

This happens if the Satellite server is intended to be used as proxy for some software agents and monitor them remotely from the Satellite server itself (ICMP, SNMP, etc.) and remote configuration is enabled in both cases.

In this situation, it is necessary to either use different agents for the performed checks (i.e. with different agent_name), or leave the remote configuration enabled only on one of them (Satellite Server or software agents).

 


1.5.55 dynamic_inc 0|1

Set to 1 to move dynamic auto-discovered modules (SNMP, WMI...) to separate files so that they do not interfere with remote agent configuration.

1.5.56 vlan_cache_enabled 0|1

It enables (1) or disables (0) the VLAN cache in the auto-discovered hosts.

1.5.57 verbosity <0-10> (Version > 7.0OUM204)

Log verbosity level from 0 (less verbose) to 10 (more verbose).

1.5.58 agents_blacklist_icmp (Version > 7.0OUM713)

ICMP check blacklist. This field can be configured with a list of IPs, using CIDR notation to prevent ICMP-type modules from running. To specify multiple subnets, separate them with commas.

1.5.59 agents_blacklist_snmp (Version > 7.0OUM713)

SNMP check blacklist. This field can be configured with a list of IPs, using CIDR notation to prevent SNMP-type modules from running. Specify multiple subnets by separating them with commas.

1.5.60 agents_blacklist_wmi (Version > 7.0OUM713)

WMI Check blacklist. This field can be configured with a list of IPs, using the CIDR notation to prevent WMI-type modules from running. Specify multiple subnets by separating them with commas.

1.5.61 general_gis_exec (Version > 7.0OUM734)

GIS positioning script for all agents detected by the Satellite server. The script must be executable and must print on screen the coordinates with the format <longitude>,<latitude>[,<altitude>]. The third parameter, latitude, is optional.

1.6 Agent creation in Satellite Server

There are three ways of creating an agent in the Satellite server: Recon Task, Satellite_hosts.txt file, or manually creating the .conf of the agents to monitor.

1.6.1 Agent creation through Recon Task

The creation of agents through Recon Task is the most used by PandoraFMS users. To be able to do it, go to the Satellite server configuration file and set the following parameters:

  • recon_community: Specify a list of SNMP communities to use in SNMP discovery separated by commas (in case of performing a recon of the SNMP type).
  • recon_enabled: It must be set to 1 to enable the recon task of the Satellite server.
  • recon_interval: Time interval where a certain network is scanned, in seconds (604800 seconds by default, 7 days).
  • recon_mode:Recon task mode (snmp,icmp,wmi) separated by commas.
  • recon_task: List of networks to be recognized, separated by commas.
  • recon_timing_template: A value that specifies how aggressive nmap must be, from 1 to 5. 1 means slower but more reliable, 5 means faster but less reliable (3 by default).

An example of Recon Task would be:

recon_community public
recon_enabled 1
recon_interval 604800
recon_mode icmp,snmp,wmi
recon_task 192.168.0.0/24,192.168.1.0/24
recon_timing_template 3

Once the data has been configured, run the satellite server using the command:

/etc/init.d/satellite_serverd start

Template warning.png

The agents without modules in their configuration files will be ignored by the Satellite Server.

 


1.6.2 Agent creation through Satellite_hosts.txt

First, in order to create an agent through the satellite_hosts.txt file, go to the configuration file of the Satellite server and uncomment the line:

host_file /etc/pandora/satellite_hosts.txt

Secondly, create the file satellite_hosts.txt with the IP of the host that you wish to create by entering IP and name of the agent to create:

192.168.10.5 Server.5
192.168.10.6 Server.6
192.168.10.7 Server.7

Template warning.png

In order for these IPs to be created, it is necessary to be able to make the fping call to each one of the IPs in the list, otherwise it will not be created.

 


Once the data has been configured, run the satellite server using the command:

/etc/init.d/satellite_serverd start

The reading of the indicated file is done every "recon_interval" seconds.

1.6.3 Manual Agent Creation

Firstly, look at the configuration file of the Satellite server in the parameter agent_conf_dir, which is where the new agent configuration files are created (/etc/pandora/conf).

cd /etc/pandora/conf

Once this path is located, create a .conf file of the agents you wish to create, taking for example the server agent as example, and manually filling in the following fields:

  • agent_name: Agent name.
  • agent_alias: Agent alias.
  • address: IP of the element to monitor.
  • group: Group to assign the agent to.
  • gis_exec: Positioning script (optional). It overwrites the general_gis_exec location of the Satellite server.
  • Modules to be monitored by the agent.

