2008-08-28 16:59:09 +02:00
|
|
|
# Base config file for Pandora FMS Windows Agent
|
2020-11-27 13:52:35 +01:00
|
|
|
# (c) 2006-2021 Artica Soluciones Tecnologicas
|
2022-11-29 13:18:16 +01:00
|
|
|
# Version 7.0NG.767
|
2010-04-23 18:47:28 +02:00
|
|
|
# This program is Free Software, you can redistribute it and/or modify it
|
2007-08-23 19:24:56 +02:00
|
|
|
# under the terms of the GNU General Public Licence as published by the Free Software
|
2010-04-23 18:47:28 +02:00
|
|
|
# Foundation; either version 2 of the Licence or any later version
|
|
|
|
# This program is distributed in the hope that it will be useful, but
|
|
|
|
# WITHOUT ANY WARRANTY, without ever the implied warranty of MERCHANTABILITY or FITNESS
|
|
|
|
# FOR A PARTICULAR PURPOSE
|
2007-08-23 19:24:56 +02:00
|
|
|
|
2007-08-29 18:20:54 +02:00
|
|
|
# Edit this file to change your parameters or/and add your own modules
|
2010-05-27 08:59:39 +02:00
|
|
|
# Any line with a # character at the first column will be ignored (comment)
|
2010-04-23 18:47:28 +02:00
|
|
|
|
2007-08-23 19:24:56 +02:00
|
|
|
# General Parameters
|
|
|
|
# ==================
|
|
|
|
|
2009-10-13 21:15:07 +02:00
|
|
|
# NOTE: The variables $*$ will be substituted in the installation wizard
|
2007-09-14 15:58:12 +02:00
|
|
|
|
2012-04-25 18:03:46 +02:00
|
|
|
server_ip $ServerIP$
|
2009-10-13 21:15:07 +02:00
|
|
|
server_path /var/spool/pandora/data_in
|
2015-09-24 10:41:20 +02:00
|
|
|
temporal "%ProgramFiles%\pandora_agent\temp"
|
2011-08-19 21:31:33 +02:00
|
|
|
|
2017-10-26 17:58:44 +02:00
|
|
|
# Group assigned for this agent (descriptive, p.e: Servers)
|
|
|
|
group $GroupName$
|
|
|
|
|
|
|
|
# If set to 1 allows the agent to be configured via the web console
|
|
|
|
# (only works on enterprise version). Set to 0 to disable it
|
|
|
|
remote_config 0
|
|
|
|
|
2011-07-14 17:19:39 +02:00
|
|
|
#include "C:\Archivos de programa\pandora_agent\pandora_agent_alt.conf"
|
|
|
|
#broker_agent name_agent
|
2010-05-27 08:59:39 +02:00
|
|
|
|
2007-09-14 15:58:12 +02:00
|
|
|
# Agent uses your hostname automatically, if you need to change agent name
|
2010-05-27 08:59:39 +02:00
|
|
|
# use directive agent_name (do not use blank spaces, please).
|
|
|
|
# This parameter is CASE SENSITIVE.
|
|
|
|
|
2010-04-23 18:47:28 +02:00
|
|
|
# agent_name My_Custom_Agent_name
|
2010-05-27 08:59:39 +02:00
|
|
|
|
2014-11-16 04:30:31 +01:00
|
|
|
# To define agent name by specific command, define 'agent_name_cmd'.
|
|
|
|
# If agent_name_cmd is defined, agent_name is ignored.
|
|
|
|
# (In the following example, agent name is 'hostname_IP')
|
2017-02-20 15:23:18 +01:00
|
|
|
# If set to __rand__ the agent will generate a random name.
|
2014-11-16 04:30:31 +01:00
|
|
|
#agent_name_cmd cscript.exe //B "%ProgramFiles%\Pandora_Agent\util\agentname.vbs"
