2010-06-07 03:36:45 +02:00
|
|
|
# Base config file for Pandora FMS agents
|
2021-11-23 11:28:02 +01:00
|
|
|
# Version 7.0NG.758.1, FreeBSD Version
|
2010-06-07 03:36:45 +02:00
|
|
|
# Licensed under GPL license v2,
|
2020-11-27 13:52:35 +01:00
|
|
|
# Copyright (c) 2003-2021 Artica Soluciones Tecnologicas
|
2010-06-07 03:36:45 +02:00
|
|
|
# http://www.pandorafms.com
|
|
|
|
|
|
|
|
# General Parameters
|
|
|
|
# ==================
|
|
|
|
|
|
|
|
server_ip localhost
|
|
|
|
server_path /var/spool/pandora/data_in
|
|
|
|
temporal /tmp
|
|
|
|
logfile /var/log/pandora/pandora_agent.log
|
2016-12-22 03:14:19 +01:00
|
|
|
|
2011-07-14 17:14:03 +02:00
|
|
|
#include /etc/pandora/pandora_agent_alt.conf
|
|
|
|
#broker_agent name_agent
|
2010-06-07 03:36:45 +02:00
|
|
|
|
|
|
|
# Interval in seconds, 300 by default
|
|
|
|
interval 300
|
|
|
|
|
2017-07-18 13:31:50 +02:00
|
|
|
# Debug mode renames XML in the temp folder and continues running
|
2010-06-07 03:36:45 +02:00
|
|
|
debug 0
|
|
|
|
|
2016-01-20 01:33:23 +01:00
|
|
|
# Optional. UDP Server to receive orders from outside
|
|
|
|
# By default is disabled, set 1 to enable
|
|
|
|
# Set port (41122 by default)
|
|
|
|
# Set address to restrict who can order a agent restart (0.0.0.0 = anybody)
|
|
|
|
#
|
|
|
|
udp_server 0
|
|
|
|
udp_server_port 41122
|
|
|
|
udp_server_auth_address 0.0.0.0
|
|
|
|
|
|
|
|
#process_xeyes_start xeyes
|
|
|
|
#process_xeyes_stop killall xeyes
|
|
|
|
|
2010-06-07 03:36:45 +02:00
|
|
|
# By default, agent takes machine name
|
|
|
|
#agent_name adama
|
|
|
|
|
2014-11-15 23:56:35 +01:00
|
|
|
# To define agent name by specific command, define 'agent_name_cmd'.
|
|
|
|
# (In the following example, agent name is 'hostname_IP')
|
2017-02-20 15:23:18 +01:00
|
|
|
# If set to __rand__ the agent will generate a random name.
|
|
|
|
#agent_name_cmd LANG=C; /bin/echo -n `hostname`; /bin/echo -n "_"; /bin/echo `/sbin/ifconfig eth0 | /bin/grep 'inet addr' | /usr/bin/awk '{print $2;}' | /usr/bin/cut -d: -f2`