An example would be:

agent_name Example1
agent_alias It is an example
address X.X.X.X
group Servers
module_begin
module_name Ping
module_ping
module_end
module_begin
module_name Latency
module_latency
module_end

Once the data has been configured, run the Satellite server using the command:

/etc/init.d/satellite_serverd start

1.7 Agent removal in Satellite Server

There are several cases regarding agent removal from the Satellite server: total agent removal of partial agent removal.

For agent total removal, take into account the method used in agent creation.

  • Manual: First remove the .conf files from the agents created in the /etc/pandora/conf folder and then remove the agents in the console.
  • Satellite_hosts.txt file: Delete the file .txt, as well as the .conf that have been created in the folder /etc/pandora/conf and later delete the agents from the console.
  • Recon_task: Deconfigure the recon_task in the conf file of the Satellite server, then remove the conf created in the folder /etc/pandora/conf and then remove the agents from the console.

For agent partial removal also take into account the method used in the agent creation.

  • Manual: First of all, remove the .conf files from the agents you wish to delete in the /etc/pandora/conf folder and then remove the agents from the console.
  • Satellite_hosts.txt file: Delete the lines of the IPs from the file.txt, as well as the conf that have been created in the folder /etc/pandora/conf with those IPs and then delete the agents from the console.
  • Recon_task: Configure the blacklist of the recon_task in the conf file of the Satellite server, then remove the .conf created in the folder /etc/pandora/conf with those IPs and then remove the agents in the console.

1.8 Custom settings (by agent)

In addition to "automatic" modules, all kinds of available TCP, SNMP or WMI tests can be added, using a similar syntax to the local modules in software agents. Here are some module examples valid for Satellite server, just as they are autogenerated after being detected by the system.

Template warning.png

Make sure OIDs start with a leading dot, otherwise SNMP modules will not work!

 


Interface status through SNMP. The Satellite server detects automatically each interface.

module_begin
module_name if eth1 OperStatus
module_description IP address N/A. Description: The current operational state of the interface. The testing(3) state indicates that no operational packets can be passed.
module_type generic_data_string
module_snmp 192.168.70.225
module_oid .1.3.6.1.2.1.2.2.1.8.3
module_community artica06
module_end

To force the module to use SNMP version 2c, add the line:

module_version 2c

To force the module to use SNMP version 1, add the line:

module_version 1

For example:

module_begin
module_name if eth1 OperStatus
module_description IP address N/A. Description: The current operational state of the interface. The testing(3) state indicates that no operational packets can be passed.
module_type generic_data_string
module_snmp 192.168.70.225
module_version 2c
module_oid .1.3.6.1.2.1.2.2.1.8.3
module_community artica06
module_end

Conectivity to a machine (using PING)

module_begin
module_name ping
module_type generic_data
module_ping 192.168.70.225
module_end

Port check (using TCP)

module_begin
module_name Port 80
module_type generic_proc
module_tcp 
module_port 80
module_end

General SNMP check. In this case, the server retrieves automatically the traffic from each interface with its"real" descriptive name.

module_name if eth0 OutOctets
module_description The total number of octets transmitted out of the interface, including framing characters.
module_type generic_data_inc
module_snmp 192.168.70.225
module_oid .1.3.6.1.2.1.2.2.1.16.2
module_community artica06
module_end

CPU WMI usage check (percentage).

module_begin
module_name CPU
module_type generic_data
module_wmicpu 192.168.30.3
module_wmiauth admin%none
module_end

Memory free WMI check (percentage).

module_begin
module_name FreeMemory
module_type generic_data
module_wmimem 192.168.30.3
module_wmiauth admin%none
module_end

General WMI Query

module_begin
module_name GenericWMI
module_type generic_data_string
module_wmi 192.168.30.3
module_wmiquery SELECT Name FROM Win32_ComputerSystem
module_wmiauth admin%none
module_end

Generic SSH command (version > 6.0)

module_begin
module_name GenericSSH
module_type generic_data
module_ssh 192.168.30.3
module_command ls /tmp | wc -l
module_end

To add a threshold, do it both in the module's text definition and threshold definition in the web interface (module_min_warning, module_min_critical). For example:

module_begin
module_name latency
module_type generic_data
module_latency 192.168.70.225
module_min_warning 80
module_min_critical 120
module_end

Execution modules can be created manually. The scripts or commands executed by the Satellite server must be previously established and available for the server to use. The use of module_exec can make the performance of the Satellite server to become poor.

