pandorafms/pandora_server/conf/pandora_server.conf.new

683 lines
21 KiB
Plaintext
Raw Normal View History

#############################################################################
# Pandora FMS Server Parameters
# Pandora FMS, the Flexible Monitoring System.
2021-04-19 16:09:29 +02:00
# Version 7.0NG.754
# Licensed under GPL license v2,
2020-11-27 13:52:35 +01:00
# (c) 2003-2021 Artica Soluciones Tecnologicas
# http://www.pandorafms.com
# Please change it for your setup needs
#############################################################################
# Servername: Name of this server
# if not given, it takes hostname. It's preferable to setup one
# because machine name could change by some reason.
#servername greystone
# incomingdir: Defines directory where incoming data packets are stored
# You could set directory relative to base path or absolute, starting with /
incomingdir /var/spool/pandora/data_in
# log_file: Main logfile for pandora_server
# You could set file relative to base path or absolute, starting with /
log_file /var/log/pandora/pandora_server.log
# Log file for Pandora FMS SNMP console. Its generated by NetSNMP Trap daemon
# If you change it, please update the file /etc/logrotate.d/pandora_server accordingly.
snmp_logfile /var/log/pandora/pandora_snmptrap.log
# Error logfile: aux logfile for pandora_server errors (in Daemon mode)
# You could set file relative to base path or absolute, starting with /
errorlog_file /var/log/pandora/pandora_server.error
# daemon: Runs in daemon mode (background) if 1, if 0 runs in foreground
# this could be also configured on commandline with -D option
# daemon 1
2017-12-04 11:37:08 +01:00
# dbengine: mysql
dbengine mysql
# Database credentials. A VERY important configuration.
# This must be the same credentials used by your Pandora FMS Console
# but could be different if your console is not running in the same
# host than the server. Check your console setup in /include/config.php
# dbname: Database name (pandora by default)
dbname pandora
# dbuser: Database user name (pandora by default)
dbuser pandora
# dbpass: Database password
dbpass pandora
# dbhost: Database hostname or IP address
dbhost 127.0.0.1
# dbport: Database port number
2017-12-04 11:37:08 +01:00
# Default value depends on the dbengine (mysql: 3306)
#dbport 3306
# By default, parent agent will not be updated
#update_parent 0
# verbosity: level of detail on errors/messages (0 default, 1 verbose, 2 debug.... 10 noisy)
# -v in command line (verbose) or -d (debug). Set this to 10 when try to locate problems and
2014-09-16 16:15:25 +02:00
# set to 1 or 3 on production enviroments.
2014-09-16 16:15:25 +02:00
verbosity 3
# Master Server priority. The running server with the highest master value will
# be the master. Ties are broken at random. If set to 0, this server will
# never become master.
master 1
# Activate Pandora SNMP console (depending on snmptrapd)
snmpconsole 0
# snmpconsole_threads: number of SNMP console threads for processing SNMP traps.
snmpconsole_threads 1
# Attempt to translate variable bindings when processing SNMP traps. 1 enabled, 0 disabled. 0 by default. (ENTERPRISE ONLY).
translate_variable_bindings 0
# Attempt to translate enterprise strings when processing SNMP traps. 1 enabled, 0 disabled. 1 by default. (ENTERPRISE ONLY).