|
|
|
|
agent_name_cmd __rand__
|
2014-11-15 23:56:35 +01:00
|
|
|
|
2010-06-07 03:36:45 +02:00
|
|
|
#Parent agent_name
|
|
|
|
#parent_agent_name parent_name
|
|
|
|
|
|
|
|
# Agent description
|
|
|
|
#description Demo agent
|
|
|
|
|
|
|
|
# Group assigned for this agent (descriptive, p.e: Servers)
|
2014-09-13 06:53:38 +02:00
|
|
|
group Servers
|
2010-06-07 03:36:45 +02:00
|
|
|
|
2017-01-16 11:29:23 +01:00
|
|
|
# Group password (if defined).
|
|
|
|
#group_password
|
|
|
|
|
2016-12-22 03:14:19 +01:00
|
|
|
# address: Enforce to server a ip address to this agent
|
|
|
|
# You can also try to detect the first IP using "auto", for example
|
|
|
|
address auto
|
|
|
|
# or setting a fixed IP address, like for example:
|
|
|
|
#address 192.168.36.73
|
|
|
|
|
2010-06-07 03:36:45 +02:00
|
|
|
# Autotime: Enforce to server to ignore timestamp coming from this
|
|
|
|
# agent, used when agents has no timer or it's inestable. 1 to enable
|
|
|
|
# this feature
|
2016-12-22 03:14:19 +01:00
|
|
|
#autotime 1
|
2010-06-07 03:36:45 +02:00
|
|
|
|
|
|
|
# Timezone offset: Difference with the server timezone
|
|
|
|
#timezone_offset 0
|
|
|
|
|
|
|
|
# Agent position paramters
|
|
|
|
# Those parameters define the geographical position of the agent
|
|
|
|
|
2016-01-20 01:33:23 +01:00
|
|
|
# gis_exec: Call a script that returns a string with a fixed
|
|
|
|
# format of latitude,longitude,altitude
|
|
|
|
# i.e.: 41.377,-5.105,2.365
|
|
|
|
|
|
|
|
#gis_exec /tmp/gis.sh
|
|
|
|
|
|
|
|
# This sets the GIS coordinates as fixed values:
|
2010-06-07 03:36:45 +02:00
|
|
|
# latitude
|
|
|
|
#latitude 0
|
|
|
|
# longitude
|
|
|
|
#longitude 0
|
|
|
|
# altitude
|
|
|
|
#altitude 0
|
|
|
|
|
2016-01-20 01:33:23 +01:00
|
|
|
#GPS Position description
|
2010-06-07 03:36:45 +02:00
|
|
|
#position_description Madrid, centro
|
|
|
|
|
|
|
|
# By default agent try to take default encoding defined in host.
|
2016-01-20 01:33:23 +01:00
|
|
|
#encoding UTF-8
|
2010-06-07 03:36:45 +02:00
|
|
|
|
|
|
|
# Listening TCP port for remote server. By default is 41121 (for tentacle)
|
|
|
|
# if you want to use SSH use 22, and FTP uses 21.
|
|
|
|
server_port 41121
|
|
|
|
|
|
|
|
# Transfer mode: tentacle, ftp, ssh or local
|
|
|
|
transfer_mode tentacle
|
|
|
|
|
2017-09-21 10:09:06 +02:00
|
|
|
# Transfer mode user: Owner of files copied on local transfer mode (default apache)
|
|
|
|
#transfer_mode_user apache
|
|
|
|
|
2015-06-03 09:41:31 +02:00
|
|
|
# timeout in seconds for file transfer programs execution (30 by default)
|
|
|
|
#transfer_timeout 30
|
|
|
|
|
2010-06-07 03:36:45 +02:00
|
|
|
# Server password (Tentacle or FTP). Leave empty for no password (default).
|
2015-06-03 09:41:31 +02:00
|
|
|
#server_pwd mypassword
|
2010-06-07 03:36:45 +02:00
|
|
|
|
|
|
|
# Set to yes/no to enable/disable OpenSSL support for Tentacle (disabled by default).
|
2015-06-03 09:41:31 +02:00
|
|
|
#server_ssl no
|
2010-06-07 03:36:45 +02:00
|
|
|
|
2015-10-28 14:03:24 +01:00
|
|
|
# Extra options for the Tentacle client (for example: server_opts -v -r 5).
|
2015-06-03 09:41:31 +02:00
|
|
|
#server_opts
|
2010-06-07 03:36:45 +02:00
|
|
|
|
2011-08-03 11:41:28 +02:00
|
|
|
# delayed_startup defines number of seconds before start execution
|
2010-06-07 03:36:45 +02:00
|
|
|
# for first time when startup Pandora FMS Agent
|
2015-06-03 09:41:31 +02:00
|
|
