Here you will find the frequently asked questions (FAQ) related to the latest versions of Pandora FMS, grouped by subject.

For much more information about previous versions please consult our knowledge base created by the Pandora FMS community in several languages:

Subject index



Boolean ICMP Network module shows critical status although connectivity with the agent is correct

Pandora FMS currently uses the fping command which is more efficient than the ping command. This entry has been kept for its historical value.

This problem appears when the first package from the ping execution doesn't reach the recipient.

If the icmp_checks parameter is set as 1 inside the Server Configuration File (Default path: /etc/pandora/pandora_server.conf) it will show critical value because it only considers the first try at sending the ping command. Module status would be also critical if the icmp_checks value is higher than 1,the reason for this is that this parameter only executes “independent” pings so check results would always be wrong.

A solution would be to use a script which executes a ping sending as many packages as we want upon its execution. So that, if a machine doesn't answer to the first package we could fix it by modifying the script with a number of packages higher than 1, that way the result will be successful.

Using the pingcheck.sh script would provide us with a simple solution. It would deliver 1 if the machine answers or 0 if it doesn't.

Script code:

# pingcheck.sh
if [ -z "$1" ]
  echo "Syntax:"
  echo " "
  echo "pingcheck.sh <count> <timeout> ip_address"
  echo " "
ping -c $COUNT -W $TIMEOUT $IP 2> /dev/null> /dev/null
if [ $? == 0 ]
  echo 1
  echo 0

Script execution must have the following format:

pingcheck.sh <count> <timeout> ip_address

In order to use this script we should take these tips into account:

  • Create a file using the script code on this path:
  • Allow it to execute:
# chmod +x /usr/share/pandora_server/util/plugin/pingcheck.sh
  • Then, we build a new module plugin from the menu: Manage serversManage plug-ins inside Pandora Web Console.

Name: PingCheck .
Plug-in Command: /usr/share/pandora_server/util/plugin/pingcheck.sh .

  • Finally, we enter the module configuration inside the agent where the issue is taking place, and we add a new Plugin Server Module. After this, we choose the plugin and we set these parameters for the check in the Plug-in Parameters field:
2 5 ip_address

Operating systems

How can I generate a SHH key pair for the Windows agent (SSH Transfer)?

A: You must have PuTTY installed to use one of its utilities:

  • Open PuTTY Key Generator (PuTTYgen) and select SSH2-DSA in the main window.

  • Click on Generate. The program will ask you to move the mouse over a blank area to generate randomness.
  • Once the key has been generated, export it by using the menu Conversions and select Export OpenSSH key.

  • Do not use a password when exporting, so if you get a warning dialog about this, click Yes.

  • This procedure will export the private key, which must be saved as a file id_dsa.

  • To export the public key, in the main window of the PuTTYgen there is a text box whose title is Public key for pasting into OpenSSH authorized_keys file. Select all the text in the box and copy it to the Windows clipboard.

  • Create a new text file using Notepad and paste the text you have copied into this file. Save this file as id_dsa.pub. It is important to enclose the file name in quotation marks to avoid giving it a TXT extension.

  • You will have both files in one folder, one with the private key (no extension) and one with the public key (PUB extension). Note that if you have MS Office installed on your computer, the public key will appear with MS Publisher icon, however always keep in mind that it is a simple text file.

How do I configure the Pandora server to accept SSH keys from the Windows agent (SSH Transfer)?

A: From the server, access the /home/pandora/.ssh directory. If it does not exist, create it. Open the authorized_keys file (or create it if it does not exist) and copy the windows agent public key in a new line. To verify the operation, run the windows agent with the SSH test option, using the command line:

c:\path\to\pandora> PandoraAgent --test-ssh


Does Pandora FMS fulfills PCI/DSS?