translate_enterprise_strings 0
# snmptrapd will ignore authenticationFailure traps if set to 1.
snmp_ignore_authfailure 1
# snmptrapd will read the PDU source address instead of the agent-addr field is set to 1.
snmp_pdu_address 0
# Path to the snmp_trapd binary. If set to manual, the server will not attemp to start snmp_trapd.
#snmp_trapd manual
2017-12-04 11:37:08 +01:00
# SNMP Trap forwarding. Go to http://wiki.pandorafms.com for more information.
#snmp_forward_trap 1
#snmp_forward_ip 192.168.1.145
#snmp_forward_version 1
#snmp_forward_secName
#snmp_forward_engineid
#snmp_forward_authProtocol
#snmp_forward_authPassword
#snmp_forward_privProtocol
#snmp_forward_privPassword
#snmp_forward_secLevel
2018-02-12 10:08:46 +01:00
#snmp_forward_community
2017-12-04 11:37:08 +01:00
# Activate (1) Pandora Network Server
networkserver 1
# Activate (1) Pandora Data Server
dataserver 1
2019-11-18 10:04:47 +01:00
# Activate (1) Pandora FMS Discovery server
2019-11-18 10:04:47 +01:00
discoveryserver 1
# Discovery SAP (PANDORA FMS ENTERPRISE ONLY)
# java /usr/bin/java
# Discovery SAP utils (PANDORA FMS ENTERPRISE ONLY)
# sap_utils /usr/share/pandora_server/util/recon_scripts/SAP
2020-02-18 16:43:36 +01:00
# Discovery Microsoft SQL ODBC driver (PANDORA FMS ENTERPRISE ONLY)
# mssql_driver ODBC Driver 17 for SQL Server
# pluginserver : 1 or 0. Set to 1 to activate plugin server with this setup
pluginserver 1
# Pandora FMS Plugin exec tool filepath (by default at /usr/bin)
plugin_exec /usr/bin/timeout
# predictionserver : 1 or 0. Set to 1 to activate prediction server with this setup
# DISABLED BY DEFAULT
predictionserver 0
# wmiserver : 1 or 0. Set to 1 to activate WMI server with this setup
# DISABLED BY DEFAULT
wmiserver 1
# Network timeout (in seconds) for timeout in network connections for Network agents
network_timeout 4
2019-11-13 16:41:36 +01:00
# Network timeout (in seconds) for timeout in remote execution commands (PANDORA FMS ENTERPRISE ONLY).
rcmd_timeout 10
2019-11-13 16:41:36 +01:00
# Pandora FMS remote execution commands timeout tool filepath (by default at /usr/bin)
rcmd_timeout_bin /usr/bin/timeout
# Remote execution modules, ssh_launcher extra option (PANDORA FMS ENTERPRISE ONLY).
ssh_launcher /usr/share/pandora_server/util/ssh_launcher.sh
# Server keepalive (in seconds)
server_keepalive 45
# Log server thread status to disk (always set to 0, except when debugging).
thread_log 0
# Server Threshold: defines number of seconds of main loop (in sec)
server_threshold 5
# Network threads: Do not set too high (~40). Each threads make a network module check.
network_threads 4
# icmp_checks x : defines number of pings for each icmp_proc module type. at least one of
# that ping should be 1 to report 1. Setting this to 1 will make all icmp montioring faster but
# with more probability of failure.
icmp_checks 1
# Number of ICMP packets to send per request.
icmp_packets 2
# tcp specific options :
# tcp_checks: number of tcp retries if first attempt fails.
# tcp_timeout: specific timeout for tcp connections
tcp_checks 1
tcp_timeout 10
# snmp specific options :
# snmp_checks: number of snmp request retries if first attempt fails.
# snmp_timeout: specific timeout for snmp request.
snmp_checks 1
snmp_timeout 4
# snmp_proc_deadresponse 1 (default): Return DOWN if cannot contact
# or receive NULL from a SNMP PROC module.
snmp_proc_deadresponse 1
# plugin_threads: Specify number of plugin server threads for processing plugin calls
plugin_threads 1
# plugin_timeout: Specify number of seconds calling plugin exec waiting for response
# after this time, call is aborted and result is "unknown".
plugin_timeout 12