|
2017-02-20 15:23:18 +01:00
|
|
|
agent_name_cmd __rand__
|
2017-07-17 11:26:22 +02:00
|
|
|
|
2019-04-03 09:53:17 +02:00
|
|
|
# Agent alias. Name should be unique rather than alias. Hostname by default
|
|
|
|
# agent_alias $Alias$
|
2014-11-16 04:30:31 +01:00
|
|
|
|
2012-04-23 10:49:04 +02:00
|
|
|
#Parent agent_name
|
|
|
|
#parent_agent_name caprica
|
|
|
|
|
2011-08-18 11:41:37 +02:00
|
|
|
# address: Enforce to server a ip address to this agent
|
|
|
|
# You can also try to detect the first IP using "auto", for example
|
2013-06-25 18:04:51 +02:00
|
|
|
address auto
|
2011-08-18 11:41:37 +02:00
|
|
|
# or setting a fixed IP address, like for example:
|
|
|
|
#address 192.168.36.73
|
|
|
|
|
2022-09-14 17:12:08 +02:00
|
|
|
# This limits operation if temporal dir has not enough free disk (in megabytes).
|
2009-10-13 21:15:07 +02:00
|
|
|
#temporal_min_size 1024
|
2010-05-27 08:59:39 +02:00
|
|
|
|
2022-09-14 17:12:08 +02:00
|
|
|
# Maximum size (in megabytes) allowed for the XML buffer.
|
|
|
|
temporal_max_size 1024
|
|
|
|
|
|
|
|
# Maximum number of files allowed for the XML buffer.
|
|
|
|
temporal_max_files 1024
|
|
|
|
|
2014-05-20 17:15:45 +02:00
|
|
|
# Delay start execution X second before start to monitoring nothing
|
2009-10-13 21:15:07 +02:00
|
|
|
#startup_delay 30
|
2008-09-05 09:52:38 +02:00
|
|
|
|
|
|
|
# Interval is defined in seconds
|
2009-09-22 Ramon Novoa <rnovoa@artica.es>
* debug_new.h, fast_mutex.h,
debug_new.cpp, static_assert.h: Added to repository. Wu Yongwei's
memory leak detection tool (part of Nvwa). Only compiled when
debugging is enabled.
* bin/util/tentacle_client.exe: Added to repository. Tentacle client
needed to build the installer.
* installer/pandora_2.0.mpi: moved to installer/pandora.mpi. Updated.
The installer can now be built directly from the installer
subdirectory.
* configure.in, Makefile.am, autogen.sh: Created a proper
configure.in and Makefile.am. The agent can now be cross-compiled
from Linux :-D
* bin/pandora_agent.conf: Fixed. A local configuration had been
uploaded.
* pandora_windows_service.h,pandora_windows_service.cc,
udp_server/udp_server.cc, udp_server/udp_server.h: Properly shutdown
the UDP server.
* modules/pandora_module_regexp.cc,
modules/pandora_module_inventory.cc,
modules/pandora_module_factory.cc,
modules/pandora_module.cc, pandora_strutils.cc,
pandora.h, pandora.cc: Fixed a couple of memory leaks. Small changes
to avoid compile warnings when cross-compiling from Linux.
* windows_service.cc: Removed the interactive service flag to avoid
'black windows'.
* main.cc: Include the memory leak detection tool if debugging is
enabled.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1966 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-09-22 13:48:25 +02:00
|
|
|
interval 300
|
2007-09-14 15:58:12 +02:00
|
|
|
|
2010-05-27 08:59:39 +02:00
|
|
|
# tranfer_modes: Possible values are local, tentacle (default), ftp and ssh.
|
|
|
|
transfer_mode tentacle
|
2008-04-02 15:31:21 +02:00
|
|
|
server_port 41121
|
2007-09-14 15:58:12 +02:00
|
|
|
|
2015-06-03 09:41:31 +02:00
|
|
|
# timeout in seconds for file transfer programs execution (30 by default)
|
|
|
|
#transfer_timeout 30
|
|
|
|
|
2010-05-27 08:59:39 +02:00
|
|
|
# In case of using FTP or tentacle with password. User is always "pandora"
|
2009-10-13 21:15:07 +02:00
|
|
|
#server_pwd pandora
|
2008-04-29 13:27:25 +02:00
|
|
|
|
2015-10-28 14:03:24 +01:00
|
|
|
# Extra options for the Tentacle client (for example: server_opts -v -r 5).
|
|
|
|
#server_opts
|
|
|
|
|
2015-09-22 18:35:19 +02:00
|
|
|
# If set to 1 disables log writing into pandora_agent.log
|
|
|
|
#disable_logfile 1
|
|
|
|
|
2017-07-17 11:26:22 +02:00
|
|
|
# Debug mode renames XML in the temp folder and continues running
|
2009-09-22 Ramon Novoa <rnovoa@artica.es>
* debug_new.h, fast_mutex.h,
debug_new.cpp, static_assert.h: Added to repository. Wu Yongwei's
memory leak detection tool (part of Nvwa). Only compiled when
debugging is enabled.
* bin/util/tentacle_client.exe: Added to repository. Tentacle client
needed to build the installer.
