The history of Pandora FMS

Since our humble beginnings, Pandora FMS has overcome challenges that have strengthened and guided us towards growth. Every obstacle became an opportunity to innovate, and today, thanks to our effort and dedication, we continue to move forward with the same passion that inspired us from the beginning.

A story by Sancho Lerena

CEO and founder of Pandora FMS

It was 2001. I was twenty-five years old and was a fan of Linux.

At the time, I was working at AOL Spain as a production technician in the communications and security department, but my experience was mostly reduced to Checkpoint firewalls, so I learned a lot about pure networking with Cabletron and Cisco equipment.

My job at the time was to configure and manage the entire production networking environment. It was an entire data center with hundreds of Unix, Windows and high-end network equipment. Although the operations group used HPOpenview, it was impossible to have a global picture of everything, not even a “map”.

Thanks to my background in security and Linux, I made myself a place on the team, due to my ability to explore networks, entering systems and relating every part logically.

I then discovered that there was no decent tool for monitoring heterogeneous environments with complex network topology

“I managed several pilot implementations of event collection and centralization tools (SEM, SIEM). I learned a lot from this experience.

I used a lot of MRTG and developed scripts with RRDTool, which helped me in painting graphs representing main communications systems (Routers, Equipment RAS high-end connectivity between VPN, firewalls, etc.), things OVO didn’t or wouldn’t do as it seemed complicated to make any changes.

Afterwards I started working at BBVA. In this new job, my tasks were more related with the world of security and systems and I came into serious contact with AIX and Solaris. The monitoring tools used by the corporation were the Big4: they had it all, but it was simultaneously a very fragmented framework.

The division of departments was planned to binomial: communications or systems, and each team was oriented differently, using different tools and different methodologies.

From security, I didn’t have access to any of those tools to monitor my systems (Firewalls, IDS, Unix environments, Windows, etc), so I had no choice but to explore new ways to complete the task at hand.

I became a specialist in firewall piercing techniques, that later helped me out in understanding and overcoming the challenges of complex network topologies, and which have added to what are now parts of the architecture design in Pandora FMS

“I needed powerful graphics to include data from different sources in monitoring reports. It was vital to compare and relate everything, to be able to set thresholds and generate alerts.

I first tried to introduce a piece of software named Nagios, but the weakness of its agents and its rigid conception of monitoring did not suit me. At that time it was more important to provide performance, not only to obtain status. Also it was important to complete these features by giving the ability to run complex tests -since no environment was standard- and to collect information from all of these systems. The vast majority of the time there was no direct access to the system that needed monitoring, so I had to install agents that “blindly” contacted me or another pre-established proxy system.

Based on my own experience in logs and event collection tools I saw that all agent-based systems crashed due to their rigid requirements, recent Java-based machines or because of binary package distribution. In many production environments, it was impossible to upgrade versions, install packages on the system or install things as the root user. Nagios wasn’t even close to what I needed or imagined. Since then, I’ve found once and again many systems with uptimes that took several years, which of course nobody wanted to even look at.

The father of Pandora FMS:

ARENA

The first integrated software concept that satisfied our needs was “Arena” . It was an environment that gathered data sent by some precarious agents written in KSH.

This data was not even standardized; it was sent in plain text and separated by dotted lines “—-“. The server was developed in Perl, made by a colleague of the Department of logical security (Juan H.) and included a frontend in PHP that, in fact, was made from some of my first pieces of code written in PHP.

I knew some web programming by then, but my experience was very poor and responded to very old paradigms (CGI Programming in C and rudimentary HTML in Netscape servers). It was also my first contact with MySQL as my only background then had been my work on Sybase databases.

The birth of Pandora FMS

The needs were growing and the architecture and design just didn’t fit. On the other hand my partner -Juan H.- withdrew from the project and I considered starting the whole idea again from scratch with another design.

That day, December 2002, Pandora was born, but it was just a hobby to occupy my idle time, which at that time I had plenty of.

With the help of a partner (Sergio I.), we created the first Windows agent, based on Windows Scripting Host and coded using VBScript. Needless to say, that was only the tip of the iceberg compared to what it would years later become.

In fact, it had many initial issues. I developed the server from scratch, using Perl. I had used Perl scripts in the past to develop small, closely related systems, audit tools, brute force scripts, network scanning, and auditing.

Therefore part of these codes were included in Pandora, and Goliath as well, a WEB engine that makes synthetic transactions. But still, my experience with Perl at that time was limited.

Slowly, and with the help of some friends, we created something with documentation to get by, and, at the time, I was showing the project to co-workers and acquaintances who, thanks to their feedback, helped shape the released version of Pandora FMS.

Internally, banks began to see this as a useful tool to get an exact picture of their security systems, especially Checkpoint firewalls and AIX environments.

The initial project was called “Pandoramon”.

“It is important to clarify that the code of the agents, the console and the server started from scratch, I never borrowed anything from projects like Nagios. Some people have doubted this last point, but thanks to the fact that all the code is published since the beginning of time, you can see perfectly that the current architecture is heir of those first versions of Pandora FMS.

Pandora FMS as a company

In 2002 I had tried to set up a company based on a software we had developed for Internet remote surveillance for guards (BabyCam), and in 2004 a security consulting company (Ip4All) but neither came to fruition.

In mid-2005 I decided to make a professional living from Pandora, offering network auditing services, custom development, security software installations, etc. At this point there is still no concept of “Enterprise version”.

The business model is based on offering services around two base products: Pandora and Babel. Babel was another software with a similar philosophy, oriented to system hardering and security dashboards.

Together with David Villanueva, a former colleague, we decided to set up Artica. I left my great job as a senior specialist consultant at the bank. From this point on everything goes faster and faster, Ártica Soluciones Tecnológicas is officially founded in November 2005.