# wmi_timeout : specific timeout for wmi request.
wmi_timeout 7
# wmi_threads: Specify number of WMI server threads for processing WMI remote calls
wmi_threads 1
# recon_threads. Each thread will scan a different scantask.
recon_threads 1
# dataserver_threads: Number of threads for data server (XML processing threads)
dataserver_threads 1
# mta_address: External Mailer (MTA) IP Address to be used by Pandora FMS internal email capabilities
2019-09-11 12:42:52 +02:00
# If not set, the MTA configuration specified in the Pandora FMS Console will be used.
2019-09-11 12:42:52 +02:00
#mta_address localhost
# mta_port, this is the mail server port (default 25)
#mta_port 25
# mta_user MTA User (if needed for auth, FQD or simple user, depending on your server)
#mta_user myuser@mydomain.com
# mta_pass MTA Pass (if needed for auth)
#mta_pass mypassword
# mta_auth MTA Auth system (if needed, it supports LOGIN, PLAIN, CRAM-MD5, DIGEST-MD)
#mta_auth LOGIN
# mta_from Email address that sends the mail, by default is pandora@localhost
# probably you need to change it to avoid problems with your antispam
#mta_from Pandora FMS <pandora@mydomain.com>
# SMTP encryption protocol (none, ssl, starttls)
#mta_encryption none
# Set 1 if want eMail deliver alert in separate mail (default).
# Set 0 if want eMail deliver shared mail by all destination.
mail_in_separate 1
# xprobe2: Optional package to detect OS types using advanced TCP/IP
# fingerprinting tecniques, much more accurates than stadard nmap.
# If not provided, nmap is used insted xprobe2
xprobe2 /usr/bin/xprobe2
# nmap: If provided, is used to detect OS type with recon server using
# advanded OS fingerprint technique. Xprobe2 gives more accurate results
# Nmap is also used to do TCP port scanning in detected host.
nmap /usr/bin/nmap
# Default path is /usr/sbin/fping for installation default in distro Centos , if you are installing in other distribution,
# you install fping in /usr/bin/fping and change the path in this line.
2014-12-05 11:07:07 +01:00
# Path to the fping binary. Used by the Enterprise ICMP Server.
fping /usr/sbin/fping
# fping /usr/bin/fping
2014-12-05 11:07:07 +01:00
# A value that specifies how aggressive nmap should be from 1 to 5. 1 means slower but more reliable, 5 means faster but less reliable. 2 by default.
nmap_timing_template 2
# Like nmap_timing_template, but applies to Satellite Server and Recon Server network scans. 3 by default.
recon_timing_template 3
# snmpget: Needed to do SNMP checks. By default is on /usr/bin/snmpget
snmpget /usr/bin/snmpget
# Location of the braa binary needed by the Enterprise SNMP Server
# /usr/bin/braa by default (PANDORA FMS ENTERPRISE ONLY).
braa /usr/bin/braa
# Number of retries before braa hands a module over to the Network Server (PANDORA FMS ENTERPRISE ONLY).
braa_retries 3
# Location of the pandorafsnmp binary needed by the Enterprise SNMP Server.
# /usr/bin/pandorafsnmp by default (PANDORA FMS ENTERPRISE ONLY).
fsnmp /usr/bin/pandorafsnmp
# Default group id for new agents created with Pandora FMS Data Server
# If this token is enabled and Agent is setup with a fixed group, server settings will override agent settings
# If this token is disabled and group is not provided in the agent, or provided group doesn't exist, agent data
# will be dropped. We use the Group ID #10 (Unknown) for a "valid" default value, please change as your own decision.
autocreate_group 10
# If set to 1, new agents will be added to the group specified by autocreate_group (the group specified by the agent will be used as fallback).
# If set to 0, new agents will be added to the group specified by the agent (the group specified by autocreate_group will be used as fallback).
