tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

2006-12-26 Manuel Arostegui <marostegui@artica.es> 

* en/pandora_introduction.xml, pandora_advanced.xml, pandora_install.xml
          : Text corrections.

        * en/man/pandora.1, pandora_agents.1, pandora, pandora_agents,
          pandora_console.1, pandora_console, pandora_server.1, pandora_server
          : Added to repository. Pandora Man Pages




git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@337 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
marostegui 2006-12-26 11:59:49 +00:00
parent b8b48e43c6
commit 263a992040
12 changed files with 2696 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
pandora_doc/ChangeLog
View File

@ -1,3 +1,12 @@
2006-12-26 Manuel Arostegui <marostegui@artica.es>
* en/pandora_introduction.xml, pandora_advanced.xml, pandora_install.xml
: Text corrections.
* en/man/pandora.1, pandora_agents.1, pandora, pandora_agents,
pandora_console.1, pandora_console, pandora_server.1, pandora_server
: Added to repository. Pandora Man Pages
2006-12-25 Raul Mateos <raulofpandora@gmail.com>
* pandora_chapter3.xml: Explanation of monitor added. Solved error with
@ -35,7 +44,7 @@
2006-11-30 Sancho Lerena <slerena@artica.es>
* pandora.xml: Updated header, fixed problems with punctuation
chars, and added subtitle. Add revision.
chars, and added subtitle. Add revision.
* .pdf: Updated PDF.

