Difference between pages "Pandora: Documentation ja: Log Monitoring" and "Pandora: Documentation en: Discovery"

From Pandora FMS Wiki
(Difference between pages)
Jump to: navigation, search
(LogStash のインストールと設定)
 
(NetScan)
 
Line 1: Line 1:
[[Pandora:Documentation_ja|Pandora FMS ドキュメント一覧に戻る]]
 
  
= ログ収集 =
+
=What is Pandora FMS Discovery?=
  
==概要==
+
{{Tip|Available for Pandora FMS 732 versions or higher.}}
  
これまで Pandora FMS には、これに関する解決策がありませんでしたが、バージョン 5.0 の '''Pandora FMS Enterprise''' から、日々の何百ものメガバイトのデータを扱うソリューションを提供しています。このソリューションでは、特定のログデータ収集に同じ一つの監視エージェントを利用し、ログ監視の設定書式も既存のものに似ています。
+
Discovery provides a set of tools to simplify monitoring through wizards.
  
Pandora FMS におけるログ監視には、以下の 2つの異なる手法があります。
+
The following tools are included:
  
# '''モジュールベース''': 非同期監視としの Pandora でログを表現します。ユーザにより事前設定された条件を満たすデータを検出した場合にアラートを関連付けることができます。 ログのモジュール表現では、以下を行うことができます:
+
;Task list: Pandora FMS Discovery tool allows you to see a list of all the tasks programmed in your environment, both at console and server levels.
## ログの中で正規表現にマッチする数を数えるモジュールの作成
+
;Discovery Applications: It allows to monitor MySQL, Oracle or VMware environments from a new management console.
## ログメッセージの行および内容を取得
+
;Discovery Cloud: Through this feature, you may monitor your cloud infrastructure, ranging from virtual machines created through Amazon Web Services (EC2) or relational databases in AWS RDS, to virtual machines running in Azure Compute.
# '''複合表示ベース''': キャプチャしたい複数の発生元のログからすべての情報を 1つのコンソールで表示し、ログが処理されたタイムスタンプを使用して情報を順番に整理できます。
+
;Console Tasks: It allows you to automate console tasks within the Discovery system, like scheduling reports, doing backups or executing custom scripts from Pandora FMS Console.
 +
;Discovery Host&Devices: It includes the tools needed to discover or import devices and equipment to your network.
  
バージョン 7.0NG 712 からは、Pandora FMS に、ログ情報を保存するための '''ElasticSearch''' が組み込まれているため、パフォーマンスが大幅に向上しています。
+
<center>
 +
[[File:discovery1.png]]
 +
</center>
 +
 
 +
=Discovery Task list=
 +
 
 +
Pandora FMS Discovery tool allows you to see a list of all the tasks programmed in your environment, both at console and server levels.
 +
 
 +
<center>
 +
[[File:DISC_Task_list_1.JPG]]
 +
</center>
 +
 
 +
==Console tasks==
 +
 
 +
This section allows you to see the list of scheduled tasks in the console. The information is shown according to the following parameters:
 +
 
 +
* User: It is the user who created the task.
 +
* Task: Description of the programmed task
 +
* Scheduled: It specifies how often the task will be executed.
 +
* Next Execution: It specifies the next task execution.
 +
* Last Execution: It indicates when the task was last executed.
 +
* Group: The group to which the task belongs.
 +
* Operations: It shows the actions that can be performed on the task, such as editing and deleting.
 +
 
 +
===Edit Console tasks===
 +
 
 +
This button allows access to the creation section, where the desired task can also be edited according to the following parameters:
 +
 
 +
* Task: The task that will be executed among the following:
 +
** Backup Pandora FMS database.
 +
** Execute custom script.
 +
** Save custom report to disk.
 +
** Save custom XML report to disk.
 +
** Send custom report (from template) by email.
 +
** Send custom report by email.
 +
 
 +
* Scheduled: It is used to specify how often the task will be executed.
 +
* Next execution: It shows the date of the next execution, being able to modify it if necessary.
 +
* Group: Group to which the task belongs.
 +
* Parameters: They are the specific parameters of each task.  
 +
 
 +
==== Parameters of different tasks ====
 +
<br>
 +
;Backup Pandora FMS database:
 +
* Description: Backup description.
 +
* Save to disk in path: Path where the backup will be stored.<br><br>
 +
;Execute custom script:
 +
* Custom script: The script to be executed will be indicated.<br><br>
 +
;“Save custom report to disk” and “Save custom XML report to disk”:
 +
* Report pending to be created: The report to be created.
 +
* Save to disk in path: Path where the created report will be stored.<br><br>
 +
;Send custom report (from template) by email:
 +
* Template pending to be created: Custom template to be created.
 +
* Agents: Agents from which the information that will be reflected in the report will be obtained.
 +
* Report per agent: If you wish to generate separate reports for each report.
 +
* Report name: Name that you wish to give the report.
 +
* Send to email addresses: Email addresses to which the report will be sent.
 +
* Subject: Topic of the mail to be sent.
 +
* Message: Body of the message with which the reports will be sent.<br><br>
 +
;Send custom report by email:
 +
* Report pending to be created: Report to be generated.
 +
* Send to email addresses: Email addresses the report will be sent to.
 +
* Subject: Topic of the mail to be sent.
 +
* Message: Body of the message with which the reports will be sent.
 +
* Report Type: Type of report that will be sent.
 +
 
 +
==Server tasks==
 +
 
 +
This section reflects the recognition tasks programmed by the server. The information is shown according to the following parameters:
 +
 
 +
* Force: Option that will allow forcing the task execution.
 +
* Task name: Name assigned to the task.
 +
* Server name: Server that will execute the task.
 +
* Interval: Time interval during which the task will be performed.
 +
* Network: Network where the checks will be made.
 +
* Status: Status of the scheduled task.
 +
* Task type: Type of the task that has been generated.
 +
* Progress: Progress of the task in case of being executed.
 +
* Updated at: It indicates when the task was last executed.
 +
* Operations: Actions that can be performed on the task. Display of the task status, display of the map of the discovered network, editing and deletion.
 +
 
 +
===Operations===
 +
 
 +
The edition of the server recognition tasks allows to adjust the following parameters:
 +
 
 +
* Interval: The task execution interval can be set, either manually or defined.
 +
* Task name: Task Name.
 +
* Discovery server: Server that will perform the recognition task. It is a mandatory parameter for correct recognition operation.
 +
* Network: Network on which the checks are to be carried out.
 +
* Group: Group to which it belongs.
 +
* Comment: Comments to add.
 +
 
 +
=Discovery Applications=
 +
 
 +
Now, it is possible to monitor applications remotely using ''Discovery Applications''.
 +
 
 +
 
 +
<center>
 +
[[File:discoverysap1.png]]
 +
</center>
 +
 
 +
==Discovery Applications: MySQL==
 +
 
 +
From Pandora FMS 7.0-733 version on, MySQL environments can be monitored using Discovery Applications.
 +
 
 +
For that purpose, it will be necessary to define the following parameters:
 +
 
 +
* Task name: Name of the task that will perform MySQL monitoring.
 +
* Discovery Server: Server that will perform the execution of the specified task.
 +
* Group: Group to which it belongs.
 +
* MySQL server IP: IP of the server where the MySQL environment to be monitored is.
 +
* MySQL server port: Port of the specified address through which the information of MySQL monitoring will be obtained.
 +
* User: MySQL user with which to login. (Important: It must be a user with permissions on the database where the queries will be executed, since otherwise the connection will never be established.)
 +
* Password: MySQL user password specified above.
 +
* Interval: Time interval in which monitoring will be executed.
 +
 
 +
<center>
 +
[[File:DISCMySQL1.JPG]]
 +
</center>
 +
 
 +
Once the parameters with the data needed for installation are defined, you will be shown a new window where you must specify the agent on which you wish to create all the modules resulting from MySQL monitoring.
 +
 
 +
The options to be displayed are the following:
 +
 
 +
* Target agent: Agent on which the modules resulting from monitoring will be created.
 +
* Custom module prefix: It defines a custom prefix that will be concatenated with the name of the modules generated by the task.
 +
* Scan databases: It will scan the databases.
 +
* Create agent per database: This option will allow an agent to be created for each database found in MySQL environment.
 +
* Check engine uptime: It will check the time that MySQL engine is operational.
 +
* Retrieve query statistics: It allows to recover the statistics of the executed queries.
 +
* Analyze connections: It analyzes connections.
 +
* Retrieve InnoDB statistics: It returns InnoDB statistics.
 +
* Retrieve cache statistics: It returns cache statistics.
 +
* Custom queries: It allows defining custom statements.
 +
 
 +
<center>
 +
[[File:DISCMySQL2.JPG]]
 +
</center>
 +
 
 +
==Discovery Applications: Oracle==
 +
 
 +
From Pandora FMS 7.0-733 version on, Oracle can be monitored using Discovery Applications.
 +
 
 +
Oracle monitoring will allow to define the following parameters:
 +
 
 +
* Task name: Task Name
 +
* Discovery server: Server that will run the Oracle monitoring task.
 +
* Group: Group it belongs to.
 +
* Oracle target strings: Where the target strings of the task will be defined.
 +
* User: Oracle user that will access to perform the monitoring.
 +
* Password: Password of the previously defined user.
 +
* Interval: Execution interval
 +
 
 +
<center>
 +
[[File:DISC_Oracle1.JPG]]
 +
</center>
 +
 
 +
Once defined, it will be necessary to specify the agent that will store the information and the checks that will be made. The information that can be defined in this section is the following:
  
== 動作の仕組み ==
+
* Target agent: Agent that will receive Oracle monitoring information.
 +
* Custom module prefix: It defines a custom prefix that will be concatenated with the name of the modules generated by the task.
 +
* Check engine uptime: It will check the time that Oracle is operational.
 +
* Retrieve query statistics: It allows to recover the statistics of the executed queries.
 +
* Analyze connections: It analyzes connections.
 +
* Calculate fragmentation ratio: It calculates the fragmentation rate.
 +
* Monitor tablespaces: It monitors tablespaces. 
 +
* Retrieve cache statistics: It returns cache statistics.
 +
* Execute custom queries: It executes custom queries.
 +
* Custom queries: it allows to define customized queries.
  
処理は単純です。
+
<center>
 +
[[File:DISC Oracle2.JPG]]
 +
</center>
  
<center><br><br>
+
=== Installing Oracle packages ===
[[Image:LogsEsquema.png|650px]]
 
</center><br><br>
 
  
* エージェントで分析されたログ ('''eventlog''' またはテキストファイル) は、Pandora サーバへ転送されます。エージェントから送信される XML に (RAW) データとして含まれます。
+
It is very important to bear in mind that for the correct integration and operation of Oracle with Pandora FMS, it is necessary to have the appropriate packages. Pandora FMS ISO includes everything necessary, but for installations carried out in another way, the installation process will be as follows:
* Pandora サーバ(データサーバ)は、エージェントから XML を受け取ります。そこには、監視とログの両方の情報が含まれています。
 
* データサーバが XML データを処理する時に、ログ情報を識別し、報告されたエージェントに関する情報やログのソースをプライマリデータベースに保存し、ログの保存には情報を自動的に ElasticSearch に送信します。
 
* Pandora FMS はデータを Elasticsearch インデックスに保存し、各 Pandora FMS インスタンスの日次インデックスを生成します。
 
* Pandora FMS サーバには、システム管理者が定義した間隔(デフォルトでは90日)でインデックスを削除するメンテナンスタスクがあります。
 
  
== 設定 ==
+
* Install oracle instant client from the Oracle page:
 +
https://www.oracle.com/technetwork/database/database-technologies/instant-client/downloads/index.html
  
=== サーバ設定 ===
+
* Required packages:
  
新たなログ保存システムは、ElasticSearch + LogStash を利用しており、いくつかのコンポーネントを設定する必要があります。
+
oracle-instantclient11.1-basic-11.1.0.7.0-1.x86_64.rpm
 +
oracle-instantclient11.1-devel-11.1.0.7.0-1.x86_64.rpm
 +
oracle-instantclient11.1-sqlplus-11.1.0.7.0-1.x86_64.rpm
  
{{Warning|Pandora FMS バージョン 745 以降では、Pandora FMS サーバが直接 ElasticSearch と通信するため、LogStash は利用する必要がなくなりました。そのため、LogStash に関する設定は必要ありません。}}
+
* Prepare the boot environment of pandora_server:
  
==== サーバの必要条件 ====
+
{{Warning|In the pandora_server path you need to create a file called pandora_server.env with the following information. Its execution is needed ./pandora_server.env}}
  
各コンポーネント(Pandora FMS サーバ、Elasticsearch)は別々のサーバに展開できます。
+
# Set Oracle environment for pandora_server
 +
cat > /etc/pandora/pandora_server.env << 'EOF_ENV'
 +
#!/bin/bash
 +
VERSION=11.1
 +
export PATH=$PATH:$HOME/bin:/usr/lib/oracle/$VERSION/client64/bin
 +
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/lib/oracle/$VERSION/client64/lib
 +
export ORACLE_HOME=/usr/lib/oracle/$VERSION/client64
 +
EOF_ENV
  
Elasticsearch と LogStash を同じサーバに置く場合は、以下が必要です。
+
* Restart pandora_server
  
* CentOS 7
+
/etc/init.d/pandora_server restart
* 最低 4GB のメモリ、ただし ElasticSearch インスタンスでは、6GB のメモリを推奨します。
 
* 最低 2 CPUコア。
 
* 最低 20GB のシステムディスク空き領域。
 
* 最低 50GB の ElasticSearch データディスク空き領域。(保存されるデータの量に応じて、異なる場合があります)
 
* Pandora FMS サーバから、Elasticsearch API (デフォルトポートは 9200/TCP) への接続性。
 
  
==== ElasticSearch のインストールと設定 ====
+
{{Warning|If package E7 is being used, version 12.2 of both library and environment variables must be installed, and Oracle (v12.2) packages must be used}}
  
コンポーネントのインストールの前に、Java をインストールする必要があります。
+
== Discovery Applications: SAP ==
 +
<br>
 +
Discovery Applications has a new family member from Pandora FMS version 741 onwards. This new feature will now be included in the official ISO installation.
 +
<br>
 +
{{Warning|If you Pandora FMS is installed from packages, or your system is prior to NG741, deploy the official SAP plugin in Pandora FMS server and configure it manually (see below).}}
  
yum install java
+
{{Warning|In order to use SAP in Discovery, configure a specific license number for this plugin, which is not included in Pandora FMS Enterprise license. Configure this license in Setup > Enterprise.}}
  
インストールが完了したら、Elasticsearch を次の公式ドキュメントに従ってインストールします。https://www.elastic.co/guide/en/elasticsearch/reference/7.6/install-elasticsearch.html
+
The system will guide you along each step to configure SAP, according to your needs. You may define the same task to monitor systems with similar configurations.
  