2020-03-03 12:52:58 +01:00
autocreate_group_force 0
# Set to 1 if want to autocreate agents with Pandora FMS Data Server,
# set to 0 to disable (for security purposes, for example).
autocreate 1
# max_log_size: Specify max size of Pandora FMS server log file (1MB by default). If
2014-09-16 12:27:39 +02:00
# log file grows above this limit, is renamed to "pandora_server.log.0".
max_log_size 1048576
2014-09-16 12:27:39 +02:00
# max_log_generation: Specify max generation count (between 1 and 9) of Pandora FMS server log files.
max_log_generation 1
# max_queue_files (5000 by default)
# When server have more than max_queue_files in incoming directory, skips the read
# the directory to avoid filesystem overhead.
max_queue_files 5000
# If set to 0, the timestamp attribute in XML data files will be ignored and the system time will be used instead.
# use_xml_timestamp 1
# Pandora FMS will autorestart itself each XXX seconds, use this if you experience problems with
# shutting down threads, or other stability problems.
# auto_restart 86400
# Pandora FMS will restart after restart_delay seconds on critical errors.
restart 1
restart_delay 60
# More information about GIS Setup in /usr/share/pandora_server/util/gis.README
# Flag to activate GIS (positional information for agents and maps)
# by default it is desactivated
#activate_gis 0
# Radius of error in meters to consider two gis locations as the same location.
#location_error 50
2010-02-10 Sancho Lerena <slerena@artica.es> * bin/pandora_server: Better error management, avoiding to show Enterprise loading errors, and showing in console critical errors, helping to identify silly errors like DB credentials, etc. Added usage of pandora_get_sharedconfig() to get configuration from DB. * Config.pm: Updated build. Added pandora_get_sharedconfig(). Force three config tokens to be readed from DB, using default values if cannot be readen from database (agentaccess, realtimestat and stats_interval). * Core.pm: Added new parameter to pandora_event() to pass status of the event (validated, not validated). Implemented auto-validation of low priority events: normal/ok events will be always shown as autovalidated, and warning and normal events will be validated with critical events, and when a module is restored (normal/ok), all it's warning/critical pending events will be validated. Fixed also bug with FF Threshold who doesnt' trigger events until FF + 1 instead FF value. * Server.pm, NetworkServer.pm, Dataserver.pm, ReconServer.pm: Raise event with status 0 (non validated) by default. * NetworkServer.pm: Implemented support for SNMP v3. * util/pandora_db.pm: Very important upgrade to this script. Now will delete all huge tables (tagente_datos, tagente_datos_string and tagent_acccess) using several independent blocks (by default 100) avoiding mysql locks which happen in the past. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@2341 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2010-02-10 18:32:10 +01:00