The first beginnings are hard, and Pandora is nothing more than an anecdote for my first clients. I dedicate myself to observe their needs and learn from real problems in different environments, always linked to the security world.

One of the first things we did was to rename the project to Pandora. At the end of 2006 we added the FMS tag because “Pandora” was too generic.

The first years, Pandora had a very slow development, since it was not a software as such, but a purely “Free” project that served to introduce us in security consulting projects. Together we developed Babel Enterprise and it was not until early 2006 that the first professional programmer joined the staff: Esteban Sanchez. He started working full-time on Pandora FMS.

“Someone gave us a wise advice: Free Monitoring System was a very bad way to try to sell. So for the F, we chose the main quality of Pandora and very much related to the original logo (an octopus): F for Flexible.

During the first years, Esteban and I were the first programmers, until November 2007 when Ramon Novoa joined and we started to make Pandora a real software product. At this time we had collaborations from several people, one of the most important, Guruevi from New York and other people from South America, New Zealand and Japan.

As a curious note, all free software projects choose an animal, ours was an octopus. You can see more information about the history of the logo in our blog.

Pandora FMS today

According to openhub.net as of November 2015, Pandora FMS has 11,000 commits made by over 50 people, with a total of 413,000 lines of code developed in PHP, Javascript, Perl, C ++, C, Java and Shellscript. Sourceforge has registered nearly one million downloads.

There have been many versions, patches, and updates, which during the last 12 years have transformed what was originally a project from a simple technician who strived to solve technical problems into something much larger.

Thanks to the collaboration of dozens of programmers, system technicians, users, and customers, today Pandora FMS is a professional tool for monitoring and managing large environments.

As a “Father” of this creature, I can only say: Thank you all for bringing us here!

Summary versions of Pandora FMS

Null

First public release: Pandora v0.8.1 (2004)

Until August 2004 we didn’t release our first version publicly, which was version 0.8. At that time the development team was composed of three people: Sergio I. bearing part of the initial agent VBScript for Windows, Raul M. helping on different code-related tasks, and myself, all working alongside each other to make this possible.

We had to rename the project “Pandoramon” on Sourceforge at the time (because Pandora was already taken).

The first version included features related strictly to agents (we still hadn’t included any kind of remote monitoring) and its interface was pretty basic, to say the least. It didn’t even have an ‘events’ feature, although the graphs were pretty decent. The data model is perhaps the part of the original which has gone through the least changes, but there’s no remaining trace of the original code.

It wasn’t until version 1.0 that we started using a VCS (Version Control System). And though this may sound shocking, the fact is that all of us involved in the project were coming from Networks and Systems, so we were quite the amateurs when it came to Software Development at the time.

Pandora v1.x (2004-2007)

In this version “things got serious.” This version added compatibility with user’s ACL systems.

We started using Subversion to manage the code. The first version of the agent was written in C ++ and developed by Esteban S.. The agent we had written in VBScript was discarded. Remote monitoring and SNMP trap collecting was added.

Reports, combined graphics, recon server and customized reports are combined with the previous features. Module and machine templates are designed for the recon server. There was a significant visual improvement, and Pandora started to be taken seriously.

Pandora v2.x (2008-2009)

In this version we created the ‘Tentacle Protocol’. We introduced an export server. ‘Tentacle’ (a unique file transfer protocol with ports assigned by IANA, 41121 / tcp) marked a before and after in making life easier for users when installing agents.

In version 2.x we made an attempt at creating a server version in C but it didn’t materialize, and we continued working on Perl code. Looking back on this, we can say it was a great decision. The main bottleneck in the server is SQL interaction, not internal operations.

Pandora v3.x (2010-2011)

Here we include the first ‘Enterprise’ version. It includes the possibility to remotely modify agent settings, PDF formatted reports, and some other features. We have customers monitoring environments with over 2000 agents.

Pandora v4.x (2012-2013)

The Android® agent was born to collect data from what was then a novelty: the Global Positioning System, better known by its acronym GPS for GIS PFMS functionality. We also dabbled with data storage in Oracle® and PostgreSQL® although MySQL® remains the default option. Integration with Pandora ITSM (then Integria IMS) was included in this version.

Pandora v5.x (2014-2015)

We transition the project from SVN to GIT. We introduce the Satellite Server. Thanks to the satellite we achieved a rate of 500 check-ups per second in some specific environments, quite a big number. Plus, this was done through “headless” monitoring, which means the monitoring process was distributed and had no bidirectional connectivity.

Pandora v6.x (2016)

We introduce the ‘agent metadirectory’, integrated desktop remote access (through Pandora RC), remote access and management of servers and satellites, improvements in the dashboard, dynamic monitoring, and improvements in predictive monitoring

Pandora v7.x (2016-2024)

In this version, dubbed New Generation (NG), the Rolling Release process was introduced to provide customers with last minute updates, thus abandoning the Service Pack delivery model.

In 2024, Pandora FMS version 7.X was a significant step forward, integrating essential changes such as the exclusive use of MySQL® version 8 and PHP version 8. The Web Console interface was completely renewed, accompanied by internal improvements that reinforce security monitoring, hardware and software inventory management through Pandora ITSM, and the complete rewrite of key functionalities such as “Discovery PFMS .disk” and “Remote Monitoring and Management server” (RMM). These advances were made possible thanks to the combined efforts of a highly committed development, testing and documentation team, as well as the valuable feedback from our broad customer base, which our support department took care of in an exemplary manner. All this has consolidated Pandora FMS as a professional, reliable solution, ready to centralize operations in the most demanding monitoring environments, with the support of the Command Center.