CentOS/RedHat システムにインストールする際は、rpm でのインストールを推奨します。https://www.elastic.co/guide/en/elasticsearch/reference/7.6/rpm.html
+
<center>
 +
[[File:discoverysap2.png]]
 +
</center>
  
サービスの設定:
+
In the example above, servers sapsample.artica.lan, sap2.artica.lan and 10.0.30.33 use the same client, system and credential configuration, so they can be grouped in the same task.
  
''/etc/elasticsearch/elasticsearch.yml'' にある設定ファイルで、ネットワークオプションと ''オプションで'' データの場所(および Elasticsearch 自体のログ)を設定します。
+
{{Warning|If you need to monitor different configurations, create a task for each configuration.}}
  
# ---------------------------------- Network -----------------------------------
+
Select from the list the information about the SAP system you wish to retrieve as shown below:  
# Set the bind address to a specific IP (IPv4 or IPv6):
 
http.host: 0.0.0.0
 
# Set a custom port for HTTP:
 
http.port: 9200
 
# ----------------------------------- Paths ------------------------------------
 
# Path to directory where to store the data (separate multiple locations by a comma):
 
path.data: /var/lib/elastic
 
# Path to log files:
 
path.logs: /var/log/elastic
 
  
次の行のコメントを外して設定します。network.host パラメータにサーバの IP を入力します。
+
<center>
 +
[[File:discoverysap3.png]]
 +
</center>
  
cluster.name: elkudemy
+
Pandora FMS Discovery will be in charge of collecting information, storing it in agents represented by the defined ¨SAP Hostnames¨.  
node.name: ${HOSTNAME}
 
bootstrap.memory_lock: true
 
network.host: ["127.0.0.1", “IP"]
 
  
* <b>cluster.name</b>: クラスタ名。
 
* <b>node.name</b>: ノードに名前を付けるには、${HOSTNAME} を使用してホスト名を取得します。
 
* <b>bootstrap.memory_lock</b>: 常に "true" である必要があります。
 
* <b>network.host</b>: サーバ IP。
 
  
''/etc/elasticsearch/jvm.options'' にある設定ファイルで、ElasticSearch に割り当てられるリソースのオプションを調整する必要があります。XMS では少なくとも 2GB を使用します。
+
=== SAP Discovery connector manual installation ===
  
# Xms represents the initial size of total heap space
+
If your Pandora FMS version was installed before the NG741 version, download the connector and configure it manually.
# Xmx represents the maximum size of total heap space
 
-Xms512m
 
-Xmx512m
 
  
ElasticSearch の利用に応じてリソースが割り当てられます。 ElasticSearch の公式ドキュメントに従うことをお勧めします。https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html
+
First, install JAVA (JRE) on Pandora FMS server for Discovery SAP operation.  
  
サービスの開始:
+
Then you need to download the remote connector/plugin for Linux from SAP, download it from [https://pandorafms.com/library/sap-r3-monitoring-agent/ our library].
  
systemctl start elasticsearch
+
Configure your pandora_server.conf too, and set the following parameters:
  
'''注意''': サービスの起動に失敗したら、/var/log/elasticsearch 以下のログを確認してください。
+
# Discovery SAP
 +
java /usr/bin/java
 +
 +
# Discovery SAP utils
 +
sap_utils /usr/share/pandora_server/util/recon_scripts/SAP
  
ElasticSearch の動作を確認するには、以下のコマンドを実行します。
+
In the directory indicated, with the configuration token ''sap_utils'' decompress the files that you will find in the tarball downloaded from the library called "Pandora FMS SAP Discovery for Linux" that contains the following files:
  
  curl -q http://{IP}:9200/
+
  Deset_SAP_Plugin.jar
 +
dev_jco_rfc.trc
 +
libsapjco3.so
 +
sapjco3.dll
 +
sapjco3.jar
  
以下のような応答があります。
+
Once the configuration file is modified, restart the Pandora FMS server.
 +
 
 +
=== SAP View ===
 +
<br>
 +
You can see the general state of the SAP system servers in the SAP View.
 +
 
 +
<center>
 +
[[File:discoverysap4.png]]
 +
</center>
 +
 
 +
This view will display a panel with the available SAP modules of the selected SAP agent.
 +
 
 +
You may select the refresh time and the interval to show in the graphs.
 +
<br>
 +
<br>
 +
 
 +
=== SAP agent view ===
 +
<br>
 +
The SAP view is also integrated as a new tab within the agent view. If the system detects that the agent is a SAP agent, an access to the SAP View tab will be displayed:
 +
 
 +
<center>
 +
[[File:discoverysap5.png]]
 +
</center>
 +
 
 +
The agent view will provide an overview of the status of the SAP modules for the current agent:
 +
 
 +
<center>
 +
[[File:discoverysap6.png]]
 +
</center>
 +
 
 +
<br>
 +
 
 +
{{Warning|Java must be installed within the server for SAP integration to work.}}
 +
 
 +
== Discovery Applications: VMware ==
 +
 
 +
{{Warning|In case of manual installation or update from a '''Pandora FMS''' version prior to '''732''', it is necessary to install '''SDK''' for VMWare to work properly.}}
 +
 
 +
From Pandora FMS 7.0-733 version on, VMware infrastructures can be monitored using Discovery Applications.
 +
 
 +
 
 +
<center>
 +
[[File:discoveryapplications2.png]]
 +
</center>
 +
 
 +
 
 +
The following must be specified:
 +
 
 +
* A name to identify the task.
 +
* A Discovery server where to run it.
 +
* A group to which the agents generated by the VMware task will be associated.
 +
 
 +
{{Tip|It must be taken into account that if the Pandora FMS server has the '' autocreate_group '' token active, priority will be given to the group corresponding to the indicated ID, instead of applying the configuration of the wizard.}}
 +
 
 +
 
 +
The data required to monitor VMware are:
 +
 
 +
* V-Center IP
 +
* The name of the datacenter (it can be seen through VMware installation management screen).
 +
* User with read permissions.
 +
* User password.
 +
* Monitoring interval.
 +
 
 +
Password encryption can be enabled by pressing the button '''encrypt passwords'''. This only applies to the wizard in progress.
 +
 
 +
 
 +
On the next page, VMware monitoring details can be specified:
 +
 
 +
<center>
 +
[[File:discoveryapplications3.png]]
 +
</center>
 +
 
 +
* Max threads: Choose the number of threads that the VMware monitoring script will use to speed up data collection.
 +
* Retry send: The information of the detected agents is sent by XML to the DataServer. This option must be activated to retry sending in case of error.
 +
* Event mode: '''Only for VCenter'''. VMware VCenter event-based monitoring is enabled. This working mode is exclusive and independent from standard monitoring.
 +
* Virtual network monitoring: It enables monitoring of virtual network devices which are defined in VMware.
 +
* Extra settings: Any advanced settings needed to customize VMware monitoring should be included here in text mode. For more information, visit [https://pandorafms.com/docs/index.php?title=Pandora:Documentation_en:Virtual_environment_monitoring#Entity_renaming this section].
 +
<br>
 +
<br>
 +
<br>
 +
<br>
 +
 
 +
==Discovery Applications: MS SQL==
 +
<br>
 +
This new Pandora FMS integration allows monitoring Microsoft SQL server databases.
 +
 
 +
Microsoft <b>ODBC</b> must be installed in the system where Pandora FMS server is running.
 +
<br>
 +
<br>
 +
{{Tip|From version 745 onwards, ODBC is preinstalled in Pandora FMS ISO.}}
 +
 
 +
=== How to install Microsoft ODBC ===
 +
 
 +
* In <b>CentOS 6</b>:
 +
 
 +
curl https://packages.microsoft.com/config/rhel/6/prod.repo > /etc/yum.repos.d/mssql-release.repo && \
 +
yum remove unixODBC-utf16 unixODBC-utf16-devel && \
 +
ACCEPT_EULA=Y yum install -y msodbcsql17
 +
 
 +
* In <b>CentOS 7</b>:
 +
 
 +
curl https://packages.microsoft.com/config/rhel/7/prod.repo > /etc/yum.repos.d/mssql-release.repo && \
 +
yum remove unixODBC-utf16 unixODBC-utf16-devel && \
 +
ACCEPT_EULA=Y yum install -y msodbcsql17
 +
 
 +
Once the ODBC is installed, it might be necessary to set which driver Pandora FMS should use. To that end, check Pandora FMS server configuration file.
 +
 
 +
/etc/pandora/pandora_server.conf
 +
 
 +
Once you go to the configuration file, look for the following token:
 +
 
 +
mssql_driver IDENTIFYING STRING
 +
 
 +
The <b>IDENTIFYING STRING</b> parameter can be found in <b>/etc/odbcinst.ini</b> which will be created when installing ODBC.
 +
 
 +
This is the default string:
 +
 
 +
ODBC Driver 17 for SQL Server
 +
 
 +
=== Configure a Discovery Applications MS SQL task ===
 +
 
 +
To create a monitoring task for a Microsoft SQL Server database, access through Discovery (Discovery > Applications > Microsoft SQL Server).
 +
 
 +
Once you choose the Microsoft SQL Server task, you may define the instances in the following way:
 +
 
 +
IP\Instance
 +
 
 +
If you wish so, define a port like this:
 +
 
 +
IP:Port\Instance
 +
 
 +
<center>
 +
[[File:mssql1.png]]
 +
</center>
 +
 
 +
 
 +
This integration's configuration advanced options include service stability, usage statistics, connection status and custom queries.
 +
 
 +
<center>
 +
[[File:mssql3.png]]
 +
</center>
 +
 
 +
If you wish to execute any custom query, keep in mind they follow the same format as those of Oracle.
 +
 
 +
=Discovery Cloud=
 +
 
 +
Discovery Cloud allows you to monitor structures in the AWS cloud. Thanks to Pandora FMS, you can manage many Amazon Web Services accounts as well as Microsoft Azure's, concentrating information management in a single tool. 
 +
 
 +
<center>
 +
[[File:azure66.JPG]]
 +
</center>
 +
 
 +
Account management, both from AWS and Microsoft Azure, will be made through the <b>Credential Store</b> located in Profiles -> Manage agent groups -> Credential Store.
 +
 
 +
<center>
 +
[[File:credential_store.png]]
 +
</center>
 +
 
 +
==Discovery Cloud: Amazon Web Services (AWS)==
 +
 
 +
{{Warning|This section is under construction.}}
 +
 
 +
To monitor an infrastructure in Amazon Web Services, follow the different pages of the wizard step by step.
 +
 
 +
 
 +
=== AWS. Credential validation ===
 +
 
 +
 
 +
Pandora FMS allows managing several AWS accounts. Once you have accessed the Amazon Web Services menu, the navigation will be automatically redirected to the window to select the account with which you need to access the service. If there is a previously created account in previous versions of Pandora FMS, it will be shown as "imported_aws_account".
 +
 
 +
<center>
 +
[[File:AWSCredentials1.JPG]]
 +
</center>
 +
 
 +
You can add as many accounts as necessary through the "Manage Accounts" option next to the AWS Account drop-down.
 +
 
 +
This will allow access to the "Credential store" section of Profiles> Manage agent groups and it will act as the store of all the Amazon Web Services accounts previously created to be registered.
 +
 
 +
<center>
 +
[[File:AWS4.png]]
 +
</center>
 +
 
 +
<center>
 +
[[File:AWS5.png]]
 +
</center>
 +
 
 +
Query accounts in Amazon AWS must be created with the following permissions:
 +
 
 +
<center>
 +
[[File:awsgrants.png]]
 +
</center>
 +
 
 +
* Billing (read)
 +
* CloudWatch (list,read)
 +
* Cost Explorer Service (Full access)
 +
* EC2 (full read, limited: list)
 +
 
 +
 
 +
Summary of the policy in JSON:
  