* installer/pandora_2.0.mpi: moved to installer/pandora.mpi. Updated.
The installer can now be built directly from the installer
subdirectory.
* configure.in, Makefile.am, autogen.sh: Created a proper
configure.in and Makefile.am. The agent can now be cross-compiled
from Linux :-D
* bin/pandora_agent.conf: Fixed. A local configuration had been
uploaded.
* pandora_windows_service.h,pandora_windows_service.cc,
udp_server/udp_server.cc, udp_server/udp_server.h: Properly shutdown
the UDP server.
* modules/pandora_module_regexp.cc,
modules/pandora_module_inventory.cc,
modules/pandora_module_factory.cc,
modules/pandora_module.cc, pandora_strutils.cc,
pandora.h, pandora.cc: Fixed a couple of memory leaks. Small changes
to avoid compile warnings when cross-compiling from Linux.
* windows_service.cc: Removed the interactive service flag to avoid
'black windows'.
* main.cc: Include the memory leak detection tool if debugging is
enabled.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1966 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-09-22 13:48:25 +02:00
|
|
|
# debug 1
|
2007-08-23 19:24:56 +02:00
|
|
|
|
2018-09-24 13:13:12 +02:00
|
|
|
# Default 0, set to 1 to avoid module executions and report to server
|
|
|
|
# standby 1
|
|
|
|
|
2014-09-17 23:04:11 +02:00
|
|
|
# XML encoding (ISO-8859-1 by default). Most windows servers experience problems when you set to UTF-8. Other special codepages may be specified here.
|
2014-06-23 15:30:20 +02:00
|
|
|
#encoding ISO-8859-1
|
2010-05-27 08:59:39 +02:00
|
|
|
|
2011-07-28 19:34:51 +02:00
|
|
|
# If set to 1 start Drone Agent's Proxy Mode
|
|
|
|
# proxy_mode 1
|
|
|
|
|
2014-05-20 17:15:45 +02:00
|
|
|
# Max number of simultaneus connection for proxy (by default 10)
|
2011-07-28 19:34:51 +02:00
|
|
|
# proxy_max_connection 10
|
|
|
|
|
|
|
|
# Proxy timeout (by default 1s)
|
|
|
|
# proxy_timeout 1
|
|
|
|
|
2020-09-23 12:04:55 +02:00
|
|
|
# Address the proxy will listen on.
|
|
|
|
#proxy_address 0.0.0.0
|
|
|
|
|
|
|
|
# Port the proxy will listen on.
|
|
|
|
#proxy_port 41121
|
|
|
|
|
2010-05-27 08:59:39 +02:00
|
|
|
# Enable or disable XML buffer.
|
2017-11-07 14:55:59 +01:00
|
|
|
xml_buffer 1
|
2008-06-13 12:32:47 +02:00
|
|
|
|
2016-06-03 11:58:13 +02:00
|
|
|
# Agent mode: Learn (default), No-learn, Autodisable
|
|
|
|
# agent_mode autodisable
|
|
|
|
|
2017-10-26 17:58:44 +02:00
|
|
|
# EHorus configuration file default full path.
|
|
|
|
#It try to find the EKID and set it like a custom field.
|
|
|
|
ehorus_conf "C:\Program Files\ehorus_agent\ehorus_agent.conf"