The PCI DSS rule implies several requirements:

  1. Safe traffic through coding and certificates. Pandora FMS, at all levels (user operation, communication between components) supports SSL encode and certificates on both ends.
  2. Double access authentication systems. It's possible to deploy a double authentication system. The first one, at an access level (HTTPS) integrated with any OpenSource or commercial token system. The second authentication, at an application level is managed by Pandora FMS, it can be authenticated against LDAP or AD in the same way, or you may do it locally.
  3. Security policies applied to user management. User management is limited by policies both at the user profile level and the operation visibility profile level defined as the Extended ACL system in the Enterprise version.
  4. Possibility of audits in all fields and actions made on the monitored elements. Pandora FMS, in its Enterprise version audits all of the user's actions, including the information about changed or deleted fields. It also includes a validation system with a signature on these registries.
  5. Audit data transfer to external log managers. These audit logs are available for their exportation through SQL and they allow integration from a third source for higher security, in almost real-time.

I have enabled the double authentication and I've lost the code generator

You should contact with the Pandora FMS administrator to disable this feature for you. This can be done through: like this.


I lost my MySQL root password, How can I recover it ?

Do like so:

service mysql stop

Wait until MySQL shuts down. Then run:

mysqld_safe --skip-grant-tables &

After that you will be able to login as root without a password:

mysql -uroot mysql

In the MySQL command line prompt issue the following command:

UPDATE user SET password=PASSWORD("none") WHERE user="root"; FLUSH PRIVILEGES;

Stop the running MySQL instance

kill `ps aux | grep -e "--skip-grant" | grep -v grep  | awk '{ print $2 }'`

Restart the mysql service normally

 service mysql start

At this time your root password is reset to none and MySQL will now know the privileges and you'll be able to login with your new password:

mysql -uroot -pnone mysql

How can I make a backup of database?

A simple mysqldump command execution will dump your database contents. A blank database with the same name (without data, generally named pandora), should be enough to receive the dump generated by the mysqldump command.

First you should create the backup:

mysqldump -u root -p pandora> /backup/pandoradb_backup.sql

Restore the backup (from scratch):

 mysql -u root -p
 create database pandora;
 use pandora;
 source /backup/pandoradb_backup.sql

Probably you also need to give access to your pandora console user:

grant all privileges on pandora.* to pandora@localhost identified by 'mypassword';

If you want to make a complete backup of the system, do not forget to backup the entire /etc/pandora directory to save the configuration information of the local agents and servers.

Using the 'mysql' and 'mysqldump' commands correctly from the command line

Q: I attempted to use several references from the documentation, but there is an error in the documents. In several locations you indicate a “root” username, but the default SQL user name in your configuration files is “pandora”.

A: Always check your current credentials in /etc/pandora/pandora_server.conf. In some environments credentials could have changed. You should always be able to access MySQL Pandora FMS databases with your Pandora user.

By default, the database should be called “pandora”, and the user should be “pandora”, the password will be a random string. This means that commands should look like this:

In the MySQL console:

 mysql -u pandora -D pandora -p

And enter the corresponding password.

To perform a SQL dump (for backups):

 mysqldump -u pandora -p pandora> file

And enter the corresponding password.

I have custom fields in events in Base64 format, how to convert them to plain text?

From version 761, event custom fields are saved in plain text but in previous versions they were saved in Base 64.

  • To backup the information contained in the database see “Backup and recovery procedures”.
  • To see if you have information in the event custom fields, execute the following query through the “DB Interface”:
SELECT id_evento, custom_data FROM tevento WHERE IF(CONVERT(FROM_BASE64(custom_data) USING utf8mb4) IS NULL, TRUE, IF(CONVERT(FROM_BASE64(custom_data) USING utf8mb4) = '', TRUE, FALSE)) = FALSE;
  • If the previous query is positive, to convert them to plain text use:
UPDATE tevento SET custom_data = CONVERT(FROM_BASE64(custom_data) USING utf8mb4) WHERE IF(CONVERT(FROM_BASE64(custom_data) USING utf8mb4) IS NULL, TRUE, IF(CONVERT(FROM_BASE64(custom_data) USING utf8mb4) = '', TRUE, FALSE)) = FALSE;

Web servers (Apache, Nginx) and Web Console PFMS

New themes for the Web Console PFMS

Answer: It depends on the version you have installed, go to this link for more information.

How can I add fonts for use in charts and reports?