 
  {
 
  {
  "name" : "3743885b95f9",
+
    "Version": "2012-10-17",
  "cluster_name" : "docker-cluster",
+
    "Statement": [
  "cluster_uuid" : "7oJV9hXqRwOIZVPBRbWIYw",
+
        {
  "version" : {
+
            "Sid": "VisualEditor0",
    "number" : "7.6.2",
+
            "Effect": "Allow",
    "build_flavor" : "default",
+
            "Action": [
    "build_type" : "docker",
+
                "ec2:DescribeInstances",
    "build_hash" : "ef48eb35cf30adf4db14086e8aabd07ef6fb113f",
+
                "ec2:DescribeVolumesModifications",
    "build_date" : "2020-03-26T06:34:37.794943Z",
+
                "ec2:GetHostReservationPurchasePreview",
    "build_snapshot" : false,
+
                "ec2:DescribeSnapshots",
    "lucene_version" : "8.4.0",
+
                "aws-portal:ViewUsage",
    "minimum_wire_compatibility_version" : "6.8.0",
+
                "ec2:DescribePlacementGroups",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
+
                "ec2:GetConsoleScreenshot",
  },
+
                "ec2:DescribeHostReservationOfferings",
  "tagline" : "You Know, for Search"
+
                "ec2:DescribeInternetGateways",
 +
                "ec2:GetLaunchTemplateData",
 +
                "ec2:DescribeVolumeStatus",
 +
                "ec2:DescribeScheduledInstanceAvailability",
 +
                "ec2:DescribeSpotDatafeedSubscription",
 +
                "ec2:DescribeVolumes",
 +
                "ec2:DescribeFpgaImageAttribute",
 +
                "ec2:DescribeExportTasks",
 +
                "ec2:DescribeAccountAttributes",
 +
                "aws-portal:ViewBilling",
 +
                "ec2:DescribeNetworkInterfacePermissions",
 +
                "ec2:DescribeReservedInstances",
 +
                "ec2:DescribeKeyPairs",
 +
                "ec2:DescribeNetworkAcls",
 +
                "ec2:DescribeRouteTables",
 +
                "ec2:DescribeReservedInstancesListings",
 +
                "ec2:DescribeEgressOnlyInternetGateways",
 +
                "ec2:DescribeSpotFleetRequestHistory",
 +
                "ec2:DescribeLaunchTemplates",
 +
                "ec2:DescribeVpcClassicLinkDnsSupport",
 +
                "ec2:DescribeVpnConnections",
 +
                "ec2:DescribeSnapshotAttribute",
 +
                "ec2:DescribeVpcPeeringConnections",
 +
                "ec2:DescribeReservedInstancesOfferings",
 +
                "ec2:DescribeIdFormat",
 +
                "ec2:DescribeVpcEndpointServiceConfigurations",
 +
                "ec2:DescribePrefixLists",
 +
                "cloudwatch:GetMetricStatistics",
 +
                "ec2:GetReservedInstancesExchangeQuote",
 +
                "ec2:DescribeVolumeAttribute",
 +
                "ec2:DescribeInstanceCreditSpecifications",
 +
                "ec2:DescribeVpcClassicLink",
 +
                "ec2:DescribeImportSnapshotTasks",
 +
                "ec2:DescribeVpcEndpointServicePermissions",
 +
                "ec2:GetPasswordData",
 +
                "ec2:DescribeScheduledInstances",
 +
                "ec2:DescribeImageAttribute",
 +
                "ec2:DescribeVpcEndpoints",
 +
                "ec2:DescribeReservedInstancesModifications",
 +
                "ec2:DescribeElasticGpus",
 +
                "ec2:DescribeSubnets",
 +
                "ec2:DescribeVpnGateways",
 +
                "ec2:DescribeMovingAddresses",
 +
                "ec2:DescribeAddresses",
 +
                "ec2:DescribeInstanceAttribute",
 +
                "ec2:DescribeRegions",
 +
                "ec2:DescribeFlowLogs",
 +
                "ec2:DescribeDhcpOptions",
 +
                "ec2:DescribeVpcEndpointServices",
 +
                "ce:GetCostAndUsage",
 +
                "ec2:DescribeSpotInstanceRequests",
 +
                "cloudwatch:ListMetrics",
 +
                "ec2:DescribeVpcAttribute",
 +
                "ec2:GetConsoleOutput",
 +
                "ec2:DescribeSpotPriceHistory",
 +
                "ce:GetReservationUtilization",
 +
                "ec2:DescribeNetworkInterfaces",
 +
                "ec2:DescribeAvailabilityZones",
 +
                "ec2:DescribeNetworkInterfaceAttribute",
 +
                "ce:GetDimensionValues",
 +
                "ec2:DescribeVpcEndpointConnections",
 +
                "ec2:DescribeInstanceStatus",
 +
                "ec2:DescribeHostReservations",
 +
                "ec2:DescribeIamInstanceProfileAssociations",
 +
                "ec2:DescribeTags",
 +
                "ec2:DescribeLaunchTemplateVersions",
 +
                "ec2:DescribeBundleTasks",
 +
                "ec2:DescribeIdentityIdFormat",
 +
                "ec2:DescribeImportImageTasks",
 +
                "ec2:DescribeClassicLinkInstances",
 +
                "ec2:DescribeNatGateways",
 +
                "ec2:DescribeCustomerGateways",
 +
                "ec2:DescribeVpcEndpointConnectionNotifications",
 +
                "ec2:DescribeSecurityGroups",
 +
                "ec2:DescribeSpotFleetRequests",
 +
                "ec2:DescribeHosts",
 +
                "ec2:DescribeImages",
 +
                "ec2:DescribeFpgaImages",
 +
                "ec2:DescribeSpotFleetInstances",
 +
                "ec2:DescribeSecurityGroupReferences",
 +
                "ec2:DescribeVpcs",
 +
                "ec2:DescribeConversionTasks",
 +
                "ec2:DescribeStaleSecurityGroups",
 +
                "ce:GetTags"
 +
            ],
 +
            "Resource": "*"
 +
        }
 +
    ]
 
  }
 
  }
  
  
<br><br>
+
Assign the policy to a new user.
 +
 
 +
<center>
 +
[[File:awsgrants2.png]]
 +
</center>
 +
 
 +
 
 +
Back in Pandora FMS, the registered account can be used to link it and be able to access AWS monitoring.
 +
<br>
 +
{{Tip|If pandora-cm-api is not available in the installation, it can be obtained from the following link: [https://pandorafms.com/library/pandora-cloud-monitoring-api/]}}
 +
 
 +
 
 +
===Discovery Cloud. AWS===
 +
 
 +
Once the credentials have been validated, access the <i>Discovery Cloud</i> menu <i>=> Amazon Web Services</i>
 +
 
 +
<center>
 +
[[File:AWS6.png]]
 +
</center>
  
==== LogStash のインストールと設定 ====
+
In this section, Amazon EC2 and Amazon RDS are found. For each account added to the "Credential store", the EC2 environment hosted in that account can be monitored.
 +
<br>
 +
{{Tip|Only one recognition task per AWS account can be active. The account will be the same for all monitored technologies within the provider.}}
  
{{Warning|Pandora FMS バージョン 745 以降では、LogStash のインストールは<b>不要</b>です。}}
+
===Discovery Cloud. AWS.EC2===
  
Elasticsearch プロジェクトのウェブサイト https://artifacts.elastic.co/downloads/logstash/logstash-5.6.2.rpm から RPM をダウンロードし、LogStash 5.6.2 をインストールします。
+
Within EC2 monitoring you can find:
  
パッケージをダウンロードしたら、次のようにインストールします。
+
* Expense monitoring.
 +
* Summary of resources registered in AWS.EC2.
 +
* Specific instance monitoring.
 +
* Volume and elastic IP address monitoring.
  
rpm -i logstash-X.X.X.rpm
+
To start the monitoring process, a series of basic data is requested:
  
サービスの設定
+
<center>
 +
[[File:cloud3.png]]
 +
</center>
  
logstash の設定では、3つの設定ブロックがあります:
+
It is required to provide a name for the task, indicate the Discovery server from where it will be executed and the monitoring interval.
* Input: logstash へどのように情報を取り込むかを示します。フォーマット、ポートおよび内部に情報を保存するために利用される識別子です。
 
* Filter: ここに事前処理を追加できます。ただし必須ではありません。空のまま置いておきます。
 
* Output: Elasticsearch が待ち受けている IP およびポート番号の設定です。logstash で処理された情報を保存する先です。
 
  
設定ファイル:
+
====Discovery Cloud AWS.EC2 Costs====
  
/etc/logstash/conf.d/logstash.conf
+
When clicking next, you will start configuring AWS monitoring expenses:
  
 +
{{warning|Amazon Web Services expense monitoring involves extra expenses. You can find more information about it in the following link [https://aws.amazon.com/aws-cost-management/pricing/|Amazon cost managementpricing]}}
  
設定ファイル例:
+
Expense monitoring provides a separate monitoring interval to avoid extra charges.
  
# This input block will listen on port 10514 for logs to come in.
+
<center>
# host should be an IP on the Logstash server.
+
[[File:cloud4.png]]
# codec => "json" indicates that we expect the lines we're receiving to be in JSON format
+
</center>
# type => "rsyslog" is an optional identifier to help identify messaging streams in the pipeline.
 
input {
 
  tcp {
 
    host  => "0.0.0.0"
 
    port  => 10516
 
    codec => "json"
 
    type  => "pandora_remote_log_entry"
 
  }
 
}
 
# This is an empty filter block.  You can later add other filters here to further process
 
# your log lines
 
filter { }
 
output {
 
  elasticsearch { hosts => ["0.0.0.0:9200"] }
 
}
 
  
"host" パラメータでは、"0.0.0.0" の代わりにサーバの IP を設定する必要があります。
+
Both the overall cost and the independent cost per region can be monitored.
  
同様に "logstash-sample.conf" においても、"localhost" パラメータにはサーバの IP を設定する必要があります。
+
====Discovery Cloud AWS.EC2 Summary====
  
サービスの開始:
+
The Discovery task can be configured to collect general information on the stock status in all regions.
  
systemctl start logstash
+
To enable it, the ''Scan and general monitoring'' option must be activated.
  
'''注意''': 推奨に反して CentOS6 へ LogStash をインストールする場合は、次のコマンドで起動するします。
+
<center>
 +
[[File:cloud5.png]]
 +
</center>
  
initctl start logstash
+
Generic CPU usage counters can be added, as well as output (disk) input operations or volume of disk and network transferred data (bytes).
  
==== Pandora FMS サーバでのパラメータ設定 ====
 
  
{{Warning|Pandora FMS バージョン 745 以降では、ログ収集を有効化する設定はすべてコンソールから行うため、サーバの設定ファイルの設定は不要です。}}
 
  
Pandora FMS データサーバがログ情報を処理するように、Pandora FMS サーバの設定ファイル(/etc/pandora/pandora_server.conf)に次の設定を追加する必要があります。
+
==== Discovery Cloud AWS.EC2 Specific Instance Monitoring ====
  
'''重要:''' この設定を行っていない場合、Pandora サーバに届いたデータは捨てられます。
+
Specific instances can be monitored to obtain readings of:
  
logstash_host eli.artica.lan
+
* CPUUtilization: Average CPU usage
logstash_port 10516
+
* DiskReadBytes: Reading bytes (disk)
 +
* DiskWriteBytes: Writing bytes (disk)
 +
* DiskReadOps: Read operations (disk)
 +
* DiskWriteOps: Writing operations (disk)
 +
* NetworkPacketsIn: Input packets (network)
 +
* NetworkPacketsOut: Output packets (network)
  
==== Pandora FMS Syslog サーバ ====
+
The agents that represent the specific instances will have as their parent the agent that represents the region where they are hosted.
  
Pandora FMS 7.0NG のバージョン 717 から、新たな SyslogServer いうコンポーネントがあります。
+
It must be verified that the ''update_parent'' token is configured to 1 in the Pandora FMS server configuration to keep the parent-child relationships updated.
  
このコンポーネントにより、Pandora はマシンの Syslog を分析できます。Syslog のコンテンツを分析し、ElasticSearch サーバに格納することができます。
+
Navigation must be carried out through the browser by selecting the instances that need to be monitored:
  
SyslogServer の主な利点としては、ログの統合を補完することにあります。Linux および UNIX 環境の SYSLOG 出力をもとにして、SyslogServer では、1つの共通ポイント(Pandora FMS コンソールのログビューア)で、発信元ごとに個別のログを参照したり、検索したりすることができます。
+
<center>
 +
[[File:cloud6.png]]
 +
</center>
  
Syslog のインストールは、クライアントとサーバの両方に次のコマンドで行います。
+
====Discovery Cloud AWS.EC2 Extras====
  
yum install rsyslog
+
In this last screen you can indicate whether you want to monitor the volumes used by the reserved instances.
  
対象のコンピューターに Syslog をインストールしたら、設定ファイルを編集して TCP および UDP 接続を有効にする必要があることに注意してください。
+
Two extra modules will appear in the region agents:
  
/etc/rsyslog.conf
+
* Total reserved volume (GB)
 +
* Total registered volumes (number)
  
調整を行ったら、rsyslog サービスを再起動します。
 
  
サービスが再起動したら、ポート 514 が開いているか確認します。
+
You can also choose to activate the ''Elastic IP addresses'' token. The number of elastic IPs registered in the AWS.EC2 account will be reported.
  
netstat -ltnp
+
<center>
 +
[[File:cloud7.png]]
 +
</center>
  
サービスの有効化とポートの確認ののち、サーバへログを送信するようにクライアントの設定をします。最後に、再度 rsyslog 設定ファイルを開きます。
 
  
/etc/rsyslog.conf
+
Once the wizard is completed, the progress of the execution in ''Discovery Task list'' can be seen:
  
リモートホストの設定を許可する行を見つけて有効にします。送信するものを指定します。次のようになります。
+
<center>
 +
[[File:tasklist1.png]]
 +
</center>
  
*.* @@remote-host:514
+
===Discovery Cloud. AWS.RDS ===
  
{{Tip|ログ送信により、クライアント名を持つコンテナエージェントが生成されるため、エージェントの重複を回避するために、クライアントのホスト名と一致する "別名" を持つエージェントを作成することをお勧めします。
+
AWS RDS allows you to monitor relational databases provided by Amazon Web Services.
  
rsyslog 設定に関する詳細は、公式ウェブサイト https://www.rsyslog.com/ を参照してください。
+
The RDS service provides a database server and allows creating the instance related to said database. In addition, RDS offers the possibility to connect to its instances through clients such as SSMS, MySQL workbench or through JDBC or ODBC DB APIs.  
  