|
|
|
|
|
2018-04-10 09:49:58 +02:00
|
|
|
# Secondary groups. You can select several groups separated by comma.
|
|
|
|
# secondary_groups Group1,Group2
|
|
|
|
|
2012-04-19 15:18:41 +02:00
|
|
|
# Secondary server configuration
|
|
|
|
# ==============================
|
|
|
|
|
|
|
|
# If secondary_mode is set to on_error, data files are copied to the secondary
|
|
|
|
# server only if the primary server fails. If set to always, data files are
|
|
|
|
# always copied to the secondary server.
|
|
|
|
#secondary_mode on_error
|
|
|
|
#secondary_server_ip localhost
|
|
|
|
#secondary_server_path /var/spool/pandora/data_in
|
|
|
|
#secondary_server_port 41121
|
|
|
|
#secondary_transfer_mode tentacle
|
2015-06-03 09:41:31 +02:00
|
|
|
#secondary_transfer_timeout 30
|
2012-04-19 15:18:41 +02:00
|
|
|
#secondary_server_pwd mypassword
|
|
|
|
#secondary_server_ssl no
|
|
|
|
#secondary_server_opts
|
|
|
|
|
2014-09-29 11:17:56 +02:00
|
|
|
# Example UDP server to be able to execute remote actions such
|
|
|
|
# as starting or stopping process.
|
|
|
|
#udp_server 1
|
|
|
|
#udp_server_port 4321
|
|
|
|
#udp_server_auth_address 192.168.1.23
|
|
|
|
#process_firefox_start firefox
|
|
|
|
#process_firefox_stop killall firefox
|
|
|
|
#service_messenger 1
|
|
|
|
|
2017-10-26 17:58:44 +02:00
|
|
|
###############################################
|
2010-05-27 08:59:39 +02:00
|
|
|
# Module Definition
|
2009-10-13 21:15:07 +02:00
|
|
|
# Check online documentation and module library at http://pandorafms.org
|
2007-08-23 19:24:56 +02:00
|
|
|
# =================
|
2010-05-27 08:59:39 +02:00
|
|
|
|
2017-10-26 17:58:44 +02:00
|
|
|
# CPU Load using WMI
|
|
|
|
module_begin
|
|
|
|
module_name CPU Load
|
|
|
|
module_type generic_data
|
|
|
|
module_wmiquery SELECT LoadPercentage FROM Win32_Processor
|
|
|
|
module_wmicolumn LoadPercentage
|
|
|
|
module_max 100
|
|
|
|
module_min 0
|
|
|
|
module_description User CPU Usage (%)
|
|
|
|
module_min_warning 70
|
|
|
|
module_max_warning 90
|
|
|
|
module_min_critical 91
|
|
|
|
module_max_critical 100
|
|
|
|
module_unit %
|
|
|
|
module_group System
|
|
|
|
module_end
|
|
|
|
|
|
|
|
# Basic info about TCP Connection
|
|
|
|
module_begin
|
|
|
|
module_name TCP_Connections
|
|
|
|
module_type generic_data
|
|
|
|
module_exec netstat -an | find /c /v "estab"
|
|
|
|
module_description Total number of TCP connections active
|
|
|
|
module_group Networking
|
|
|
|
module_end
|
2014-05-30 17:55:42 +02:00
|
|
|
|
2017-10-26 17:58:44 +02:00
|
|
|
# Example plugin to retrieve drive usage
|
|
|
|
module_plugin cscript.exe //B "%ProgramFiles%\Pandora_Agent\util\df_percent_used.vbs"
|
|
|
|
|
|
|
|
# Example plugin to retrieve memory usage
|
|
|
|
module_plugin cscript.exe //B "%ProgramFiles%\Pandora_Agent\util\mem_percent_used.vbs"
|
|
|
|
|
|
|
|
# Example plugin to retrieve network usage
|
|
|
|
module_plugin cscript.exe //B "%ProgramFiles%\Pandora_Agent\util\network.vbs"
|
|
|
|
|
|
|
|
## Windows inventory module (This information will be displayed only in enterprise version)
|
|
|
|
## Please check the WMI is healthy before activate this functionality
|
2014-05-30 17:55:42 +02:00
|
|
|
|
2017-11-07 14:55:59 +01:00
|
|
|
#module_begin
|
|
|
|
#module_plugin cscript.exe //B //t:20 "%PROGRAMFILES%\Pandora_Agent\util\cpuinfo.vbs"
|
|
|
|
#module_crontab * 12-15 * * 1
|
|
|
|
#module_end
|
2014-05-30 17:55:42 +02:00
|
|
|
|
2017-11-07 14:55:59 +01:00
|
|
|
#module_begin
|
|
|
|
#module_plugin cscript.exe //B //t:20 "%PROGRAMFILES%\Pandora_Agent\util\moboinfo.vbs"
|
|
|
|
#module_crontab * 12-15 * * 1
|
|
|
|
#module_end
|