To add fonts to Pandora FMS just copy them into the folder include/fonts. For fonts to work in PDF reports, the filename must match the lowercase font family name without spaces. For example, for the family name Honoka Mincho the correct file name would be: honokamincho.ttf.

On GNU/Linux you can use ttfdump to find the source family name in the section Name table 1. Example:

$ ttfdump font_1_honokamin.ttf | grep -A10 "Name table   1"
Name table   1.  PlatformID:     1
                EncodingID:     0
                LanguageID:     0
                NameID:         1
                Length:         13
                Offset:         256
                48 6f 6e 6f 6b 61 20 4d 69 6e>  Honoka Min
                63 68 6f> cho
Name table   2.  PlatformID:     1
                EncodingID:     0
                LanguageID:     0

Pandora FMS includes graphics, maps and fonts that can be used in the reports. By default, the following is used (code.ttf). It contains Latin, Arabic, hiragana, katakana, etc. As we said, fonts can be found in /include/fonts and new fonts can be added if necessary.

How can I recover access to the console if I forgot the password for my admin user?

You will need to create another admin user to change the password for other users. In order to do that, open a shell in your Pandora FMS server and execute as root the following command:

/usr/share/pandora_server/util/pandora_manage.pl /etc/pandora/pandora_server.conf --create_user admin2 none 1

This will create a new administrator user called admin2 with password none.

Electronic mail (email)

How can I configure the email server for email alert types?

This is configured in the server, specifically on the file pandora_server.conf, you should restart the server after modifying the file so the changes are applied.

PHP language

Perl language

PFMS installation

What are the differences between WMIC and PandoraWMIC?

WMI stands for Windows Management Instrumentation®, a technological invention of Microsoft®, whose purpose is to manage the different operational environments of the Windows® operating system.

WMI allows scripting languages (such as Windows PowerShell or VBScript) to manage personal computers and servers running Microsoft Windows®, by default, both locally and remotely. Microsoft® provides a command line interface for WMI called Windows Management Instrumentation Command-line (WMIC) which is used by Pandora FMS to perform only query operations, with permission of the owners of those computers and only for monitoring purposes. For example, the PROCESS GET NAME command returns the processes that are running.

At the end of 2021 was reported a vulnerability in WMI that can be exploited with malicious intentions so Microsoft® began to distribute a patch that raises RPC_C_AUTHN_LEVEL_PKT_INTEGRITY to value 1, first optionally but in 2023 will be implemented in a mandatory way for that operating system. PandoraWMIC is a software that replaces WMIC and complies with the necessary security protocols (authentication credentials) and that is the fundamental difference.

Pandora FMS monitors many different operating systems, both proprietary and libre software and keeps up to date with security, for more global information see the section “PFMS security architecture”.

PFMS update

Software Agent PFMS

How to run the Pandora FMS agent in the Start system?

Q: I have installed the pandora_agent in my GNU/Linux system and I want it to run every time that I start the system. How can I do it automatically?

A: The first thing you should do is to copy the pandora_agent_daemon at /etc/init.d .

After, if you want that the pandora_agent_daemon to start when running your system, you'll only need this:

ln -s /etc/init.d/pandora_agent_daemon /etc/rcX.d/S99pandora_agent_daemon

Where 'X' is the run level that you are starting at

After, be sure that your pandora_agent_daemon is correctly off when you switch off.

 ln -s /etc/init.d/pandora_agent_daemon /etc/rc0.d/K99pandora_agent_daemon
 ln -s /etc/init.d/pandora_agent_daemon /etc/rc6.d/K99pandora_agent_daemon

How can I execute PowerShell scripts as a module

If you have your PowerShell located at C:\ScriptPath\Script\script.ps1 you first need to call to your PowerShell interpreter like this:

module_exec C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -Command "C:\ScriptPath\Script\script.ps1"

PFMS Server

My /var/spool/pandora/data_in directory has million of .data files, how can I delete them?