この機能を有効化するには、pandora_server.conf で以下の設定を有効にするだけです。
+
<center>
 +
[[File:AWS8.JPG]]
 +
</center>
  
# Enable (1) or disable (0) the Pandora FMS Syslog Server (PANDORA FMS ENTERPRISE ONLY).
+
Through Pandora FMS, different RDS instances can be monitored by filling in the parameters included in the menu shown at the top.
syslogserver 1
 
# Full path to syslog's output file (PANDORA FMS ENTERPRISE ONLY).
 
syslog_file /var/log/messages
 
# Number of threads for the Syslog Server (PANDORA FMS ENTERPRISE ONLY).
 
syslog_threads 2
 
# Maximum number of lines queued by the Syslog Server's producer on each run (PANDORA FMS ENTERPRISE ONLY).
 
syslog_max 65535
 
  
 +
AWS RDS integration with Pandora FMS allows to monitor both the data source and their availablity.
  
LogStash/ElasticSearch を有効化する必要があります。上記のパラメータの設定は次の通りです。
+
In addition, the database running under RDS can be monitored retrieving all the metrics that could be monitored in a database as usual.
  
'''syslogserver''' ローカルの SYSLOG 分析エンジンの有効化(1)または無効化(0)を設定します。
+
{{Warning|Integration with AWS RDS only supports <b>Oracle</b>, <b>MySQL</b> and <b>Mariadb</b>.}}
  
'''syslog_file''' SYSLOG ファイルの場所です。
+
===Discovery Cloud. Overview===
  
''' syslog_threads''' SyslogServer のデータ処理に使う最大スレッド数です。
+
Discovery Cloud includes an overview where the key points of the infrastructure in Amazon Web Services can be reviewed. Pandora FMS allows displaying different maps based on existing accounts.
  
'''syslog_max''' SyslogServer が処理する最大ウインドウサイズです。一度の実行で処理する最大の SYSLOG エントリー数です。
+
In the AWS view, the account from which you wish to display the information can be selected:
  
{{Warning|ログが Pandora FMS サーバに送信されるように、デバイスの設定を変更する必要があります。}}
+
<center>
 +
[[File:AWS9.JPG]]
 +
</center>
  
==== 推奨事項 ====
+
It includes:
  
===== Elasticsearch と Logstash のログローテーション =====
+
* Current expenses
 +
* Previous expenses
 +
* Expense evolution chart (6 months)
 +
* Reserve / instance evolution chart (1 month)
 +
* Map of regions with the number of instances per region.
  
'''重要:''' Elasticsearch と LogStash のログが肥大化しないように、/etc/logrotate.d でログローテーションのエントリーを作成することをお勧めします。
+
<center>
 +
[[File:awsview.png]]
 +
</center>
  
cat > /etc/logrotate.d/elastic <<EOF
+
==Discovery Cloud: Microsoft Azure==
/var/log/elastic/elaticsearch.log
+
<br>
/var/log/logstash/logstash-plain.log {
+
To monitor an infrastructure in Microsoft Azure, follow these instructions step by step.
        weekly
+
<br>
        missingok
+
===How to register a user to use the Azure API===
        size 300000
+
 
        rotate 3
+
* Go to https://portal.azure.com/#home
        maxage 90
+
* Open the "Azure Active Directory" service
        compress
+
 
        notifempty
+
<center>
        copytruncate
+
[[File:azure.png]]
}
+
</center>
EOF
 
  
===== インデックスの削除 =====
+
* Go to 'App registrations'> 'New registration'
  
ElasticSearch サーバに対して curl でアクセスすることにより、いつでもインデックスの一覧と大きさを確認することができます。
+
<center>
 +
[[File:azure2.png]]
 +
</center>
  
curl -q <nowiki>http://elastic:9200/_cat/indices?</nowiki>
 
  
ここで、"elastic" はサーバの IP です。
+
* Enter the data.
  
インデックスを削除するには、DELETE コマンドを実行します。
+
<center>
 +
[[File:azure3.png]]
 +
</center>
  
curl -q -XDELETE <nowiki>http://elastic:9200/logstash-2017.09.06</nowiki>
 
  
ここで "elastic" はサーバの IP で、"{index-name}" は上記コマンドの出力ファイルです。
+
* Write down the data "client_id" and "directory".
  
インデックスを削除した分、ディスクの空き容量が増加します。
+
<center>
 +
[[File:azure4.png]]
 +
</center>
  
=== コンソールの設定 ===
+
* Next, access 'certificates & secrets' and create a new one:
  
ログの表示を有効化するには、次の設定を有効化する必要があります。
+
<center>
 +
[[File:azure5.png]]
 +
</center>
  
<br><center>
+
{{Warning|Write down the key that is shown, it is the application_secret.}}
[[image:Logs1.JPG|850px]]
 
<br></center>
 
  
 +
===Assigning permissions===
  
'ログ収集(Log Collector)' タブで、ログビューワの動作を設定できます。
+
Assign a role to the account that will operate (app). To that effect, access "home" and get into the subscription.
 +
<center>
 +
[[File:azure6.png]]
 +
</center>
  
<br><center>
 
[[image:Logs2.JPG|850px]]
 
<br></center>
 
  
この画面では以下の設定ができます。
+
Within the subscription, select "Access control (IAM)".
  
* Elasticsearch サーバの IP または FQDN アドレス
+
<center>
 +
[[File:azure7.png]]
 +
</center>
  
* Elasticsearch サービスのポート
+
Add a new role assignment and once there, select the "reader" role for the created app.
  
* 表示されるログの数。コンソール応答の高速化のため、レコードの動的読み込みが追加されています。これを利用するには、ページの一番下へスクロールします。すると、次のレコードが読み込まれます。これらのグループのサイズは、グループあたりのレコード数としてこのフィールドに設定できます。
+
<center>
 +
[[File:azure8.png]]
 +
</center>
  
* 削除する日数: システムのサイズを保持するために、ログ情報を保存する最大日数を定義できます。それを超えると、Pandora FMS のクリーニング処理により自動的に削除されます。
+
It is important to save the changes by pressing "save".
  
== LogStash + Elasticsearch システムへのマイグレーション ==
 
  
ログの新たなストレージシステムを設定後、以前から Pandora に保存されているデータを新たなシステムへマイグレートできます。
+
From that moment onwards, you can connect to the service and make requests through pandora-cm-api.
  
新たなシステムへマイグレートするには、/usr/share/pandora_server/util/ 以下にある次のスクリプトを実行します。
+
====Examples====
  
# 7.0NG 712 より前のログデータを、7.0NG 712 以降にマイグレート
+
The status of Azure can be checked from Pandora FMS as follows:
/usr/share/pandora_server/util/pandora_migrate_logs.pl /etc/pandora/pandora_server.conf
 
  
== 表示と検索 ==
+
* Preload the environment.
 +
* Run . load_env.sh
 +
* pandora-cm-api --product Azure --get availability
  
ログ収集のツールに関して、私たちは主に 2つのことに興味があります。日時やデータソース、キーワードによるフィルタリングをしての情報の検索と、時間単位ごとに発生する情報の参照です。この例では、直近 1時間のすべてのデータソースからのログメッセージを見てみます。
 
  
<br><center>
+
If the environment is operational, the system should return a response of 1.  
[[image:LogsVistaNew.png|850px]]
 
<i>時間経過による発生表示</i>
 
<br></center>
 
  
 +
An example of the contents of the load_env.sh script would be the following:
 
<br>
 
<br>
 +
* Azure
 +
 +
<pre>
 +
export CLIENT_ID=XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX
 +
 +
export DOMAIN=XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX
 +
 +
export APPLICATION_SECRET="XXXXXXXXXXXXXXXXXXXXXXXXX"
 +
 +
export AZURE_SUBSCRIPTION_ID=XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX
 +
</pre>
 +
 +
=== Configure a task in Pandora FMS ===
 +
 +
 +
Pandora FMS allows managing several Microsoft Azure accounts.
 +
 +
You can add as many accounts as needed through the "Manage Accounts" option next to the Account drop-down.
 +
 +
This will allow access to the "Credential store" section of Profiles> Manage agent groups and it will act as the store of all previously created Microsoft Azure accounts to be registered.
 +
 +
To configure a new task, follow these steps:
 +
 +
* Add a new password to the "credential store".
 +
 +
<center>
 +
[[File:azure9.png]]
 +
</center>
 +
 +
 +
 +
* Access 'Discovery> Cloud> Azure' and validate the Azure account.
 +
 +
 +
<center>
 +
[[File:azure10.png]]
 +
</center>
 +
 +
 +
<center>
 +
[[File:azure11.png]]
 +
</center>
 +
 +
 +
<center>
 +
[[File:azure12.png]]
 +
</center>
 +
 +
 +
* From that point onwards, it will be necessary to define the name of your recon task, the server that will execute the task, the group it will belong to and the execution interval.
 +
 +
<center>
 +
[[File:AzureX3.PNG]]
 +
</center>
 +
 +
* Once task data are defined, select the Azure account sections that you wish to monitor. Each section will allow in turn to choose the desired instances.
 +
 +
<center>
 +
[[File:AzureX4.PNG]]
 +
</center>
 +
 +
* The last step is selecting the metrics you wish to obtain from the agents generated by Pandora FMS for each instance it finds in Microsoft Azure. Once the section is configured, the task can be launched and Pandora FMS will create automatically agents according to the instances required in previous steps.
 +
 +
<center>
 +
[[File:AzureX5.PNG]]
 +
</center>
 +
 
<br>
 
<br>
  
情報の表示に利用できるフィルタには以下があります。
+
=Discovery Console Tasks=
* 検索タイプによるフィルタ: 完全一致、すべての単語、任意の単語で検索できます。
 
* メッセージ内容によるフィルタ: テキストメッセージの内容で検索します。
 
* ログソースによるフィルタ (ソース ID)
 
* エージェントフィルタ: 選択したエージェントによって生成された検索結果を絞り込みます。
 
* グループごとのフィルタ: エージェントフィルタでエージェントの選択を限定します。
 
* 日時によるフィルタ
 
  
最も重要で便利なフィールドは、(スクリーンショットに表示している)文字列検索です。これは単純なテキスト文字列で、一致文字列またはワイルドカードが使えます。次の例は IP アドレスです。
+
Virtually identical to what was previously seen in Task List, Console Task will allow creating new tasks taking into account the following parameters:
  
192.168*
+
* Task: The task that will be executed among the following:
 +
** Backup Pandora FMS database.  
 +
** Execute custom script.
 +
** Save custom report to disk.
 +
** Save custom XML report to disk.
 +
** Send custom report (from template) by email.
 +
** Send custom report by email.
  
<b>注意</b>: 検索は、検索対象文字列の完全一致もしくは前方一致で行われます。
+
* Scheduled: It is used to specify how often the task will be executed.
:
+
* Next execution: It shows the date of the next execution, being able to modify it if necessary.
 +
* Group: Group to which the task belongs.
 +
* Parameters: They are the specific parameters of each task.
  
192.168.80.14
+
<center>
192.168*
+
[[File:ConsoleTasks.JPG]]
Warning in somelongtext
+
</center>
Warning in some*
 
  
次の 3種類の検索のいずれかを選択する必要があります。
+
==== Parameters of different tasks ====
 +
<br>
 +
;Backup Pandora FMS database:
 +
* Description: Backup description.
 +
* Save to disk in path: path where the backup will be stored.<br><br>
 +
;Execute custom script:
 +
* Custom script: The script to be executed will be indicated.<br><br>
 +
;“Save custom report to disk” and “Save custom XML report to disk”:
 +
* Report pending to be created: The report to be created.
 +
* Save to disk in path: Path where the created report will be stored.<br><br>
 +
;Send custom report (from template) by email:
 +
* Template pending to be created: Custom template to be created.
 +
* Agents: Agents from which the information that will be reflected in the report  will be obtained.
 +
* Report per agent: If you wish to generate separate reports for each report.
 +
* Report name: Name that you want to give the report.
 +
* Send to email addresses: Email addresses the report will be sent to.
 +
* Subject: Topic of the mail to be sent.
 +
* Message: Body of the message which will be sent together with the reports.<br><br>
 +
;Send custom report by email:
 +
* Report pending to be created: Report to be generated.
 +
* Send to email addresses: Email addresses the report will be sent to.
 +
* Subject: Topic of the mail to be sent.
 +
* Message: Body of the message with which the reports will be sent.
 +
* Report Type: Type of report that will be sent.
  
* 完全一致: 文字列検索。
+
=Discovery Host&Devices=
  
<br><center>
+
The Discovery Host & Devices section offers a multitude of options to help manage and discover devices within as many environments as needed.
[[image:LogsVistaNew2.png|850px]]
 
<br></center>
 
  
* 全単語: 各単語がスペースで区切られていることを前提として、指定したすべての単語を検索します。
+
Therefore, it features the following tools:  
  
<br><center>
+
* Net Scan.
[[image:LogsVistaNew4.png|850px]]
+
* Import CSV.
<br></center>
+
* Custom NetScan.
 +
* Manage NetScan scripts.
  