2014-05-30 17:55:42 +02:00
|
|
|
|
2017-11-07 14:55:59 +01:00
|
|
|
#module_begin
|
|
|
|
#module_plugin cscript.exe //B //t:20 "%PROGRAMFILES%\Pandora_Agent\util\diskdrives.vbs"
|
|
|
|
#module_crontab * 12-15 * * 1
|
|
|
|
#module_end
|
2010-05-27 08:59:39 +02:00
|
|
|
|
2017-11-07 14:55:59 +01:00
|
|
|
#module_begin
|
|
|
|
#module_plugin cscript.exe //B //t:20 "%PROGRAMFILES%\Pandora_Agent\util\cdromdrives.vbs"
|
|
|
|
#module_crontab * 12-15 * * 1
|
|
|
|
#module_end
|
2010-05-27 08:59:39 +02:00
|
|
|
|
2017-11-07 14:55:59 +01:00
|
|
|
#module_begin
|
|
|
|
#module_plugin cscript.exe //B //t:20 "%PROGRAMFILES%\Pandora_Agent\util\videocardinfo.vbs"
|
|
|
|
#module_crontab * 12-15 * * 1
|
|
|
|
#module_end
|
2010-05-27 08:59:39 +02:00
|
|
|
|
2017-11-07 14:55:59 +01:00
|
|
|
#module_begin
|
|
|
|
#module_plugin cscript.exe //B //t:20 "%PROGRAMFILES%\Pandora_Agent\util\ifaces.vbs"
|
|
|
|
#module_crontab * 12-15 * * 1
|
|
|
|
#module_end
|
2017-10-26 17:58:44 +02:00
|
|
|
|
2017-11-07 14:55:59 +01:00
|
|
|
#module_begin
|
|
|
|
#module_plugin cscript.exe //B //t:20 "%PROGRAMFILES%\Pandora_Agent\util\monitors.vbs"
|
|
|
|
#module_crontab * 12-15 * * 1
|
|
|
|
#module_end
|
2017-10-26 17:58:44 +02:00
|
|
|
|
2017-11-07 14:55:59 +01:00
|
|
|
#module_begin
|
|
|
|
#module_plugin cscript.exe //B //t:20 "%PROGRAMFILES%\Pandora_Agent\util\printers.vbs"
|
|
|
|
#module_crontab * 12-15 * * 1
|
|
|
|
#module_end
|
2017-10-26 17:58:44 +02:00
|
|
|
|
2017-11-07 14:55:59 +01:00
|
|
|
#module_begin
|
|
|
|
#module_plugin cscript.exe //B //t:20 "%PROGRAMFILES%\Pandora_Agent\util\raminfo.vbs"
|
|
|
|
#module_crontab * 12-15 * * 1
|
|
|
|
#module_end
|
2010-05-27 08:59:39 +02:00
|
|
|
|
2017-11-07 14:55:59 +01:00
|
|
|
#module_begin
|
|
|
|
#module_plugin cscript.exe //B //t:20 "%PROGRAMFILES%\Pandora_Agent\util\software_installed.vbs"
|
|
|
|
#module_crontab * 12-15 * * 1
|
|
|
|
#module_end
|
2010-05-27 08:59:39 +02:00
|
|
|
|
2017-11-07 14:55:59 +01:00
|
|
|
#module_begin
|
|
|
|
#module_plugin cscript.exe //B //t:20 "%PROGRAMFILES%\Pandora_Agent\util\userslogged.vbs"
|
|
|
|
#module_crontab * 12-15 * * 1
|
|
|
|
#module_end
|
2017-10-26 17:58:44 +02:00
|
|
|
|
2017-11-07 14:55:59 +01:00
|
|
|
#module_begin
|
|
|
|
#module_plugin cscript.exe //B //t:20 "%PROGRAMFILES%\Pandora_Agent\util\productkey.vbs"
|
|
|
|
#module_crontab * 12-15 * * 1
|
|
|
|
#module_end
|
2017-10-26 17:58:44 +02:00
|
|
|
|
2017-11-07 14:55:59 +01:00
|
|
|
#module_begin
|
|
|
|
#module_plugin cscript.exe //B //t:20 "%PROGRAMFILES%\Pandora_Agent\util\productID.vbs"
|
|
|
|
#module_crontab * 12-15 * * 1
|
|
|
|
#module_end
|
2017-10-26 17:58:44 +02:00
|
|
|
|
2020-04-14 18:22:00 +02:00
|
|
|
# Service autodiscovery plugin
|
|
|
|
module_plugin "%PROGRAMFILES%\Pandora_Agent\util\autodiscover.exe" --default
|
|
|
|
|
|
|
|
|
2017-10-26 17:58:44 +02:00
|
|
|
#########################################
|
|
|
|
# EXAMPLES #
|
|
|
|
#########################################
|
|
|
|
|
|
|
|
# Example: get Network information using Agent plugin
|
|
|
|
#module_plugin cscript //B "%ProgramFiles%\Pandora_Agent\util\nettraffic.vbs"
|
|
|
|
|
|
|
|
# External inventory plugin
|
|
|
|
#module_begin
|
|
|
|
#module_plugin cscript.exe //B "%ProgramFiles%\Pandora_Agent\util\software_installed.vbs"
|
|
|
|
#module_interval 288
|
|
|
|
## 288 x 5min = 24 hr, one execution per day, using module_interval <factor>
|
|
|
|
#module_end
|
|
|
|
|
|
|
|
# Free Memory
|
|
|
|
#module_begin
|
|
|
|
#module_name FreeMemory
|
|
|
|
#module_type generic_data
|
|
|
|
#module_freepercentmemory
|
|
|
|
#module_description Free memory (%).