|
#delayed_startup 10
|
2010-06-07 03:36:45 +02:00
|
|
|
|
|
|
|
# Pandora nice defines priority of execution. Less priority means more intensive execution
|
|
|
|
# A recommended value is 10. 0 priority means no Pandora CPU protection enabled (default)
|
2015-06-03 09:41:31 +02:00
|
|
|
#pandora_nice 0
|
2010-06-07 03:36:45 +02:00
|
|
|
|
|
|
|
# Cron mode replace Pandora FMS own task schedule each XX interval seconds by the use
|
|
|
|
# of old style cron. You should add to crontab Pandora FMS agent script to use this mode.
|
|
|
|
# This is disabled by default, and is not recommended. Use Pandora FMS internal scheduler
|
|
|
|
# is much more safe.
|
2015-06-03 09:41:31 +02:00
|
|
|
#cron_mode
|
2010-06-07 03:36:45 +02:00
|
|
|
|
|
|
|
# If set to 1 allows the agent to be configured via the web console (Only Enterprise version)
|
2016-01-20 01:33:23 +01:00
|
|
|
remote_config 0
|
2010-06-07 03:36:45 +02:00
|
|
|
|
2018-09-24 11:20:47 +02:00
|
|
|
# Default 0, set to 1 to avoid module executions and report to server
|
|
|
|
# standby 1
|
|
|
|
|
2011-04-28 04:37:13 +02:00
|
|
|
# If set to 1 start Drone Agent's Proxy Mode
|
2015-06-03 09:41:31 +02:00
|
|
|
#proxy_mode 1
|
2011-04-28 04:37:13 +02:00
|
|
|
|
|
|
|
# Max number of simmultaneus connection for proxy (by default 10)
|
2015-06-03 09:41:31 +02:00
|
|
|
#proxy_max_connection 10
|
2011-04-28 04:37:13 +02:00
|
|
|
|
|
|
|
# Proxy timeout (by default 1s)
|
2015-06-03 09:41:31 +02:00
|
|
|
#proxy_timeout 1
|
2011-04-28 04:37:13 +02:00
|
|
|
|
2020-09-23 12:04:55 +02:00
|
|
|
# Address the proxy will listen on.
|
|
|
|
#proxy_address 0.0.0.0
|
|
|
|
|
|
|
|
# Port the proxy will listen on.
|
|
|
|
#proxy_port 41121
|
|
|
|
|
2011-04-28 04:37:13 +02:00
|
|
|
# Number of threads to execute modules in parallel
|
|
|
|
#agent_threads 1
|
|
|
|
|
2010-11-19 15:18:34 +01:00
|
|
|
# User the agent will run as
|
2016-01-20 01:33:23 +01:00
|
|
|
#pandora_user pandora
|
|
|
|
|
|
|
|
# Enable or disable XML buffer.
|
|
|
|
# If you are in a secured environment and want to enable the XML buffer you
|
|
|
|
# should consider changing the temporal directory, since /tmp is world writable.
|
|
|
|
xml_buffer 1
|
|
|
|
|
|
|
|
# Minimum available bytes in the temporal directory to enable the XML buffer
|
|
|
|
temporal_min_size 1024
|
2010-11-19 15:18:34 +01:00
|
|
|
|
2018-04-10 09:49:58 +02:00
|
|
|
# Secondary groups. You can select several groups separated by comma.
|
|
|
|
# secondary_groups Group1,Group2
|
|
|
|
|
2015-06-03 09:41:31 +02:00
|
|
|
#Secondary server configuration
|
|
|
|
#==============================
|
2010-06-07 03:36:45 +02:00
|
|
|
|
|
|
|
# If secondary_mode is set to on_error, data files are copied to the secondary
|
|
|
|
# server only if the primary server fails. If set to always, data files are
|
|
|
|
# always copied to the secondary server.
|
2015-06-03 09:41:31 +02:00
|
|
|
#secondary_mode on_error
|
|
|
|
#secondary_server_ip localhost
|
|
|
|
#secondary_server_path /var/spool/pandora/data_in
|
|
|
|
#secondary_server_port 41121
|
|
|
|
#secondary_transfer_mode tentacle
|
|
|
|
#secondary_transfer_timeout 30
|
|
|
|
#secondary_server_pwd mypassword
|
|
|
|
#secondary_server_ssl no
|
|
|
|
#secondary_server_opts
|
2010-06-07 03:36:45 +02:00
|
|
|
|
|
|
|
# Module Definition
|
|
|
|
# =================
|
|
|
|
|
|
|
|
# System information
|
|
|
|