* 任意の単語: 各単語がスペースで区切られていることを前提として、順序に関係なく、指示された単語を検索します。
 
  
<br><center>
+
<center>
[[image:LogsVistaNew5.png|850px]]
+
[[File:DISCHost&Devices.JPG|800]]
<br></center>
+
</center>
  
フィルタされたコンテンツのコンテキストを表示するオプションがチェックされている場合、結果は、検索に関連する他のログ行に関する情報を含む状況の概要になります。
+
==NetScan==
  
<br><center>
+
With the NetScan tool, you may find devices in a network and apply different monitoring rules.
[[image:LogsVistaNew3.png|850px]]
 
<br></center>
 
  
=== 表示と高度な検索 ===
+
First, define the name of the task, the Discovery server that will run it, the group the discovered agents will be assigned to and the scanning interval.
  
Pandora FMS 7.0NG OUM727 から、ログデータ表示に高度なオプションがあります。
+
In addition, you will have two options when performing the scanning task. You may indicate the networks to be discovered in the field designed to that end in ''Red'' or you may enable the token ''Use CSV file'' that will allow to load a csv file containing the specific devices or network to check throughout the recon task. If the csv file is selected, the Network option will not be enabled.
  
この機能により、ログエントリをグラフに変換し、 '''データキャプチャテンプレート''' に従って情報を整理できます。
+
<center>
 +
[[File:3oaKq2yukE.png]]
 +
</center>
  
これらのデータキャプチャテンプレートは基本的に正規表現と識別子であり、データソースを分析してグラフとして表示できます。
+
{{Warning|The intervals selected as manuals must be manually launched. '''Discovery will not launch a manual task automatically.'''}}
  
高度なオプションへアクセスするには、''高度なオプション(Advanced options)' をクリックします。表示形式を選択できるフォームが表示されます。
 
  
- ログエントリーの表示 (プレーンテキスト)
+
In the features section, you may indicate the following options:
- ロググラフの表示
 
  
 
<center>
 
<center>
[[Image: graph_log.png|800px]]
+
[[File:Wvia6RtpOr2.png|800]]
 
</center>
 
</center>
  
''ロググラフ表示'' オプションでは、キャプチャテンプレートを選択できます。
 
  
''Apache log model'' テンプレートは、デフォルトで、標準形式の Apache ログ(access_log)をパースし、時間応答比較グラフの取得、訪問サイトと応答コードによるソートができます。
+
* '''Known hardware auto discovery''': It dinamically applies the templates that were previously added to the ''Private Enterprise Number'' section. To learn more, go to the following [https://pandorafms.com/docs/index.php?title=Pandora:Documentation_en:Templates_and_components#Private_Enterprise_Number| link.]
 +
* '''Module templates''': Try to apply the modules from from the selected templates. If the execution does not pass the test, they will not be added to the monitoring list.
 +
* '''Check results''': The user must validate the results selecting which agents will be created from those found through the discovery task.
 +
* '''Apply autoconfiguration rules''': It applies the predefined autoconfiguration rules to the detected agents. To learn more, go to the following [https://wiki.pandorafms.com/index.php?title==Pandora:Documentation_en:Configuration_Agents| link.]
 +
 
 +
{{Tip|Automatic configuration allows you to apply policies, group changes and settings, as well as launch custom events or execute scripts on actions.}}
 +
 
 +
{{Tip|Agents detected by NetScan are remote agents without a configuration file. You cannot apply local monitoring policies or add configuration changes in block if you do not deploy an agent on the targets.}}
 +
 
 +
 
 +
* '''SNMP activated''': To complete the information obtained from the discovered network devices, enable SNMP. That improves detection by scanning the SNMP information available in the discovered targets. Once this token is enabled, two more options appear:
 +
** '''SNMP version''': Select the SNMP version configured in the scanned network devices. It supports SNMP versions 1,2, 2c and 3.
 +
** '''SNMP communities''': Indicate the environment configured community. You may add as many communities as you need by typing them in the following box.
 +
 
 +
* '''WMI enabled''': You may enable WMI scanning. Just select the previously loaded credentials from the [https://wiki.pandorafms.com/index.php?title=Pandora:Documentation_en:Managing_and_Administration#Credential_store| credential store.]
 +
 
 +
{{Tip|The different credentials provided against the detected objectives that support WMI will be tested, complementing monitoring with modules that will report about CPU, memory and disk usage.}}
 +
 
 +
* '''SO detection''': Detect the target's operating system.
 +
 
 +
* '''Name resolution''': Solve the target's name.
 +
 
 +
* '''Parent detection''': By means of the information collected through SNMP, the different interconnections between devices will be calculated, to be able to represent their network infrastructure.
 +
 
 +
* '''Parent recursion''': It improves parent detection adding recursion to the process.
 +
 
 +
* '''VLAN enabled''': It detects the VLAN to which the different devices are connected to.
 +
 
 +
Once the wizard is finished, Discovery will start executing it in each defined interval. If the interval is manual, the task should be started manually:
  
 
<center>
 
<center>
[[Image: graph_log2.png|800px]]
+
[[File:AFgAv40l9Y.png|800]]
 
</center>
 
</center>
  
編集ボタンを押すと、選択したキャプチャテンプレートを編集できます。作成ボタンでは、新たなキャプチャテンプレートを追加できます。
+
Once the task is finished, if you access from Review, you will see a summary of the devices found which respond to ping and the rest of metrics available through SNMP or WMI. All the IPs will be shown, but they may have two status:
 +
* '''Disabled''': There is already an agent or module being monitored in the environoment and it will not be created nor modified.
 +
* '''Enabled''': it is a new non-monitored element or within the obtained metrics there us a new element that responded and that will be displayed on a drop-down. You may choose to add it to the monitored agent list in thoses devices in this status or add any of the new enabled metrics.
  
 
<center>
 
<center>
[[Image: graph_log3.png]]
+
[[File:HK8XAXtv92.png]]
 
</center>
 
</center>
  
 +
{{Tip|Once the targets to be monitored are selected, the system will create them systematically. Along the process, the target OS will be detected to complete the information gathered.}}
  
 +
== Automatic agent deployment ==
  
このフォームでは、以下を選択できます。
+
{{Warning|Please confirm '''winexe''' command is installed and working in your server before using this feature. This utility is provided by Pandora FMS Enterprise server installer. You must install '''zlib.i686''' and '''glibc.i686''' to get winexe working.}}
  
;Title: キャプチャテンプレート名
+
{{Warning|In <b>Windows</b> environments it is recommended to install as an administrator user. Before starting the service it will be necessary to define an administrator account for its use.}}
;A data capture regular expression: 取得される各フィールドはカッコでくくった範囲となります。''(キャプチャする正規表現)''
 
;Field: 正規表現を介してキャプチャされる順番です。 結果は、アンダースコアの間に書かれていない名前のキーフィールドの連結によってソートされます。
 
  
key, _value_
 
  
 +
From Pandora FMS version 737 onwards, it is possible to deploy agents from the console itself using the '''deployment center'''.
  
key,key2,_value_
+
{{Warning|Server version must be EL7 for agent automatic deployment to work.}}
  
 +
[[File:Depl1.png]]
  
key1,_value_,key2
 
  
 +
The steps to deploy agents from the console are:
  
''注意:'' value フィールドが指定されていない場合、自動的に一致する正規表現の数になります。
+
'''Register the versions of the software agents to be deployed in the agent repository.'''
  
''注意 2:'' 1つだけ ''value'' カラムが指定されている場合は、累積値(デフォルトではパフォーマンス)を表すか、チェックボックスをオンにして平均を表すかを選択できます。
+
The installers of the agents to be deployed throughout the infrastructure are needed. You may use custom agents.
  
''''
+
For more information about the use of the '''agent repository''', visit [https://pandorafms.com/docs/index.php?title=Pandora:Documentation_en:Managing_and_Administration#Software_agent_repository this link]
  
以下のフォーマットのログからエントリを取得するとします。
 
  
Sep 19 12:05:01 nova systemd: Starting Session 6132 of user root.
+
'''Register the credentials to be used to connect the targets in the credential manager.'''
Sep 19 12:05:01 nova systemd: Starting Session 6131 of user root.
 
  
 +
Specify the credentials with which the accesses to found or specified targets will be tested.
  
ユーザのログイン数をカウントするには、次のようにします。
+
For more information about the use of the '''Credential Store''', visit [https://pandorafms.com/docs/index.php?title=Pandora:Documentation_en:Managing_and_Administration#Credential_store this link]
  
正規表現:
 
  
Starting Session \d+ of user (.*?)\.
+
'''Check that your environment is ready for deployment.'''
  
 +
When visiting the deployment center for the first time, the following notices will be shown:
  
フィールド:
+
[[File:depl_info1.png]]
  
username
+
This message points out that objectives for deployment have not been defined yet.
  
  
このキャプチャテンプレートは、選択した時間間隔におけるユーザのログイン数を返します。
+
[[File:Depl_info2.png]]
 +
 
 +
These messages indicate:
 +
 
 +
The first message indicates that the ''public_url'' public access URL must be configured so that the targets can get connected to the console and be configured.
 +
 
 +
{{Warning|This system does not perform PUSH operations. All deployments are sent by ''offering'' the software and ordering the target to install it.}}
 +
 
 +
 
 +
The second one indicates that no installers have been added to the agent repository. Register installers to deploy the software.
 +
 
 +
 
 +
 
 +
 
 +
==== Target Search ====
 +
 
 +
'''Search or point out the targets in the deployment center.'''
 +
 
 +
Use any of the methods described below to register new targets.
 +
 
 +
You may use any of the following options to define targets:
 +
 
 +
[[File:Depl_action_buttons.png]]
 +
 
 +
 
 +
 
 +
===== Scan one or more networks in pursuit of targets. =====
 +
 
 +
By pressing the scan targets button, a pop-up with the following fields will be displayed:
 +
 
 +
[[File:Depl2.png]]
 +
 
 +
 
 +
Firstly indicate:
 +
 
 +
* The network or networks (separated by commas) to scan.
 +
* The Discovery server that will perform the scan.
 +
* The credentials used to try to connect to the discovered targets.
 +
* The software agent version registered as "desired" for the discovered targets.
 +
* The IP of the target server where these software agents will point when they are installed (it corresponds to the "server_ip" field in the agent configuration file).
 +
 
 +
 
 +
When pressing 'Scan', you will receive a confirmation, with a link that you can follow to check the progress of this task.
 +
 
 +
[[File:Depl_info3.png]]
 +
 
 +
 
 +
A new entry will appear in the task list:
 +
 
 +
[[File:Depl2b.png]]
 +
 
 +
 
 +
{{Tip|Discovery tasks related to agent deployment are '''volatile''' tasks. Once completed, they will be automatically deleted. Information about scan or deployment, both successful and failing, can be consulted from the deployment center itself.}}
 +
 
 +
 
 +
 
 +
As possible targets are found, they will appear in the deployment center:
 +
 
 +
[[File:Depl3.png]]
 +
 
 +
 
 +
{{Tip|The discovered targets added to this list are all found devices whose operating system matches Windows or Linux / Unix based systems, regardless of whether valid credentials were found or not.}}
 +
 
 +
===== Define a target manually. =====
 +
 
 +
You may manually register the target by defining:
 +
 
 +
* IP.
 +
* OS. This version only allows Windows and those operating systems based on Linux / Unix (compatible with the tar.gz agent installer).
 +
* Architecture.
 +
* Credentials used to try to connect to the target.
 +
* The agent version you wish to deploy.
 +
* The IP address of the server where that agent will point once installed (it corresponds to the field ''server_ip '' of the software agent configuration).
 +
 
 +
[[File:Depl5.png]]
 +
 
 +
===== Upload a CSV file with target information. =====
 +
 
 +
If you wish to mass register targets, upload a CSV file with the following format:
 +
 
 +
 
 +
IP; OS; Architecture; Target agent version; Credential identifier; Target server ip
 +
 
 +
 
 +
[[File:Depl6.png]]
 +
 
 +
The system will create the objectives based on what is defined in the CSV.
 +
 
 +
==== Deploy the software ====
 +
 
 +
{{Warning|You may only schedule deployment against targets whose information is complete, specifying both credentials and software versions to deploy.}}
 +
 
 +
When you have possible targets on the list, launch agent deployment:
 +
 
 +
[[File:Depl4.png]]
 +
 
 +
 
 +
Select the IPs of the targets from the list (only valid targets will appear) and press ''deploy''.
 +
 
 +
A Discovery task for background deployment will automatically be created, which will install the agent on the desired targets.
 +
 
 +
You can confirm that the agent has been successfully installed from the list of objectives of the deployment center:
 +
 
 +
[[File:Depl7.png]]
 +
 
 +
 
 +
The name of the target also becomes a link to the corresponding Pandora FMS agent.
 +
 
 +
 
 +
Failure example: The user not only entered the IP of the target, but also its netmask ('''THE IP IS ENOUGH''').
 +
 
 +
When the system tries to deploy the software, it will notice that the IP format is not correct and will warn the user:
 +
 
 +
[[File:Depl_err1.png]]
 +
 
 +
==Import a list of your devices in CSV==
 +
 
 +
A list of devices can be imported to represent them as agents using the agent import wizard through CSV.
 +
 
 +
{{Tip|This feature only creates agents in Pandora FMS for its remote monitoring.}}
 +
 
  
 
<center>
 
<center>
[[Image: graph_log4.png]]
+
[[File:hostdevices2.png]]
 
</center>
 
</center>
  
== エージェント設定 ==
+
Select the separator used, the server on which you wish to import and the file that contains the data, then click on "next".
  