|
|
|
|
#module_min_warning 21
|
|
|
|
#module_max_warning 30
|
|
|
|
#module_min_critical 0
|
|
|
|
#module_max_critical 20
|
|
|
|
#module_end
|
|
|
|
|
|
|
|
# Log events
|
|
|
|
#module_begin
|
|
|
|
#module_name System Events (TermService)
|
|
|
|
#module_type async_string
|
|
|
|
#module_logevent
|
|
|
|
#module_description Log Events coming from Terminal Service
|
|
|
|
#module_source System
|
|
|
|
#module_application TermService
|
|
|
|
#module_end
|
|
|
|
|
|
|
|
#module_begin
|
|
|
|
#module_name Security Events (Invalid Login)
|
|
|
|
#module_type async_string
|
|
|
|
#module_description Security log events for invalid login attempt
|
|
|
|
#module_logevent
|
|
|
|
#module_source Security
|
|
|
|
#module_eventcode 529
|
|
|
|
#module_end
|
|
|
|
|
|
|
|
# Check if Dhcp service is enabled
|
|
|
|
#module_begin
|
|
|
|
#module_name DHCP Enabled
|
|
|
|
#module_type generic_proc
|
|
|
|
#module_service Dhcp
|
|
|
|
#module_description Check DCHP service enabled
|
|
|
|
#module_end
|
|
|
|
|
2012-04-25 16:03:50 +02:00
|
|
|
#Antivirus monitoring
|
|
|
|
#This modules checks the antivirus is running on your system, if there is and antivirus
|
|
|
|
#This module gets the last date the signature file was updated and send this date to pandora.
|
2015-07-15 18:16:48 +02:00
|
|
|
#module_begin
|
|
|
|
#module_name Antivirus Last Update
|
|
|
|
#module_type async_string
|
|
|
|
#module_precondition =~ avguard.exe cmd.exe /c tasklist | grep avguard.exe | gawk "{print $1}"
|
|
|
|
#module_exec dir "%ProgramFiles%\Avira\AntiVir Desktop\aevdf.dat" | grep aevdf.dat | gawk "{print $1\" \"$2}"
|
|
|
|
#module_description Last update for Antivirus Signature file
|
|
|
|
#module_end
|
|
|
|
|
2017-10-26 17:58:44 +02:00
|
|
|
# Number processes
|
|
|
|
#module_begin
|
|
|
|
#module_name Number processes
|
|
|
|
#module_type generic_data
|
|
|
|
#module_exec tasklist | gawk "NR > 3 {print$0}" | wc -l
|
|
|
|
#module_description Number of processes running
|
|
|
|
#module_min_warning 175
|
|
|
|
#module_max_warning 249
|
|
|
|
#module_min_critical 250
|
|
|
|
#module_max_critical 300
|
|
|
|
#module_end
|
2015-04-21 11:42:45 +02:00
|
|
|
|
2017-10-26 17:58:44 +02:00
|
|
|
# Example plugin to retrieve drive usage
|
|
|
|
#module_plugin cscript.exe //B "%ProgramFiles%\Pandora_Agent\util\df.vbs"
|
2015-04-21 11:42:45 +02:00
|
|
|
|
2017-10-26 17:58:44 +02:00
|
|
|
# Free space on disk C: (%)
|
|
|
|
#module_begin
|
|
|
|
#module_name FreeDiskC
|
|
|
|
#module_type generic_data
|
|
|
|
#module_freepercentdisk C:
|
|
|
|
#module_description Free space on drive C: (%)
|
|
|
|
#module_min_warning 31
|
|
|
|
#module_max_warning 40
|
|
|
|
#module_min_critical 0
|
|
|
|
#module_max_critical 30
|
|
|
|
#module_end
|
2015-04-21 11:42:45 +02:00
|
|
|
|
2017-10-26 17:58:44 +02:00
|
|
|
# CPU usage percentage
|
|
|
|
#module_begin
|
|
|
|
#module_name CPUUse
|
|
|
|
#module_type generic_data
|
|
|
|
#module_cpuusage all
|
|
|
|
#module_description CPU# usage
|
|
|
|
#module_min_warning 70
|
|
|
|
#module_max_warning 90
|
|
|
|
#module_min_critical 91
|
|
|
|
#module_max_critical 100
|
|
|
|