352
pandora_doc/en/man/pandora Normal file
View File

@ -0,0 +1,352 @@
.TH PandoraFMS
.SH NAME
pandorafms - Pandora Free Monitoring System User Guide
.SH AVAILABILITY
Linux, AIX, Solaris, Windows...
.SH DESCRIPTION
This is the user guide for Pandora FMS. This is not the full version, full version contains images, you will be able to find at www.pandorafms.net
.SH NOTES
This is the main Pandora User Guide. If you have this man page also, you are supposed to have also pandora_agent, pandora_network, pandora_server and pandora_console man pages.
.SH SYPNOSYS
Pandora FMS is a monitoring application to watch systems and applications. Pandora allows to know the
status of any element of your bussiness systems. Pandora watch for your hardware, your software, your
multilayer system and of course your Operating System. Pandora could detect a network interface down
and the movement of any value of the NASDAQ new technology market. If you want, Pandora could sent
a SMS message when your systems fails... or when Google value low below US$ 330.
Pandora FMS will adjust, like an octopus, to your systems and requirements, because it has been
designed to be open, modular, multiplattform and easy to customize.
.B Pandora architecture:
.I Web Console
.br
Pandoras user interface. The user controls and operates the system with it. Several Web
consoles can be implemented in a single system. The Web console is written in PHP, and it is over a
database and a Web server. It is compatible with any platform - GNU/Linux, Solaris, Win2000, AIX,
etc.T official supported platform is GNU/Linux, though
The console permits the user to control the status of the agents, view statistical information, generate
graphs and data tables, keep a system incident control,moreover it is able to generate reports and
change the alerts, agents, and user profile settings.
.I Server
.br
In Pandora 1.2 there are three different servers:
The core server is the receptor of the data packages and generates the alerts - it is the brain of the
system. Several servers can work alongside for larger systems. The core server accesses Pandora
database, which is shared with the Web server, and stores the processed data packages. Server executes
as daemon, and processes the packages stored in its file system. Data is generated by the system
agents. Despite the servers low system resources comsumption and simple installation and operation,
the core server is the most critical element of the system. The core server receives and processes the
produced data, and fires the alerts and the events.
The Network Servers monitorize remote systems using network resources like ICMP, TCP, UDP or
SNMP Queries. Network Servers are acting itself like "Network Agents". This server fires the alerts
and the events for this modules.
The SNMP Server receives and processes the snmp traps, and fires the alerts associated to it.
.I Central Database
.br
At the moment the system only supports MySQL. The central database keeps all
the information Pandora needs to work - agent data, settings, user information, incidents, system
settings, etc. The system can use a MySQL cluster to store the information, or a High Availability
(HA) solution for larger sytems.
This database can work with any of the platform officially supported by MySQL. Pandora can be
implemented with MySQL versions from 3.0 to 5.0, although the latest is recommended.
.I Pandora Agents
.br
They collect all the systems data. They are executed in each local system, although
they can also collect remote information by intalling monitoring sytems for the agent in several
different machines - called satellite agents.
They have been developed to work under a specific platform, making use of the specific tools of the
used language: ShellScripting for Unix - which includes GNU/Linux, Solaris, AIX, HP-UX and BSD,
as well as the Nokias IPSO. Pandora agents can be developed in virtually any language, given its
simple API and being open source. Windows agent are developed in a free development environment
for C++ and uses the same interface and modularity than Unix agents.
The old agent for Windows plattforms was developed on VBS Scripting language, and is deprecated
with the new Pandora 1.2 windows agent.
.B What kind of systems/ services can be monitored?
At present, with Pandora any process or system that through a command returns a value can be
monitored, as well as any value in any Operating System log file or similar. Some examples of already
existing implementations below:
Number of connections (sessions) of Checkpoint FW-1
Number of NAT sessions of Checkpoint FW-1
Number of connections of Linux NetFilter / IPTables firewall
Number of FW-1 logged packets
Number of FW-1 dropped packets
Number of FW-1 accepted packets
State of High Availability in FW1 NG
Last policy installed in a Firewall-1 module
Synchronization state of the modules in FW1 NG
CPU of the system: idle, user and system
Number of processes of the system
Temperature of the CPU of a system
Value of a MS Windows registry entry
Queued jobs in a generic dispatcher
Memory of the system: free, swap, kernel Fw-1, cache
Percentage of free space on disc (for different partitions)
Messages processed by a mail gateway
Existence of a string in a text file
IP traffic (filtering based on the connections of the firewall)
Hits of pages in HTTP Servers (Apache, iPlanet, IIS, Netscape)
Percentage of erroneous packets in a Gateway
Connections established in a Remote Access Server (RAS)
Size of a file
Open sessions by a VPN server
MySQL Performance: Threads, queries, sessions...
Snort system state
Reported events by IDS (Snort) up to six levels of priority
Network load
Number of local Connections (TCP, UDP, Unix sockets)
Detected viruses by a Web Antivirus Gateway
ICMP latency time towards a host