ログ収集は、Windows および Unux (LInux, MacOS X, Solaris, HP-UX, AIX, BSD など) エージェント双方で実行されます。Windows エージェントの場合、イベントビューワモジュールで同様のフィルタを用いることにより、Windows イベントビューワから情報を取得することもできます。
+
<center>
 +
[[File:hostdevices3.png]]
 +
</center>
  
Windows と Unix でのログ情報収集の例をみてみます。
+
==Custom NetScan==
  
=== Windows の場合 ===
+
It allows the execution of custom scripts for the execution of network recognition tasks.
  
module_begin
+
Create a recognition task specifying:
module_name Eventlog_System
 
module_type log
 
module_logevent
 
module_source System
 
module_end
 
  
module_begin
+
* Task name: Name of the recognition task.
module_name PandoraAgent_log
+
* Comment: Allows adding comments.  
module_type log
+
* Discovery server: Server that will execute the task.
module_regexp C:\archivos de programa\pandora_agent\pandora_agent.log
+
* Group: Group it belongs to.  
module_description This module will return all lines from the specified logfile
+
* Interval: Execution interval.
module_pattern .*
 
module_end
 
  
両方のケースにおける監視モジュールとの唯一の違いは、以下のログソース設定の部分です。
+
<center>
 +
[[File:DISC_NetScan_Custom_1.JPG]]
 +
</center>
  
module_type log
+
Once the process of creating the task is complete, specify the script that you wish to run, as well as the configuration file necessary for its execution.
  
これは、バージョン 5.0 のエージェントから利用できる新たな書式です。この新機能を利用するには、エージェントをバージョン 5.0 へアップグレードする必要があります。
+
==Net scan scripts==
  
{{Warning|Windows でのログモジュールの定義は、エージェント設定ファイルで行う必要があります。これらのモジュールがコンソールで直接作成された場合、モジュールは初期化されません。}}
+
This section will show the different scripts that have been created for custom recognition tasks. A view is displayed where the name and description of the task are defined.
  
=== Unix システム ===
+
<center>
 +
[[File:DISC_Net_scan_scripts.JPG]]
 +
</center>
  
Unix では、バージョン 5.0 エージェントとともに配布される新たなプラグインを利用します。書式は次の通り単純です。
+
Pandora FMS allows adding additional scripts to make monitoring and recognition of required networks easier.  
  
module_plugin grep_log_module /var/log/messages Syslog \.\*
+
The parameters that can be defined are the following:
  
ログパースプラグイン(grep_log)と同じように、grep_log_module プラグインは、処理した情報をログファイルのソースとして "syslog" という名前でログ収集に送信します。どういったパターンの行を送信するかまたはしないかは、\.\* といった正規表現を利用します(この例では全て)。
+
* Name: Script name.  
 +
* Script fullpath: Path where the script is located.
 +
* Description: Script description. You can define descriptions of the different fields, as well as default values for them.
 +
* Hide value: In case you wish to hide the value of a field.
 +
* Help: Help fields.
  
[[Pandora:Documentation_ja|Pandora FMS ドキュメント一覧に戻る]]
+
<center>
 +
[[File:DISC_Net_scan_scripts_2.JPG]]
 +
</center>
  
[[Category: Pandora FMS]]
+
Creating scripts allows adding macros with which to define all the parameters needed for the correct execution of the script.
[[Category:Documentation]]
 
[[Category:Japanese]]
 

Revision as of 12:16, 22 May 2020

Contents

1 What is Pandora FMS Discovery?

Info.png

Available for Pandora FMS 732 versions or higher.

 


Discovery provides a set of tools to simplify monitoring through wizards.

The following tools are included:

Task list
Pandora FMS Discovery tool allows you to see a list of all the tasks programmed in your environment, both at console and server levels.
Discovery Applications
It allows to monitor MySQL, Oracle or VMware environments from a new management console.
Discovery Cloud
Through this feature, you may monitor your cloud infrastructure, ranging from virtual machines created through Amazon Web Services (EC2) or relational databases in AWS RDS, to virtual machines running in Azure Compute.
Console Tasks
It allows you to automate console tasks within the Discovery system, like scheduling reports, doing backups or executing custom scripts from Pandora FMS Console.
Discovery Host&Devices
It includes the tools needed to discover or import devices and equipment to your network.

Discovery1.png

2 Discovery Task list

Pandora FMS Discovery tool allows you to see a list of all the tasks programmed in your environment, both at console and server levels.

DISC Task list 1.JPG

2.1 Console tasks

This section allows you to see the list of scheduled tasks in the console. The information is shown according to the following parameters:

  • User: It is the user who created the task.
  • Task: Description of the programmed task
  • Scheduled: It specifies how often the task will be executed.
  • Next Execution: It specifies the next task execution.
  • Last Execution: It indicates when the task was last executed.
  • Group: The group to which the task belongs.
  • Operations: It shows the actions that can be performed on the task, such as editing and deleting.

2.1.1 Edit Console tasks

This button allows access to the creation section, where the desired task can also be edited according to the following parameters:

  • Task: The task that will be executed among the following:
    • Backup Pandora FMS database.
    • Execute custom script.
    • Save custom report to disk.
    • Save custom XML report to disk.
    • Send custom report (from template) by email.
    • Send custom report by email.
  • Scheduled: It is used to specify how often the task will be executed.
  • Next execution: It shows the date of the next execution, being able to modify it if necessary.
  • Group: Group to which the task belongs.
  • Parameters: They are the specific parameters of each task.

2.1.1.1 Parameters of different tasks


Backup Pandora FMS database
  • Description: Backup description.
  • Save to disk in path: Path where the backup will be stored.

Execute custom script
  • Custom script: The script to be executed will be indicated.

“Save custom report to disk” and “Save custom XML report to disk”
  • Report pending to be created: The report to be created.
  • Save to disk in path: Path where the created report will be stored.

Send custom report (from template) by email
  • Template pending to be created: Custom template to be created.
  • Agents: Agents from which the information that will be reflected in the report will be obtained.
  • Report per agent: If you wish to generate separate reports for each report.
  • Report name: Name that you wish to give the report.
  • Send to email addresses: Email addresses to which the report will be sent.
  • Subject: Topic of the mail to be sent.
  • Message: Body of the message with which the reports will be sent.

Send custom report by email
  • Report pending to be created: Report to be generated.
  • Send to email addresses: Email addresses the report will be sent to.
  • Subject: Topic of the mail to be sent.
  • Message: Body of the message with which the reports will be sent.
  • Report Type: Type of report that will be sent.

2.2 Server tasks

This section reflects the recognition tasks programmed by the server. The information is shown according to the following parameters:

  • Force: Option that will allow forcing the task execution.
  • Task name: Name assigned to the task.
  • Server name: Server that will execute the task.
  • Interval: Time interval during which the task will be performed.
  • Network: Network where the checks will be made.
  • Status: Status of the scheduled task.
  • Task type: Type of the task that has been generated.
  • Progress: Progress of the task in case of being executed.
  • Updated at: It indicates when the task was last executed.
  • Operations: Actions that can be performed on the task. Display of the task status, display of the map of the discovered network, editing and deletion.

2.2.1 Operations

The edition of the server recognition tasks allows to adjust the following parameters:

  • Interval: The task execution interval can be set, either manually or defined.
  • Task name: Task Name.
  • Discovery server: Server that will perform the recognition task. It is a mandatory parameter for correct recognition operation.
  • Network: Network on which the checks are to be carried out.
  • Group: Group to which it belongs.
  • Comment: Comments to add.

3 Discovery Applications

Now, it is possible to monitor applications remotely using Discovery Applications.


Discoverysap1.png

3.1 Discovery Applications: MySQL

From Pandora FMS 7.0-733 version on, MySQL environments can be monitored using Discovery Applications.

For that purpose, it will be necessary to define the following parameters:

  • Task name: Name of the task that will perform MySQL monitoring.
  • Discovery Server: Server that will perform the execution of the specified task.
  • Group: Group to which it belongs.
  • MySQL server IP: IP of the server where the MySQL environment to be monitored is.
  • MySQL server port: Port of the specified address through which the information of MySQL monitoring will be obtained.
  • User: MySQL user with which to login. (Important: It must be a user with permissions on the database where the queries will be executed, since otherwise the connection will never be established.)
  • Password: MySQL user password specified above.
  • Interval: Time interval in which monitoring will be executed.

DISCMySQL1.JPG

Once the parameters with the data needed for installation are defined, you will be shown a new window where you must specify the agent on which you wish to create all the modules resulting from MySQL monitoring.

The options to be displayed are the following:

  • Target agent: Agent on which the modules resulting from monitoring will be created.
  • Custom module prefix: It defines a custom prefix that will be concatenated with the name of the modules generated by the task.
  • Scan databases: It will scan the databases.
  • Create agent per database: This option will allow an agent to be created for each database found in MySQL environment.
  • Check engine uptime: It will check the time that MySQL engine is operational.
  • Retrieve query statistics: It allows to recover the statistics of the executed queries.
  • Analyze connections: It analyzes connections.
  • Retrieve InnoDB statistics: It returns InnoDB statistics.
  • Retrieve cache statistics: It returns cache statistics.
  • Custom queries: It allows defining custom statements.

DISCMySQL2.JPG

3.2 Discovery Applications: Oracle

From Pandora FMS 7.0-733 version on, Oracle can be monitored using Discovery Applications.

Oracle monitoring will allow to define the following parameters:

  • Task name: Task Name
  • Discovery server: Server that will run the Oracle monitoring task.
  • Group: Group it belongs to.
  • Oracle target strings: Where the target strings of the task will be defined.
  • User: Oracle user that will access to perform the monitoring.
  • Password: Password of the previously defined user.
  • Interval: Execution interval

DISC Oracle1.JPG

Once defined, it will be necessary to specify the agent that will store the information and the checks that will be made. The information that can be defined in this section is the following:

  • Target agent: Agent that will receive Oracle monitoring information.
  • Custom module prefix: It defines a custom prefix that will be concatenated with the name of the modules generated by the task.
  • Check engine uptime: It will check the time that Oracle is operational.
  • Retrieve query statistics: It allows to recover the statistics of the executed queries.
  • Analyze connections: It analyzes connections.
  • Calculate fragmentation ratio: It calculates the fragmentation rate.
  • Monitor tablespaces: It monitors tablespaces.
  • Retrieve cache statistics: It returns cache statistics.
  • Execute custom queries: It executes custom queries.
  • Custom queries: it allows to define customized queries.

DISC Oracle2.JPG

3.2.1 Installing Oracle packages

It is very important to bear in mind that for the correct integration and operation of Oracle with Pandora FMS, it is necessary to have the appropriate packages. Pandora FMS ISO includes everything necessary, but for installations carried out in another way, the installation process will be as follows:

  • Install oracle instant client from the Oracle page:
https://www.oracle.com/technetwork/database/database-technologies/instant-client/downloads/index.html
  • Required packages:
oracle-instantclient11.1-basic-11.1.0.7.0-1.x86_64.rpm
oracle-instantclient11.1-devel-11.1.0.7.0-1.x86_64.rpm
oracle-instantclient11.1-sqlplus-11.1.0.7.0-1.x86_64.rpm
  • Prepare the boot environment of pandora_server:

Template warning.png

In the pandora_server path you need to create a file called pandora_server.env with the following information. Its execution is needed ./pandora_server.env

 


# Set Oracle environment for pandora_server
cat > /etc/pandora/pandora_server.env << 'EOF_ENV'
#!/bin/bash
VERSION=11.1
export PATH=$PATH:$HOME/bin:/usr/lib/oracle/$VERSION/client64/bin
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/lib/oracle/$VERSION/client64/lib
export ORACLE_HOME=/usr/lib/oracle/$VERSION/client64
EOF_ENV
  • Restart pandora_server
/etc/init.d/pandora_server restart

Template warning.png

If package E7 is being used, version 12.2 of both library and environment variables must be installed, and Oracle (v12.2) packages must be used

 


3.3 Discovery Applications: SAP


Discovery Applications has a new family member from Pandora FMS version 741 onwards. This new feature will now be included in the official ISO installation.

Template warning.png

If you Pandora FMS is installed from packages, or your system is prior to NG741, deploy the official SAP plugin in Pandora FMS server and configure it manually (see below).

 


Template warning.png

In order to use SAP in Discovery, configure a specific license number for this plugin, which is not included in Pandora FMS Enterprise license. Configure this license in Setup > Enterprise.

 


The system will guide you along each step to configure SAP, according to your needs. You may define the same task to monitor systems with similar configurations.

Discoverysap2.png

In the example above, servers sapsample.artica.lan, sap2.artica.lan and 10.0.30.33 use the same client, system and credential configuration, so they can be grouped in the same task.

Template warning.png

If you need to monitor different configurations, create a task for each configuration.

 


Select from the list the information about the SAP system you wish to retrieve as shown below:

Discoverysap3.png

Pandora FMS Discovery will be in charge of collecting information, storing it in agents represented by the defined ¨SAP Hostnames¨.


3.3.1 SAP Discovery connector manual installation

If your Pandora FMS version was installed before the NG741 version, download the connector and configure it manually.

First, install JAVA (JRE) on Pandora FMS server for Discovery SAP operation.

Then you need to download the remote connector/plugin for Linux from SAP, download it from our library.

Configure your pandora_server.conf too, and set the following parameters:

# Discovery SAP 
java /usr/bin/java

# Discovery SAP utils
sap_utils /usr/share/pandora_server/util/recon_scripts/SAP

In the directory indicated, with the configuration token sap_utils decompress the files that you will find in the tarball downloaded from the library called "Pandora FMS SAP Discovery for Linux" that contains the following files:

Deset_SAP_Plugin.jar
dev_jco_rfc.trc
libsapjco3.so
sapjco3.dll
sapjco3.jar

Once the configuration file is modified, restart the Pandora FMS server.