#module_end
|
2015-04-21 11:42:45 +02:00
|
|
|
|
2017-10-26 17:58:44 +02:00
|
|
|
# Free space on disk D: (%)
|
2015-12-23 10:59:21 +01:00
|
|
|
# module_begin
|
2017-10-26 17:58:44 +02:00
|
|
|
# module_name FreeDiskD
|
|
|
|
# module_type generic_data
|
|
|
|
# module_freepercentdisk D:
|
|
|
|
# module_description Free space on drive D: (%)
|
2015-12-23 10:59:21 +01:00
|
|
|
# module_end
|
2015-05-04 13:45:49 +02:00
|
|
|
|
2015-09-14 12:23:12 +02:00
|
|
|
## Plugin example for custom fields (version, architecture, IP, IPv6, MAC)
|
|
|
|
# module_begin
|
|
|
|
# module_plugin cscript.exe //B //t:20 "%PROGRAMFILES%\Pandora_Agent\util\win_cf.vbs"
|
|
|
|
# module_crontab * 12-15 * * 1
|
|
|
|
# module_end
|
2015-04-21 11:42:45 +02:00
|
|
|
|
2017-10-26 17:58:44 +02:00
|
|
|
# Example plugin to retrieve last 5 min events in log4x format
|
|
|
|
# module_plugin cscript.exe //B "%ProgramFiles%\Pandora_Agent\util\logevent_log4x.vbs" Aplicacion System 300
|
|
|
|
|
2010-05-27 08:59:39 +02:00
|
|
|
# Sample on how to get a value from registry
|
|
|
|
# This returns the last time user launch microsoft Windows update
|
|
|
|
#module_begin
|
|
|
|
#module_name Windows_Update_LastRun
|
|
|
|
#module_type generic_data_string
|
|
|
|
#module_exec getreg LM "SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" SetupWizardLaunchTime
|
|
|
|
#module_description Last date and time user launch microsoft Windows update
|
|
|
|
#module_end
|
|
|
|
|
|
|
|
# Example of a remote TCP check
|
|
|
|
#module_begin
|
2012-04-25 16:03:50 +02:00
|
|
|
#module_name Google Port 80
|
2012-04-25 16:10:15 +02:00
|
|
|
#module_type generic_proc
|
2012-04-25 16:03:50 +02:00
|
|
|
#module_tcpcheck http://www.google.com
|
2010-05-27 08:59:39 +02:00
|
|
|
#module_port 80
|
|
|
|
#module_timeout 5
|
2012-04-25 09:20:59 +02:00
|
|
|
#module_description Check local port 80
|
2010-05-27 08:59:39 +02:00
|
|
|
#module_end
|
|
|
|
|
|
|
|
# Example of regexp matching
|
|
|
|
#module_begin
|
|
|
|
#module_name PandoraAgent_log
|
|
|
|
#module_type generic_data_string
|
|
|
|
#module_regexp C:\archivos de programa\pandora_agent\pandora_agent.log
|
|
|
|
#module_description This module will return all lines from the specified logfile
|
|
|
|
#module_pattern .*
|
|
|
|
#module_end
|
|
|
|
|
|
|
|
# Get processor time from Performance Counter (SPANISH only, check your
|
|
|
|
# locale string) using the Windows Performance tool to
|
|
|
|
# identify proper PerCounter strings. Check documentation for detailed steps.
|
|
|
|
#module_begin
|
|
|
|
#module_name Processor_Time
|
|
|
|
#module_type generic_data
|
|
|
|
#module_perfcounter \Procesador(_Total)\% de tiempo de procesador
|
|
|
|
#module_end
|
|
|
|
|
|
|
|
# Example of module exec, used to know about the memory used by pandora process
|
2010-07-05 11:12:14 +02:00
|
|
|
# grep.exe and gawk.exe are included in the util directory of the agent.
|
2010-05-27 08:59:39 +02:00
|
|
|
#module_begin
|
|
|
|
#module_name PandoraFMS RAM
|
|
|
|
#module_type generic_data
|
2010-07-05 11:12:14 +02:00
|
|
|
#module_exec tasklist | grep Pandora | gawk "{ print $5 }" | tr -d "."