# Recon reverse geolocation file. This is the database with the reverse
# geolocation information using MaxMind GPL GeoLiteCity.dat format).
# Comment it to disable the IP geolocation on agent creation.
#recon_reverse_geolocation_file /usr/local/share/GeoIP/GeoIPCity.dat
# Radius (in meters) of the circle in where the agents will be place randomly
# when finded by a recon task. Center of the circle is guessed
# by geolocating the IP.
#recon_location_scatter_radius 1000
# Pandora Server self-monitoring (embedded agent) (by default enabled)
self_monitoring 1
# Self monitoring interval (in seconds).
self_monitoring_interval 300
2019-10-22 11:54:27 +02:00
# Pandora Sample Agent. If enabled, every 10 minutes, this embedded agent
# will make sample data. Disabled by default.
sample_agent 0
# Pandora Sample Agent interval (in seconds).
sample_agent_interval 600
# Update parent from the agent xml
2020-03-03 12:52:58 +01:00
update_parent 1
#
#
# This enable realtime reverse geocoding using Google Maps public api.
# This requires internet access, and could have performance penalties processing GIS
# information due the connetion needed to resolve all GIS input.
# NOTE: If you dont pay the service to google, they will ban your IP in a few days.
# google_maps_description 1
# This enable realtime reverse geocoding using Openstreet Maps public api.
# This requires internet access, and could have performance penalties processing GIS
# information due the connetion needed to resolve all GIS input.
# You can alter the code to use a local (your own) openstreet maps server.
# openstreetmaps_description 1
2021-03-18 16:12:39 +01:00
# Enable (1) or disable (0) Pandora FMS Web Server/Goliat.
webserver 1
2021-03-18 16:12:39 +01:00
# Number of threads for the Web Server/Goliat.
web_threads 1
# Default timeout (in seconds) for web modules.
web_timeout 60
# Uncomment to perform web checks with LWP instead of CURL.
#web_engine lwp
# Enable (1) or disable (0) Pandora FMS Inventory Server (PANDORA FMS ENTERPRISE ONLY).
inventoryserver 1
# Number of threads for the Web Server (PANDORA FMS ENTERPRISE ONLY).
inventory_threads 1
# Enable (1) or disable (0) Pandora FMS Export Server (PANDORA FMS ENTERPRISE ONLY).
exportserver 0
# Number of threads for the Export Server (PANDORA FMS ENTERPRISE ONLY).
export_threads 1
# Enable (1) or disable (0) Pandora FMS Event Server (PANDORA FMS ENTERPRISE ONLY).
eventserver 0
2019-11-19 11:56:11 +01:00
# Correlated alerts, event window in seconds (3600 by default) (PANDORA FMS ENTERPRISE ONLY).
event_window 3600
2019-11-19 11:56:11 +01:00
# Correlated Alerts, log window in seconds (3600 by default) (PANDORA FMS ENTERPRISE ONLY).
log_window 3600
# Pre-load windows on start with available information. (PANDORA FMS ENTERPRISE ONLY).
#preload_windows 0
2021-04-14 22:36:56 +02:00
# Correlated Alerts, group cache ttl (in seconds). Set to 0 to disable. (PANDORA FMS ENTERPRISE ONLY).
#event_server_cache_ttl 10
2021-04-27 14:59:59 +02:00
# Log retrieving, items per request. (High values could make elasticsearch crash)
#elastic_query_size 10
# If set to 1, an alert will not be fired if the last event it generated is in 'in-process' status.
event_inhibit_alerts 0
# Enable (1) or disable (0) Pandora FMS Enterprise ICMP Server (PANDORA FMS ENTERPRISE ONLY).
# You need nmap 5.20 or higher in order to use this !
icmpserver 1
# Number of threads for the Enterprise ICMP Server (PANDORA FMS ENTERPRISE ONLY).
icmp_threads 4
# Enable (1) or disable (0) Pandora FMS Enterprise SNMP Server (PANDORA FMS ENTERPRISE ONLY).
# Check braa tool is running and operative.
snmpserver 1
# Number of threads for the Enterprise SNMP Server (PANDORA FMS ENTERPRISE ONLY).
snmp_threads 4
# Pandora FMS TransactionalServer (PANDORA FMS ENTERPRISE ONLY).
transactionalserver 0
# Threshold for the Transactional Server (PANDORA FMS ENTERPRISE ONLY).
transactional_threshold 2
# Block size for block producer/consumer servers, that is, the number of modules
# per block (15 by default) (PANDORA FMS ENTERPRISE ONLY).
block_size 20
# If set to 1, process XML data files in a stack instead of a queue. 0 by default.
# WARNING: Incremental modules will not work properly if dataserver_lifo is set to 1!!!
dataserver_lifo 0
# If set to 1, the policy manager is enabled and the server is listening the policy queue.
# 0 by default (PANDORA FMS ENTERPRISE ONLY)
policy_manager 1
# If set to 1, the event replicate process is enabled. 0 by default. (PANDORA FMS ENTERPRISE ONLY)
# WARNING: This process doesn't do anything if is not properly configured from the console setup
event_replication 0
# If set to 1, new events validate older event for the same module. This will
# affect the performance of the server. This was the "normal behaviour" on previous (4.x) versions.
# disable only if you really know what you are doing !!.
event_auto_validation 1
# If defined, events generated by Pandora FMS will be written to the specified text file.
#event_file /var/log/pandora/pandora_events.txt
# Set the maximum number of traps that will be processed from a single source in a
# configured time interval.
snmp_storm_protection 25
# Time interval for snmp_storm protection (in seconds).
snmp_storm_timeout 10
2020-10-28 10:57:21 +01:00
# Silenced time period in seconds, when trap storm is detected
snmp_storm_silence_period 300
# Default texts for some events. The macros _module_ and _data_ are supported.
#text_going_down_normal Module '_module_' is going to NORMAL (_data_)
#text_going_up_critical Module '_module_' is going to CRITICAL (_data_)
#text_going_up_warning Module '_module_' is going to WARNING (_data_)
#text_going_down_warning Module '_module_' is going to WARNING (_data_)