Rate of average transference in a file transfer tool
Number of DNS requests attended by a server (including types)
Number of FTP sessions attended by a FTP server
(Generic) State of any active process / service in the system
(Generic) State of any countable parameter of the system
.B Information gathering with Pandora agents
.br
Pandora agents are based on native languages in every platform: scripts that can be written in any
language. Its possible to reproduce any agent in any programming language and can be extended
without difficulty the existing ones in order to cover aspects not taken into account up to the moment.
These scripts are formed by modules that each one gathers a "chunk" of information. Thus, every agent
gathers several "chunks" of information; this one is organized in a data set and stored in a single file,
called data file.
The process of transferring the data file from the agent to the server is made regularly at a defined time
interval in the agent configuration file, pandora_agent.conf. Its possible to modify that parameter in
order to do not fill the database with non-relevant information, either load the network or affect the
system performance. The default interval is 300 (seconds), which is equivalent to five minutes. Minor
values of 100 (seconds) are not recommended since host performance could be affected, besides loading
excessively Database and the Operating System of Pandora Server. Pandora is not a real time system; its
an applications and systems general monitoring system in environments that are not critical at real time.
Packets transfers are made via SSH, with DSA authentication (although also RSA can be used). The
process is completely safe since neither any password nor unencrypted confidential information is sent.
Confidentiality, integrity and authentication of the connections between the agent and the server are
ensured. In the Agents and Server Installation and Configuration guides, the process of generation of
keys to do the automatic SCP transfer is detailed.
Also the transfer via FTP or any other file transfer system could be made, although SSH has been chosen
for security and compatibility with most of the systems in the market.
Pandora Agents are thought to be executed from the agent from which they gather information, although
the agents can gather information of accessible machines from the host where they are installed. In this
case those agents are called "Satellite Agents". These Satellite Agents can use Telnet, SNMP or any
other commands to get the information.
We can also have a host with several agents: Some that gather information from the accessible machines
(acting as "satellite agents") and the Standard Agent that monitors the host where its running.
.B XML Data fiFiles
.br
The data file has the following syntax:
hostname.serialnumber.data
This is an XML file, and its name is the combination of the hostname where the agent runs, a different
serial number for every data package and the extension .data that indicates that its a data fifile.
We also have a control fifile for every data fifile:
.I hostname.serialnumber.checksum
This file has .checksum extension and contains a MD5 hash of the data file. This allows checking that the
information has not been changed before being processed.
The XML data file generated by every agent is the core of Pandora. This file has the information gathered
by the Agent. Its easy structure allows that any user could create its own developments to be processed in
Pandora, or use the included ones. An example of the information included into the data file below:
.I "<agent data os_name="SunOS" os_version="5.8" timestamp="300"
.br
.I agent_name="pdges01" version="1.0">
.br
.I <module>
.br
.I <name>SSH Daemon</name> .br
.br
.I <type>generic_proc</type>
.br
.I <data>1</data>
.br
.I </module>
.br
.I <module>
.br
.I <name>FTP Daemon</name>
.br
.I <type>generic_proc</type>
.br
.I <data>0</data>
.br
.I </module>
.br
.I <module>
.br
.I <name>DiskFree</name>
.br
.I <type>generic_data</type>
.br
.I <data>5200000</data>
.br
.I </module>
.br
.I <module>
.br
.I <name>UsersConnected</name>
.br
.I <type>generic_data_inc</type>
.br
.I <data>119</data>
.br
.I <min>1</min>
.br
.I <max>250</max>
.br
.I <description>Users currently connected</description>
.br
.I </module>
.br
.I <module>
.br
.I <name>LastLogin</name>
.br
.I <type>generic_data_string</type>"
.br
.I <data>slerena</data>
.br
.I </module>
.br
.I </agent_data>
.B Pandora Servers
.br
With Pandora 1.2 version, you have three different types of servers:
.I "Pandora Data Server"
.br
This is a PERL application that that processes the information sent by the
agents. The agents send the XML data file via SSH and the server periodically verifies if it has new
data files waiting to be processed. You can setup different data servers in different systems or in the
same host (that will be different virtual servers).
.I "Pandora Network Server"
.br
This is a PERL application that execute network tasks like sending pings,
TCP requests, SNMP requests and UDP request. When you assign an agent to a server, you are
assigning to a network server, not a data server, so, this is very important that machines running
network servers have "network visibility" to hosts assigned in network modules.
For example, if you create a module to make a ping check to 192.168.1.1 and assign this agent/module
to a server in a 192.168.2.0/24 network without access to 192.168.1.0/24 module will always report
DOWN.
.I "Pandora SNMP Server"
.br
This is a PERL application that parse output from standard snmptradp (we
provide one binary for snmptrapd, but it is possible that you need to replace it with a binary that runs
better in your system). This daemon receives SNMP traps, and Pandora SNMP Server stores in