3.3.2 SAP View


You can see the general state of the SAP system servers in the SAP View.

Discoverysap4.png

This view will display a panel with the available SAP modules of the selected SAP agent.

You may select the refresh time and the interval to show in the graphs.

3.3.3 SAP agent view


The SAP view is also integrated as a new tab within the agent view. If the system detects that the agent is a SAP agent, an access to the SAP View tab will be displayed:

Discoverysap5.png

The agent view will provide an overview of the status of the SAP modules for the current agent:

Discoverysap6.png


Template warning.png

Java must be installed within the server for SAP integration to work.

 


3.4 Discovery Applications: VMware

Template warning.png

In case of manual installation or update from a Pandora FMS version prior to 732, it is necessary to install SDK for VMWare to work properly.

 


From Pandora FMS 7.0-733 version on, VMware infrastructures can be monitored using Discovery Applications.


Discoveryapplications2.png


The following must be specified:

  • A name to identify the task.
  • A Discovery server where to run it.
  • A group to which the agents generated by the VMware task will be associated.

Info.png

It must be taken into account that if the Pandora FMS server has the autocreate_group token active, priority will be given to the group corresponding to the indicated ID, instead of applying the configuration of the wizard.

 



The data required to monitor VMware are:

  • V-Center IP
  • The name of the datacenter (it can be seen through VMware installation management screen).
  • User with read permissions.
  • User password.
  • Monitoring interval.

Password encryption can be enabled by pressing the button encrypt passwords. This only applies to the wizard in progress.


On the next page, VMware monitoring details can be specified:

Discoveryapplications3.png

  • Max threads: Choose the number of threads that the VMware monitoring script will use to speed up data collection.
  • Retry send: The information of the detected agents is sent by XML to the DataServer. This option must be activated to retry sending in case of error.
  • Event mode: Only for VCenter. VMware VCenter event-based monitoring is enabled. This working mode is exclusive and independent from standard monitoring.
  • Virtual network monitoring: It enables monitoring of virtual network devices which are defined in VMware.
  • Extra settings: Any advanced settings needed to customize VMware monitoring should be included here in text mode. For more information, visit this section.





3.5 Discovery Applications: MS SQL


This new Pandora FMS integration allows monitoring Microsoft SQL server databases.

Microsoft ODBC must be installed in the system where Pandora FMS server is running.

Info.png

From version 745 onwards, ODBC is preinstalled in Pandora FMS ISO.

 


3.5.1 How to install Microsoft ODBC

  • In CentOS 6:
curl https://packages.microsoft.com/config/rhel/6/prod.repo > /etc/yum.repos.d/mssql-release.repo && \
yum remove unixODBC-utf16 unixODBC-utf16-devel && \
ACCEPT_EULA=Y yum install -y msodbcsql17
  • In CentOS 7:
curl https://packages.microsoft.com/config/rhel/7/prod.repo > /etc/yum.repos.d/mssql-release.repo && \
yum remove unixODBC-utf16 unixODBC-utf16-devel && \
ACCEPT_EULA=Y yum install -y msodbcsql17

Once the ODBC is installed, it might be necessary to set which driver Pandora FMS should use. To that end, check Pandora FMS server configuration file.

/etc/pandora/pandora_server.conf

Once you go to the configuration file, look for the following token:

mssql_driver IDENTIFYING STRING

The IDENTIFYING STRING parameter can be found in /etc/odbcinst.ini which will be created when installing ODBC.

This is the default string:

ODBC Driver 17 for SQL Server

3.5.2 Configure a Discovery Applications MS SQL task

To create a monitoring task for a Microsoft SQL Server database, access through Discovery (Discovery > Applications > Microsoft SQL Server).

Once you choose the Microsoft SQL Server task, you may define the instances in the following way:

IP\Instance

If you wish so, define a port like this:

IP:Port\Instance

Mssql1.png


This integration's configuration advanced options include service stability, usage statistics, connection status and custom queries.

Mssql3.png

If you wish to execute any custom query, keep in mind they follow the same format as those of Oracle.

4 Discovery Cloud

Discovery Cloud allows you to monitor structures in the AWS cloud. Thanks to Pandora FMS, you can manage many Amazon Web Services accounts as well as Microsoft Azure's, concentrating information management in a single tool.

Azure66.JPG

Account management, both from AWS and Microsoft Azure, will be made through the Credential Store located in Profiles -> Manage agent groups -> Credential Store.

Credential store.png

4.1 Discovery Cloud: Amazon Web Services (AWS)

Template warning.png

This section is under construction.

 


To monitor an infrastructure in Amazon Web Services, follow the different pages of the wizard step by step.


4.1.1 AWS. Credential validation

Pandora FMS allows managing several AWS accounts. Once you have accessed the Amazon Web Services menu, the navigation will be automatically redirected to the window to select the account with which you need to access the service. If there is a previously created account in previous versions of Pandora FMS, it will be shown as "imported_aws_account".

AWSCredentials1.JPG

You can add as many accounts as necessary through the "Manage Accounts" option next to the AWS Account drop-down.

This will allow access to the "Credential store" section of Profiles> Manage agent groups and it will act as the store of all the Amazon Web Services accounts previously created to be registered.

AWS4.png

AWS5.png

Query accounts in Amazon AWS must be created with the following permissions:

Awsgrants.png

  • Billing (read)
  • CloudWatch (list,read)
  • Cost Explorer Service (Full access)
  • EC2 (full read, limited: list)


Summary of the policy in JSON:

{
   "Version": "2012-10-17",
   "Statement": [
       {
           "Sid": "VisualEditor0",
           "Effect": "Allow",
           "Action": [
               "ec2:DescribeInstances",
               "ec2:DescribeVolumesModifications",
               "ec2:GetHostReservationPurchasePreview",
               "ec2:DescribeSnapshots",
               "aws-portal:ViewUsage",
               "ec2:DescribePlacementGroups",
               "ec2:GetConsoleScreenshot",
               "ec2:DescribeHostReservationOfferings",
               "ec2:DescribeInternetGateways",
               "ec2:GetLaunchTemplateData",
               "ec2:DescribeVolumeStatus",
               "ec2:DescribeScheduledInstanceAvailability",
               "ec2:DescribeSpotDatafeedSubscription",
               "ec2:DescribeVolumes",
               "ec2:DescribeFpgaImageAttribute",
               "ec2:DescribeExportTasks",
               "ec2:DescribeAccountAttributes",
               "aws-portal:ViewBilling",
               "ec2:DescribeNetworkInterfacePermissions",
               "ec2:DescribeReservedInstances",
               "ec2:DescribeKeyPairs",
               "ec2:DescribeNetworkAcls",
               "ec2:DescribeRouteTables",
               "ec2:DescribeReservedInstancesListings",
               "ec2:DescribeEgressOnlyInternetGateways",
               "ec2:DescribeSpotFleetRequestHistory",
               "ec2:DescribeLaunchTemplates",
               "ec2:DescribeVpcClassicLinkDnsSupport",
               "ec2:DescribeVpnConnections",
               "ec2:DescribeSnapshotAttribute",
               "ec2:DescribeVpcPeeringConnections",
               "ec2:DescribeReservedInstancesOfferings",
               "ec2:DescribeIdFormat",
               "ec2:DescribeVpcEndpointServiceConfigurations",
               "ec2:DescribePrefixLists",
               "cloudwatch:GetMetricStatistics",
               "ec2:GetReservedInstancesExchangeQuote",
               "ec2:DescribeVolumeAttribute",
               "ec2:DescribeInstanceCreditSpecifications",
               "ec2:DescribeVpcClassicLink",
               "ec2:DescribeImportSnapshotTasks",
               "ec2:DescribeVpcEndpointServicePermissions",
               "ec2:GetPasswordData",
               "ec2:DescribeScheduledInstances",
               "ec2:DescribeImageAttribute",
               "ec2:DescribeVpcEndpoints",
               "ec2:DescribeReservedInstancesModifications",
               "ec2:DescribeElasticGpus",
               "ec2:DescribeSubnets",
               "ec2:DescribeVpnGateways",
               "ec2:DescribeMovingAddresses",
               "ec2:DescribeAddresses",
               "ec2:DescribeInstanceAttribute",
               "ec2:DescribeRegions",
               "ec2:DescribeFlowLogs",
               "ec2:DescribeDhcpOptions",
               "ec2:DescribeVpcEndpointServices",
               "ce:GetCostAndUsage",
               "ec2:DescribeSpotInstanceRequests",
               "cloudwatch:ListMetrics",
               "ec2:DescribeVpcAttribute",
               "ec2:GetConsoleOutput",
               "ec2:DescribeSpotPriceHistory",
               "ce:GetReservationUtilization",
               "ec2:DescribeNetworkInterfaces",
               "ec2:DescribeAvailabilityZones",
               "ec2:DescribeNetworkInterfaceAttribute",
               "ce:GetDimensionValues",
               "ec2:DescribeVpcEndpointConnections",
               "ec2:DescribeInstanceStatus",
               "ec2:DescribeHostReservations",
               "ec2:DescribeIamInstanceProfileAssociations",
               "ec2:DescribeTags",
               "ec2:DescribeLaunchTemplateVersions",
               "ec2:DescribeBundleTasks",
               "ec2:DescribeIdentityIdFormat",
               "ec2:DescribeImportImageTasks",
               "ec2:DescribeClassicLinkInstances",
               "ec2:DescribeNatGateways",
               "ec2:DescribeCustomerGateways",
               "ec2:DescribeVpcEndpointConnectionNotifications",
               "ec2:DescribeSecurityGroups",
               "ec2:DescribeSpotFleetRequests",
               "ec2:DescribeHosts",
               "ec2:DescribeImages",
               "ec2:DescribeFpgaImages",
               "ec2:DescribeSpotFleetInstances",
               "ec2:DescribeSecurityGroupReferences",
               "ec2:DescribeVpcs",
               "ec2:DescribeConversionTasks",
               "ec2:DescribeStaleSecurityGroups",
               "ce:GetTags"
           ],
           "Resource": "*"
       }
   ]
}


Assign the policy to a new user.

Awsgrants2.png


Back in Pandora FMS, the registered account can be used to link it and be able to access AWS monitoring.

Info.png

If pandora-cm-api is not available in the installation, it can be obtained from the following link: [1]

 



4.1.2 Discovery Cloud. AWS

Once the credentials have been validated, access the Discovery Cloud menu => Amazon Web Services

AWS6.png

In this section, Amazon EC2 and Amazon RDS are found. For each account added to the "Credential store", the EC2 environment hosted in that account can be monitored.

Info.png

Only one recognition task per AWS account can be active. The account will be the same for all monitored technologies within the provider.

 


4.1.3 Discovery Cloud. AWS.EC2

Within EC2 monitoring you can find:

  • Expense monitoring.
  • Summary of resources registered in AWS.EC2.
  • Specific instance monitoring.
  • Volume and elastic IP address monitoring.

To start the monitoring process, a series of basic data is requested:

Cloud3.png

It is required to provide a name for the task, indicate the Discovery server from where it will be executed and the monitoring interval.

4.1.3.1 Discovery Cloud AWS.EC2 Costs

When clicking next, you will start configuring AWS monitoring expenses:

Template warning.png

Amazon Web Services expense monitoring involves extra expenses. You can find more information about it in the following link [https://aws.amazon.com/aws-cost-management/pricing/

 


Expense monitoring provides a separate monitoring interval to avoid extra charges.

Cloud4.png

Both the overall cost and the independent cost per region can be monitored.

4.1.3.2 Discovery Cloud AWS.EC2 Summary

The Discovery task can be configured to collect general information on the stock status in all regions.

To enable it, the Scan and general monitoring option must be activated.

Cloud5.png

Generic CPU usage counters can be added, as well as output (disk) input operations or volume of disk and network transferred data (bytes).


4.1.3.3 Discovery Cloud AWS.EC2 Specific Instance Monitoring

Specific instances can be monitored to obtain readings of:

  • CPUUtilization: Average CPU usage
  • DiskReadBytes: Reading bytes (disk)
  • DiskWriteBytes: Writing bytes (disk)
  • DiskReadOps: Read operations (disk)
  • DiskWriteOps: Writing operations (disk)
  • NetworkPacketsIn: Input packets (network)
  • NetworkPacketsOut: Output packets (network)

The agents that represent the specific instances will have as their parent the agent that represents the region where they are hosted.

It must be verified that the update_parent token is configured to 1 in the Pandora FMS server configuration to keep the parent-child relationships updated.

Navigation must be carried out through the browser by selecting the instances that need to be monitored:

Cloud6.png

4.1.3.4 Discovery Cloud AWS.EC2 Extras

In this last screen you can indicate whether you want to monitor the volumes used by the reserved instances.

Two extra modules will appear in the region agents:

  • Total reserved volume (GB)
  • Total registered volumes (number)


You can also choose to activate the Elastic IP addresses token. The number of elastic IPs registered in the AWS.EC2 account will be reported.

Cloud7.png


Once the wizard is completed, the progress of the execution in Discovery Task list can be seen:

Tasklist1.png

4.1.4 Discovery Cloud. AWS.RDS

AWS RDS allows you to monitor relational databases provided by Amazon Web Services.

The RDS service provides a database server and allows creating the instance related to said database. In addition, RDS offers the possibility to connect to its instances through clients such as SSMS, MySQL workbench or through JDBC or ODBC DB APIs.

AWS8.JPG

Through Pandora FMS, different RDS instances can be monitored by filling in the parameters included in the menu shown at the top.

AWS RDS integration with Pandora FMS allows to monitor both the data source and their availablity.