#text_going_unknown Module '_module_' is going to UNKNOWN
# Events older that the specified time (in seconds) will be auto-validated. Set to 0 to disable this feature.
event_expiry_time 0
# Only events more recent than the specified time window (in seconds) will be auto-validated. This value must
# be greater than event_expiry_time.
#event_expiry_window 86400
# If set to 1, SNMP modules run by the Network Server will be claimed back by
# the SNMP Enterprise Server when pandora_db is run.
claim_back_snmp_modules 1
# If set to 1 asynchronous modules that do not receive data for twice their
# interval will become normal. Set to 0 to disable.
async_recovery 1
# Console API credentials.
# Required for some features like the module graphs macros.
# console_api_url: Api URL (http://localhost/pandora_console/include/api.php by default)
# console_api_url http://localhost/pandora_console/include/api.php
# console_api_pass: Api pass
# console_api_pass 1234
# Passphrase used to generate the key for password encryption (PANDORA FMS ENTERPRISE ONLY).
#encryption_passphrase passphrase
# Enable (1) or disable (0) events related to the unknown module status.
unknown_events 1
# Time interval (as a multiple of the module interval) before a module becomes unknown. Twice the module's interval by default.
#unknown_interval 2
# Maximum executing time of an alert (in seconds)
global_alert_timeout 15
# If set to 1 allows PandoraFMS Server to be configured via the web console (PANDORA FMS ENTERPRISE ONLY).
remote_config 0
# Remote address to send the configuration file (PANDORA FMS ENTERPRISE ONLY).
remote_config_address localhost
# Remote port to send the configuration file (PANDORA FMS ENTERPRISE ONLY).
#remote_config_port 41121
# Extra options for the Tentacle client to send the configuration file (PANDORA FMS ENTERPRISE ONLY).
#remote_config_opts
# Module status change events will not be generated and module alerts will not
# be executed for the specified number of seconds since the server starts up.
warmup_event_interval 0
# Modules will not become unknown (so no unknown events will be generated) and
# keepalive modules will not be updated for the specified number of seconds
# since the server starts up.
warmup_unknown_interval 300
# Directory were additional enc files for the XML parser are located.
enc_dir /usr/share/pandora_server/enc/
# The number of times dynamic_min and dynamic_max will be recalculated per dynamic_interval.
# Go to http://wiki.pandorafms.com/ for more information.
dynamic_updates 5
2017-12-04 11:37:08 +01:00
#dynamic_warning
#dynamic_constant
# Periodically update unknown modules (1), instead of only once (0). Periodic
# updates may affect server performance.
unknown_updates 0
# Enable (1) or disable (0) the Pandora FMS WUX Server (PANDORA FMS ENTERPRISE ONLY).
wuxserver 0
# Host of the Selenium Grid Server.
#wux_host localhost
# Port of the Selenium Grid Server.
#wux_port 4444
2017-12-01 12:26:13 +01:00
# Maximum timeout to connect to a target web site, also for communications with a Selenium Grid server.
#wux_webagent_timeout 15
2020-04-22 16:09:12 +02:00
# Force closing previous sessions on remote wux_host, only for Selenium Grid server 3.
#clean_wux_sessions 1
# Enable (1) or disable (0) the Pandora FMS Syslog Server (PANDORA FMS ENTERPRISE ONLY).
syslogserver 1
# Full path to syslog's output file (PANDORA FMS ENTERPRISE ONLY).
syslog_file /var/log/messages
# Number of threads for the Syslog Server (PANDORA FMS ENTERPRISE ONLY).
syslog_threads 2
# Maximum number of lines queued by the Syslog Server's producer on each run (PANDORA FMS ENTERPRISE ONLY).
syslog_max 65535
2019-07-15 15:43:53 +02:00
# Sync Server
#syncserver
2017-12-04 11:37:08 +01:00
# Port tentacle server
#sync_port 41121
# Sync certificate path of the authenticating CA
#sync_ca /home/cacert.pem
# Sync server certificate path
#sync_cert /home/tentaclecert.pem
# Sync server certificate private key path
#sync_key /home/tentaclekey.pem
# Sync number of attempts
#sync_retries 3
# Sync timeout
2018-01-31 13:34:43 +01:00
#sync_timeout 10
2019-07-15 15:43:53 +02:00
# Address
2018-02-12 10:08:46 +01:00
# sync_address
# Pandora FMS Database HA Tool execution interval in seconds (PANDORA FMS ENTERPRISE ONLY).
ha_interval 30
# Pandora FMS Database HA Tool monitoring interval in seconds. Must be a multiple of ha_interval (PANDORA FMS ENTERPRISE ONLY).
ha_monitoring_interval 60