Deleting millions of files in a directory is not possible with the rm command, and find . -delete or find . | xargs rm can be slow. The best way to do it is with this command (perl inline):

perl -e 'for(<*>){((stat)[9]<(unlink))}'

WMI modules do not work with Satellite Server

On some Windows® computers, for security reasons, if we run the Satellite Server service as Local User, we may find that the WMI modules do not run correctly.

To avoid this problem, the service must be configured to run with Administrator user permissions. There are two ways to do this:

1.- Fromcmd.exe with this command:

sc.exe config "SATELLITESRV" obj= "DOMAIN\Administrador" password= "password"

2.- Or from Services.msc → Secondary mouse button on service SATELLITESRVPropertiesLogin and select the Administrator user for execution.

Handling a large amount of data received from the agents

It could happen that for any reason the PFMS server was out of service for minutes, or even hours. When this happens, a huge amount of metrics collected by the agents could get accumulated, which could cause severe delays in Pandora FMS. From version 765 you may set the dataserver_smart_queue token to value 1 and thus activate the special data processing mode.

Setting the server_keepalive parameter

  • The server process (pandora_server) restarts in loop every few minutes/seconds, what could be the problem?

If you increased the threads of some server in pandora_server.conf file, check whether the server_keepalive parameter increased accordingly.

Increasing the number of server threads can increase the time it takes to start pandora_server process completely (depending on the hardware used), so you may have to increase the server_keepalive parameter to adjust it to this startup time.

This happens because if the pandora_server full startup time is longer than the one configured in the server_keepalive parameter, pandora_ha won't detect the pandora_server process as active, and it will be the one that tries to restart it itself, generating that way a restart loop.

In CentOS 7 PFMS Open I get an error message about "Thread::Semaphore" What does it mean?

In version 768 this PFMS Open server dependency is required. Run with the aproppriate permissions:

yum install -y cpanminus
cpanm -i Thread::Semaphore

You may install and execute an additional dependency that checks the library and may take a few minutes to finish.

Pandora FMS Enterprise, licenses

Delete agents to solve problems with agent excess on the Enterprise version

The Enterprise version is limited by a number of agents. In case the number of licensed agents is exceeded, an error message will appear.

To delete remaining agents, the only thing to do is to disable the Enterprise version and delete the leftover agents using Open version. We can do this by renaming the folder to 'Enterprise', in case it's a Centos Appliance we would execute:

mv /var/www/html/pandora_console/enterprise /var/www/html/pandora_console/enterprise.bk

Simple Network Management Protocol (SNMP)

How can I add MIBS to Pandora FMS ?

Question: Does anyone knows how to load MIBS in pandora for the SNMP Walk feature? Answer: Pandora FMS does not manage SNMP directly. It is based on GNU/Linux Net-SNMP libraries that are managed by systems,so edit /etc/snmp/snmp.conf to define MIB loading.You should configure the GNU/Linux system which runs PandoraFMS and add the MIBS file to the /etc/snmp/snmp.conf file(and restart Apache web server) These are the directives /etc/snmp/snmp.conf for the MIB management:

mibdirs DIRLIST

This command specifies a list of directories to search for MIB files. This operates in the same way as the -M option (see snmpcmd for further details). Note that this value can be overridden by the MIBDIRS environment variable, and the -M option.


Specifies a list of MIB modules (not files) that should be loaded. This operates in the same way as the -M option (see snmpcmd for details). Note that this list can be overridden by the MIBS environment variable, and the -M option.

mibfile FILE

Specifies a (single) MIB file to load, in addition to the list read from the MIBS token (or equivalent configuration). Note that this value can be overridden by the MIBFILES environment variable.

How delete all traps from the trap console

Q: I want to delete all the traps from my traps console without going sheet by sheet.Is it possible to do it also from a specific date?. A: To delete all traps that are in the traps console, you should execute, from the DB Interface extension, the following SQL sentence


To delete all the traps previous to July 10, 2020 that are in the traps console, you should execute, from the DB Interface extension, the following SQL sentence:

DELETE FROM ttrap WHERE timestamp <'2020-07-10 00:00:00';


Passwords on the CentOS VMWare Virtual Image

User OS: root

Password: pandora

Web Console User: admin

Password: pandora

MySQL User:root

Password: pandora