|
2010-05-27 08:59:39 +02:00
|
|
|
#module_end
|
|
|
|
|
|
|
|
# Example of module exec, used get number of active terminal services sessions
|
2010-07-05 11:12:14 +02:00
|
|
|
# Works on Windows 2003. In Windows XP the query.exe and quser.exe files were
|
|
|
|
# moved to %WINDIR%\system32\dllcache. If XP, copy the exe to %WINDIR%\system32
|
|
|
|
#module_begin
|
2010-05-27 08:59:39 +02:00
|
|
|
#module_name Active TS Sessions
|
|
|
|
#module_type generic_data_string
|
2010-07-05 11:12:14 +02:00
|
|
|
#module_exec query session | grep Activ | gawk "{ print $2 }" |wc -l
|
|
|
|
#module_description Number of active TS Sessions
|
2010-05-27 08:59:39 +02:00
|
|
|
#module_end
|
|
|
|
|
|
|
|
# Example of watchdog process opening it if it gets closed
|
|
|
|
# NOTE: This need to enable "Service can interactuate with the deskop" option
|
|
|
|
# in the Pandora FMS Service configuration (Windows Service Control management).
|
|
|
|
#module_begin
|
|
|
|
#module_name TaskManager
|
|
|
|
#module_type generic_proc
|
|
|
|
#module_proc taskmgr.exe
|
|
|
|
#module_description This keeps taskmgr always running in the system
|
|
|
|
#module_async yes
|
|
|
|
#module_watchdog yes
|
|
|
|
#module_start_command c:\windows\system32\taskmgr.exe
|
|
|
|
#module_end
|
|
|
|
|
|
|
|
# Example of watchdog service opening it if it gets closed
|
|
|
|
#module_begin
|
|
|
|
#module_name ServiceVNC_Server
|
|
|
|
#module_type generic_proc
|
|
|
|
#module_service winvnc
|
|
|
|
#module_description Service VNC Server watchdog/service
|
|
|
|
#module_async yes
|
|
|
|
#module_watchdog yes
|
|
|
|
#module_end
|
|
|
|
|
2011-09-08 15:26:19 +02:00
|
|
|
# Example of preconditions
|
|
|
|
#module_begin
|
2012-04-25 09:20:59 +02:00
|
|
|
#module_name Test Precondicion
|
2011-09-08 15:26:19 +02:00
|
|
|
#module_type generic_data
|
2012-04-25 09:20:59 +02:00
|
|
|
#module_precondition < 10 cmd.exe /c echo 5
|
|
|
|
#module_precondition > 10 cmd.exe /c echo 15
|
|
|
|
#module_precondition = 10 cmd.exe /c echo 10
|
|
|
|
#module_precondition != 10 cmd.exe /c echo 5
|
|
|
|
#module_precondition =~ 10 cmd.exe /c echo 10
|
|
|
|
#module_precondition (5,15) cmd.exe /c echo 10
|
2011-09-08 15:26:19 +02:00
|
|
|
#module_freepercentmemory
|
2012-04-25 09:20:59 +02:00
|
|
|
#module_description Precondition test module
|
2011-09-08 15:26:19 +02:00
|
|
|
#module_end
|
|
|
|
|
2012-04-25 09:20:59 +02:00
|
|
|
# Example of postconditions
|
|
|
|
#module_begin
|
|
|
|
#module_name Test Postcondicion
|
|
|
|
#module_type generic_data
|
|
|
|
#module_condition < 10 cmd.exe /c echo min >> c:\log.txt
|
|
|
|
#module_condition > 3 cmd.exe /c echo max >> c:\log.txt
|
|
|
|
#module_condition = 5 cmd.exe /c echo equal >> c:\log.txt
|
|
|
|
#module_condition != 10 cmd.exe /c echo diff >> c:\log.txt
|
|
|
|
#module_condition =~ 5 cmd.exe /c echo regexp >> c:\log.txt
|
|
|
|
#module_condition (3,8) cmd.exe /c echo range >> c:\log.txt
|
|
|
|
#module_exec echo 5
|
|
|
|
#module_description Postcondition test module
|
2014-05-30 17:55:42 +02:00
|
|
|
#module_end
|
2015-09-15 18:22:49 +02:00
|
|
|
|
2017-10-26 17:58:44 +02:00
|
|
|
# Example of native encoding.
|
2015-09-15 18:22:49 +02:00
|
|
|
#module_begin
|
2017-10-26 17:58:44 +02:00
|
|
|
#module_name Written Accent
|
2015-09-15 18:22:49 +02:00
|
|
|
#module_type generic_data_string
|
|
|
|
#module_exec echo Bordón
|
|
|
|
#module_native_encoding OEM
|
|
|
|
#module_end
|
2017-10-26 17:58:44 +02:00
|
|
|
|