|
|
|
|
# vmstat syntax depends on system configuration, please check before use it
|
|
|
|
module_begin
|
|
|
|
module_name cpu_user
|
|
|
|
module_type generic_data
|
|
|
|
module_interval 1
|
2011-02-01 02:50:55 +01:00
|
|
|
module_exec vmstat -n0 1 2 | tail -1 | awk '{ print $15 }'
|
2010-06-07 03:36:45 +02:00
|
|
|
module_max 100
|
|
|
|
module_min 0
|
|
|
|
module_description User CPU Usage (%)
|
|
|
|
module_end
|
|
|
|
|
|
|
|
module_begin
|
|
|
|
module_name cpu_system
|
|
|
|
module_type generic_data
|
|
|
|
module_interval 1
|
2011-02-01 02:50:55 +01:00
|
|
|
module_exec vmstat -n0 1 2 | tail -1 | awk '{ print $16 }'
|
2010-06-07 03:36:45 +02:00
|
|
|
module_max 100
|
|
|
|
module_min 0
|
|
|
|
module_description System CPU Usage (%)
|
|
|
|
module_end
|
|
|
|
|
|
|
|
module_begin
|
|
|
|
module_name cpu_idle
|
|
|
|
module_type generic_data
|
|
|
|
module_interval 1
|
2011-02-01 02:50:55 +01:00
|
|
|
module_exec vmstat -n0 1 2 | tail -1 | awk '{ print $17 }'
|
2010-06-07 03:36:45 +02:00
|
|
|
module_max 100
|
|
|
|
module_min 0
|
|
|
|
module_description CPU Idle (%)
|
|
|
|
module_end
|
|
|
|
|
|
|
|
module_begin
|
|
|
|
module_name Load Average
|
|
|
|
module_type generic_data
|
|
|
|
module_exec uptime | cut -d "," -f 4 | cut -d ":" -f 2 | sed "s/ //g"
|
|
|
|
module_description Average process in CPU (Last minute)
|
|
|
|
module_end
|
|
|
|
|
|
|
|
module_begin
|
|
|
|
module_name disk_root_free
|
|
|
|
module_type generic_data
|
|
|
|
module_exec df -kh / | tail -1 | awk '{ print 100-$5 }'
|
|
|
|
module_max 100
|
|
|
|
module_min 0
|
|
|
|
module_description Free disk Percentage of root partition
|
|
|
|
module_end
|
|
|
|
|
|
|
|
module_begin
|
|
|
|
module_name memfree
|
|
|
|
module_type generic_data
|
|
|
|
module_exec vmstat -H 1 2 | tail -1 | awk '{print $5}'
|
|
|
|
module_description Unused RAM memory
|
|
|
|
module_end
|
|
|
|
|
|
|
|
module_begin
|
|
|
|
module_name proctotal
|
|
|
|
module_type generic_data
|
|
|
|
module_exec ps -A | wc -l | sed "s/ //g"
|
|
|
|
module_end
|
|
|
|
|
|
|
|
# Process information
|
|
|
|
|
|
|
|
module_begin
|
|
|
|
module_name sshDaemon
|
|
|
|
module_type generic_proc
|
|
|
|
module_exec ps -Af | grep sshd | grep -v "grep" | wc -l | sed "s/ //g"
|
|
|
|
module_end
|
|
|
|
|
|
|
|
# Async data example
|
|
|
|
|
|
|
|
module_begin
|
|
|
|
module_name LastLogin
|
|
|
|
module_type async_string
|
|
|
|
module_exec last | head -1
|
|
|
|
module_end
|
|
|
|
|
2016-01-20 01:33:23 +01:00
|
|
|
|
|
|
|
# This plugin detects all disk and report free space (%)
|
|
|
|
|
2016-12-22 03:14:19 +01:00
|
|
|
module_plugin pandora_df_free
|
2010-06-07 03:36:45 +02:00
|
|
|
|
|
|
|
# This parses /var/log/auth.log file, under the module name "syslog"
|
|
|
|
# And search for "sshd" string into it, sending only that information.
|
|
|
|
|
|
|
|
module_plugin grep_log /var/log/auth.log Syslog sshd
|
|
|
|
|
|
|
|
# Plugin for inventory on the agent (Only Enterprise)
|
2014-09-13 06:53:38 +02:00
|
|
|
# module_plugin inventory 1 cpu ram video nic hd cdrom software init_services filesystem users route
|
2016-01-20 01:33:23 +01:00
|
|
|
|
|
|
|
# Log collection modules. Only for enterprise version, this will collect log files for forensic analysis.
|
|
|
|
# This is for LOG monitoring, only on enterprise version
|
|
|
|
#module_plugin grep_log_module /var/log/messages Syslog \.\*
|