module_begin
module_name Sample_Remote_Exec
module_type generic_data
module_exec /usr/share/test/test.sh 192.168.50.20
module_min_warning 90
module_min_critical 95
module_end

From Pandora FMS version 7 on, plugins can be added. Like those, note that the plugins will run on the machine where the Satellite server is running. Therefore, it will be necessary to implement in these plugins some method to connect to the remote computer you wish to monitor. The advantage over the previous ones is their great flexibility. In this way, preconditions and other mechanisms for which a module_exec falls short can be implemented. The syntax is the same as that of the agents. An example of using a plugin might be as follows:

module_plugin /usr/share/pandora/remote_advanced_checks.sh 192.168.0.1

1.8.1 SNMPv3

To configure an SNMPv3 module, set module_version to 3 and specify the security level (noauth, authnopriv or authpriv), security name, authentication protocol (md5 or sha), authentication password, privacy protocol (aes or des) and privacy password as required. For example:

module_begin
module_name snmp_noauth
module_type generic_data_string
module_snmp 127.0.0.1
module_version 3
module_oid .1.3.6.1.2.1.1.1.0
module_seclevel noauth
module_secname snmpuser
module_end
module_begin
module_name snmp_authnopriv
module_type generic_data_string
module_snmp 127.0.0.1
module_version 3
module_oid .1.3.6.1.2.1.1.2.0
module_seclevel authnopriv
module_secname snmpuser
module_authproto md5
module_authpass 12345678
module_end
module_begin
module_name snmp_authpriv
module_type generic_data_string
module_snmp 127.0.0.1
module_version 3
module_oid .1.3.6.1.2.1.1.2.0
module_seclevel authpriv
module_secname snmpuser
module_authproto sha
module_authpass 12345678
module_privproto aes
module_privpass 12345678
module_end

SNMPv3 specific configuration can be shared between modules by placing it outside the module declaration, in case it is the same for all of them (it can also be shared between agents by moving it to the Satellite's configuration file):

agent_name snmp
address 127.0.0.1

seclevel authpriv
secname snmpuser
authproto md5
authpass 12345678
privproto des
privpass 12345678

module_begin
module_name snmp_authpriv_1
module_type generic_data_string
module_snmp
module_version 3
module_oid .1.3.6.1.2.1.1.1.0
module_end

module_begin
module_name snmp_authpriv_2
module_type generic_data_string
module_snmp
module_version 3
module_oid .1.3.6.1.2.1.1.2.0
module_end

1.9 Credential boxes

Unless key-based authentication is properly configured, SSH modules require a username and a password in order to work. These are configured in the main configuration file, satellite_server.conf, using credential boxes with the following format:

credential_box network/mask,username,password
credential_box network/mask,username,[[encrypted password]]

For example:

credential_box 192.168.1.1/32,user,pass1
credential_box 192.168.1.0/24,user,pass2

Credential boxes are searched from more restrictive to less restrictive masks.

Passwords can be encrypted using Blowfish in ECB mode. Make sure credential_pass is defined, otherwise the hostname will be used as the default encryption password. The hexadecimal representation of the ciphertext should be enclosed in double brackets:

credential_box 192.168.1.0/24,user,[[80b51b60786b3de2]]

1.10 General view of all agents in the console

If the configuration of the satellite server is correct, you should an aent view similar to this one:

Selección 146.png

Generally, in all machines ICMP (Ping and Latency) modules will be created, but in some machines SNMP and WMI modules can be created. In machines where WMI is enabled, the following modules will be generated if available:

Modulos.png

In machines with SNMP enabled, the following modules will be generated if available:

Modulos1.png

In the massive operations menu of the Pandora FMS console, there is a specific section for the Satellite server where different edition and deletion actions can be performed on agents and modules massively.

Operación massivas.png

1.11 SNMP blacklist

When monitoring big networks, SNMP modules that return invalid data may affect the performance of the Satellite server and many modules may become Unknown. To avoid that, the Satellite Server can read a blacklist of SNMP modules that will be discarded at startup before execution.

To create a new blacklist, edit the /etc/pandora/satellite_server.conf configuration file and make sure snmp_blacklist if uncommented and configured with the path of the file where blacklist modules are saved. Then run:

satellite_server -v /etc/pandora/satellite_server.conf

Restart the Satellite server. The blacklist can be regenerated as many times as needed.

The format of the blacklist file is:

agent:OID
agent:OID
...

For example:

192.168.0.1:.1.3.6.1.4.1.9.9.27 
192.168.0.2:.1.3.6.1.4.1.9.9.27