In addition, the database running under RDS can be monitored retrieving all the metrics that could be monitored in a database as usual.

Template warning.png

Integration with AWS RDS only supports Oracle, MySQL and Mariadb.

 


4.1.5 Discovery Cloud. Overview

Discovery Cloud includes an overview where the key points of the infrastructure in Amazon Web Services can be reviewed. Pandora FMS allows displaying different maps based on existing accounts.

In the AWS view, the account from which you wish to display the information can be selected:

AWS9.JPG

It includes:

  • Current expenses
  • Previous expenses
  • Expense evolution chart (6 months)
  • Reserve / instance evolution chart (1 month)
  • Map of regions with the number of instances per region.

Awsview.png

4.2 Discovery Cloud: Microsoft Azure


To monitor an infrastructure in Microsoft Azure, follow these instructions step by step.

4.2.1 How to register a user to use the Azure API

Azure.png

  • Go to 'App registrations'> 'New registration'

Azure2.png


  • Enter the data.

Azure3.png


  • Write down the data "client_id" and "directory".

Azure4.png

  • Next, access 'certificates & secrets' and create a new one:

Azure5.png

Template warning.png

Write down the key that is shown, it is the application_secret.

 


4.2.2 Assigning permissions

Assign a role to the account that will operate (app). To that effect, access "home" and get into the subscription.

Azure6.png


Within the subscription, select "Access control (IAM)".

Azure7.png

Add a new role assignment and once there, select the "reader" role for the created app.

Azure8.png

It is important to save the changes by pressing "save".


From that moment onwards, you can connect to the service and make requests through pandora-cm-api.

4.2.2.1 Examples

The status of Azure can be checked from Pandora FMS as follows:

  • Preload the environment.
  • Run . load_env.sh
  • pandora-cm-api --product Azure --get availability


If the environment is operational, the system should return a response of 1.

An example of the contents of the load_env.sh script would be the following:

  • Azure
export CLIENT_ID=XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX

export DOMAIN=XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX

export APPLICATION_SECRET="XXXXXXXXXXXXXXXXXXXXXXXXX"

export AZURE_SUBSCRIPTION_ID=XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX

4.2.3 Configure a task in Pandora FMS

Pandora FMS allows managing several Microsoft Azure accounts.

You can add as many accounts as needed through the "Manage Accounts" option next to the Account drop-down.

This will allow access to the "Credential store" section of Profiles> Manage agent groups and it will act as the store of all previously created Microsoft Azure accounts to be registered.

To configure a new task, follow these steps:

  • Add a new password to the "credential store".

Azure9.png


  • Access 'Discovery> Cloud> Azure' and validate the Azure account.


Azure10.png


Azure11.png


Azure12.png


  • From that point onwards, it will be necessary to define the name of your recon task, the server that will execute the task, the group it will belong to and the execution interval.

AzureX3.PNG

  • Once task data are defined, select the Azure account sections that you wish to monitor. Each section will allow in turn to choose the desired instances.

AzureX4.PNG

  • The last step is selecting the metrics you wish to obtain from the agents generated by Pandora FMS for each instance it finds in Microsoft Azure. Once the section is configured, the task can be launched and Pandora FMS will create automatically agents according to the instances required in previous steps.

AzureX5.PNG


5 Discovery Console Tasks

Virtually identical to what was previously seen in Task List, Console Task will allow creating new tasks taking into account the following parameters:

  • Task: The task that will be executed among the following:
    • Backup Pandora FMS database.
    • Execute custom script.
    • Save custom report to disk.
    • Save custom XML report to disk.
    • Send custom report (from template) by email.
    • Send custom report by email.
  • Scheduled: It is used to specify how often the task will be executed.
  • Next execution: It shows the date of the next execution, being able to modify it if necessary.
  • Group: Group to which the task belongs.
  • Parameters: They are the specific parameters of each task.

ConsoleTasks.JPG

5.1 Parameters of different tasks


Backup Pandora FMS database
  • Description: Backup description.
  • Save to disk in path: path where the backup will be stored.

Execute custom script
  • Custom script: The script to be executed will be indicated.

“Save custom report to disk” and “Save custom XML report to disk”
  • Report pending to be created: The report to be created.
  • Save to disk in path: Path where the created report will be stored.

Send custom report (from template) by email
  • Template pending to be created: Custom template to be created.
  • Agents: Agents from which the information that will be reflected in the report will be obtained.
  • Report per agent: If you wish to generate separate reports for each report.
  • Report name: Name that you want to give the report.
  • Send to email addresses: Email addresses the report will be sent to.
  • Subject: Topic of the mail to be sent.
  • Message: Body of the message which will be sent together with the reports.

Send custom report by email
  • Report pending to be created: Report to be generated.
  • Send to email addresses: Email addresses the report will be sent to.
  • Subject: Topic of the mail to be sent.
  • Message: Body of the message with which the reports will be sent.
  • Report Type: Type of report that will be sent.

6 Discovery Host&Devices

The Discovery Host & Devices section offers a multitude of options to help manage and discover devices within as many environments as needed.

Therefore, it features the following tools:

  • Net Scan.
  • Import CSV.
  • Custom NetScan.
  • Manage NetScan scripts.


800

6.1 NetScan

With the NetScan tool, you may find devices in a network and apply different monitoring rules.

First, define the name of the task, the Discovery server that will run it, the group the discovered agents will be assigned to and the scanning interval.

In addition, you will have two options when performing the scanning task. You may indicate the networks to be discovered in the field designed to that end in Red or you may enable the token Use CSV file that will allow to load a csv file containing the specific devices or network to check throughout the recon task. If the csv file is selected, the Network option will not be enabled.

3oaKq2yukE.png

Template warning.png

The intervals selected as manuals must be manually launched. Discovery will not launch a manual task automatically.

 



In the features section, you may indicate the following options:

800


  • Known hardware auto discovery: It dinamically applies the templates that were previously added to the Private Enterprise Number section. To learn more, go to the following link.
  • Module templates: Try to apply the modules from from the selected templates. If the execution does not pass the test, they will not be added to the monitoring list.
  • Check results: The user must validate the results selecting which agents will be created from those found through the discovery task.
  • Apply autoconfiguration rules: It applies the predefined autoconfiguration rules to the detected agents. To learn more, go to the following link.

Info.png

Automatic configuration allows you to apply policies, group changes and settings, as well as launch custom events or execute scripts on actions.

 


Info.png

Agents detected by NetScan are remote agents without a configuration file. You cannot apply local monitoring policies or add configuration changes in block if you do not deploy an agent on the targets.

 



  • SNMP activated: To complete the information obtained from the discovered network devices, enable SNMP. That improves detection by scanning the SNMP information available in the discovered targets. Once this token is enabled, two more options appear:
    • SNMP version: Select the SNMP version configured in the scanned network devices. It supports SNMP versions 1,2, 2c and 3.
    • SNMP communities: Indicate the environment configured community. You may add as many communities as you need by typing them in the following box.
  • WMI enabled: You may enable WMI scanning. Just select the previously loaded credentials from the credential store.

Info.png

The different credentials provided against the detected objectives that support WMI will be tested, complementing monitoring with modules that will report about CPU, memory and disk usage.

 


  • SO detection: Detect the target's operating system.
  • Name resolution: Solve the target's name.
  • Parent detection: By means of the information collected through SNMP, the different interconnections between devices will be calculated, to be able to represent their network infrastructure.
  • Parent recursion: It improves parent detection adding recursion to the process.
  • VLAN enabled: It detects the VLAN to which the different devices are connected to.

Once the wizard is finished, Discovery will start executing it in each defined interval. If the interval is manual, the task should be started manually:

800

Once the task is finished, if you access from Review, you will see a summary of the devices found which respond to ping and the rest of metrics available through SNMP or WMI. All the IPs will be shown, but they may have two status:

  • Disabled: There is already an agent or module being monitored in the environoment and it will not be created nor modified.
  • Enabled: it is a new non-monitored element or within the obtained metrics there us a new element that responded and that will be displayed on a drop-down. You may choose to add it to the monitored agent list in thoses devices in this status or add any of the new enabled metrics.

HK8XAXtv92.png

Info.png

Once the targets to be monitored are selected, the system will create them systematically. Along the process, the target OS will be detected to complete the information gathered.

 


6.2 Automatic agent deployment

Template warning.png

Please confirm winexe command is installed and working in your server before using this feature. This utility is provided by Pandora FMS Enterprise server installer. You must install zlib.i686 and glibc.i686 to get winexe working.

 


Template warning.png

In Windows environments it is recommended to install as an administrator user. Before starting the service it will be necessary to define an administrator account for its use.

 



From Pandora FMS version 737 onwards, it is possible to deploy agents from the console itself using the deployment center.

Template warning.png

Server version must be EL7 for agent automatic deployment to work.

 


Depl1.png


The steps to deploy agents from the console are:

Register the versions of the software agents to be deployed in the agent repository.

The installers of the agents to be deployed throughout the infrastructure are needed. You may use custom agents.

For more information about the use of the agent repository, visit this link


Register the credentials to be used to connect the targets in the credential manager.

Specify the credentials with which the accesses to found or specified targets will be tested.

For more information about the use of the Credential Store, visit this link


Check that your environment is ready for deployment.

When visiting the deployment center for the first time, the following notices will be shown:

Depl info1.png

This message points out that objectives for deployment have not been defined yet.


Depl info2.png

These messages indicate:

The first message indicates that the public_url public access URL must be configured so that the targets can get connected to the console and be configured.

Template warning.png

This system does not perform PUSH operations. All deployments are sent by offering the software and ordering the target to install it.

 



The second one indicates that no installers have been added to the agent repository. Register installers to deploy the software.



6.2.1 Target Search

Search or point out the targets in the deployment center.

Use any of the methods described below to register new targets.

You may use any of the following options to define targets:

Depl action buttons.png


6.2.1.1 Scan one or more networks in pursuit of targets.

By pressing the scan targets button, a pop-up with the following fields will be displayed:

Depl2.png


Firstly indicate:

  • The network or networks (separated by commas) to scan.
  • The Discovery server that will perform the scan.
  • The credentials used to try to connect to the discovered targets.
  • The software agent version registered as "desired" for the discovered targets.
  • The IP of the target server where these software agents will point when they are installed (it corresponds to the "server_ip" field in the agent configuration file).


When pressing 'Scan', you will receive a confirmation, with a link that you can follow to check the progress of this task.

Depl info3.png


A new entry will appear in the task list:

Depl2b.png


Info.png

Discovery tasks related to agent deployment are volatile tasks. Once completed, they will be automatically deleted. Information about scan or deployment, both successful and failing, can be consulted from the deployment center itself.

 



As possible targets are found, they will appear in the deployment center:

Depl3.png


Info.png

The discovered targets added to this list are all found devices whose operating system matches Windows or Linux / Unix based systems, regardless of whether valid credentials were found or not.

 


6.2.1.2 Define a target manually.

You may manually register the target by defining:

  • IP.
  • OS. This version only allows Windows and those operating systems based on Linux / Unix (compatible with the tar.gz agent installer).
  • Architecture.
  • Credentials used to try to connect to the target.
  • The agent version you wish to deploy.
  • The IP address of the server where that agent will point once installed (it corresponds to the field server_ip of the software agent configuration).

Depl5.png

6.2.1.3 Upload a CSV file with target information.

If you wish to mass register targets, upload a CSV file with the following format:


IP; OS; Architecture; Target agent version; Credential identifier; Target server ip


Depl6.png

The system will create the objectives based on what is defined in the CSV.

6.2.2 Deploy the software

Template warning.png

You may only schedule deployment against targets whose information is complete, specifying both credentials and software versions to deploy.

 


When you have possible targets on the list, launch agent deployment:

Depl4.png


Select the IPs of the targets from the list (only valid targets will appear) and press deploy.

A Discovery task for background deployment will automatically be created, which will install the agent on the desired targets.

You can confirm that the agent has been successfully installed from the list of objectives of the deployment center:

Depl7.png


The name of the target also becomes a link to the corresponding Pandora FMS agent.


Failure example: The user not only entered the IP of the target, but also its netmask (THE IP IS ENOUGH).

When the system tries to deploy the software, it will notice that the IP format is not correct and will warn the user:

Depl err1.png

6.3 Import a list of your devices in CSV

A list of devices can be imported to represent them as agents using the agent import wizard through CSV.

Info.png

This feature only creates agents in Pandora FMS for its remote monitoring.

 



Hostdevices2.png

Select the separator used, the server on which you wish to import and the file that contains the data, then click on "next".

Hostdevices3.png

6.4 Custom NetScan

It allows the execution of custom scripts for the execution of network recognition tasks.

Create a recognition task specifying:

  • Task name: Name of the recognition task.
  • Comment: Allows adding comments.
  • Discovery server: Server that will execute the task.
  • Group: Group it belongs to.
  • Interval: Execution interval.

DISC NetScan Custom 1.JPG

Once the process of creating the task is complete, specify the script that you wish to run, as well as the configuration file necessary for its execution.

6.5 Net scan scripts

This section will show the different scripts that have been created for custom recognition tasks. A view is displayed where the name and description of the task are defined.

DISC Net scan scripts.JPG

Pandora FMS allows adding additional scripts to make monitoring and recognition of required networks easier.

The parameters that can be defined are the following:

  • Name: Script name.
  • Script fullpath: Path where the script is located.
  • Description: Script description. You can define descriptions of the different fields, as well as default values for them.
  • Hide value: In case you wish to hide the value of a field.
  • Help: Help fields.

DISC Net scan scripts 2.JPG

Creating scripts allows adding macros with which to define all the parameters needed for the correct execution of the script.