database and fire alerts assigned in Pandora SNMP Console.
Data are extracted from the data file, identifying origin, type and category. Once its classified, the data
are inserted into the Database by the same Perl script.
Pandora Server can work in High Availability and/or Load Balancing. In a very big architecture, several
Pandora Servers can be arranged simultaneously in order to be able to manage big volumes of
information distributed by geographical or functional zones.
Pandora Server is always running (as a daemon) and permanently verifies if some element causes to fire
an alarm. If so, it executes the action defined in the alarm, as to send a SMS, an email, even activates the
execution of a SCRIPT or to send an HTTP form.
We could have several simultaneous servers, one of them is the Main Server or "Master Server " and the
rest of servers are "Slave Servers". The Master Server is the only one that verifies the alarms if any agent
goes down. The server which receives the data file from the agent always fires the rest of alarms, defined
in the agents modules. This is also important if this server changes (due to configurations of high
availability, load balancing or clustering).
.B Pandora console
.br
The Web Console is a web application that allows to see graphical reports, state of every agent, also to
access to the information sent by the agent, to see every monitored parameter and to see its evolution
throughout the time, to form the different nodes, groups and users of the system. It is the part that
interacts with the final user, and that will allows you to administer the system.
The Web Console is written in PHP and no plug-in, Flash, Java or ActiveX is needed to access the
console, only a browser that supports HTML and CSS (IE5+ or Mozilla 4+). Pandora Web Console can
run in several servers, the only thing you need is to be allow to access Pandora Database, where Pandora
stores all the information.
.B Pandora database
.br
Pandora uses a SQL Database to store all the information. Pandora maintains an asynchronous database
with all the received data, making a temporary cohesion of everything it is receives and normalizing all
the information from the different sources. Every Agent data module generates an entry of information
for every data bundle, which implies that a real production system can have of the order of ten million of
data, or information atoms.
This information is managed automatically from Pandora, carrying out a periodic and automatic
maintenance of the database. This means that there is no operator either manager required to run tasks as
database administration ones. This is possible thanks to a periodic purge of the past information over a
date (by default 90 days), as well as a data which is older, by default, 30 days.
.B Compacting data
.br
Data stored by Pandora are useful to see evolutions through the time, in order to: make statistics,
generate reports and to do capacity planning, as well as other statisticals tasks. To do that it isnt
necessary to have all the data, but its enough to have a representative sample, of smaller resolution,
enough to carry out the task that is needed.
With that philosophy the compaction system has been constructed. For instance, If we have a sample of
9.000 elements, distributed during 90 days, Pandora will take the data of last month, which would be
3.000 elements and will compress it in 300. In the graphs they will practically be equal, and it will be
usful for the reports, statistics and other tasks. This is made thanks to a interpolation in temporary strips,
in a totally automatic and periodic way, there is no user or the administrator needed to do this.
.HISTORY
.B Pandora 1.2 new features
.br
Alert system. Now it is possible to define a "minimun" and "maximum" limit to fire an alert, just to delete
"noisy" data that fires false positives.
Network Subsystem. Now it is possible to monitor and analyze data using remote network tools, without
using agents, from the new Pandora Network Server component. All management are made from
Pandora Console, and now you will be able to make ICMP checks (Ping), size network latency, get all
types of SNMP values (including scanning MIB), and makes TCP/UDP connections to check ports, and
test text applications, sending texts and waiting for a specific response.
Module groups.Modules now could be grouped using a new "module groups".
Network data refresh on demand. Could be for each module or using a "global group refresh", forcing
Pandora Network Servers to refresh all network modules inside a group.
Online contextual help, for Pandora WEB Console.
New Pandora server infraestructure.
New SNMP trap console to receive SNMP traps and assigning alerts.
Internal messaging system, to notify events to Pandora users.
Agent detail view autorefresh
New main agent group view
Improved database management system, that allows to manage much more data.
Pandora is a project initiated and mainly developed by Sancho Lerena, at present other people is working
on it: Raul Mateos, David Villanueva, Esteban Sanchez, Jose Navarro, Jonathan Barajas and Manuel Arostegui We want to
thank many other people who help us with translation, graphic design, bugs reporting and interesting
ideas.
.br
Pandora is Free Software, and is published under GPL Licence. In order to know the last features, go to
the official web site of the project in http://pandora.sourceforge.net.
.SH AUTHOR
Pandora Free Monitoring System is made and copyrighted by Sancho Lerena <sancho.lerena@artica.es>
Pandora is a project initiated and mainly developed by Sancho Lerena, at present other people is working
on it: Raul Mateos, David Villanueva, Esteban Sanchez, Jose Navarro, Jonathan Barajas and Manuel Arostegui We want to
thank many other people who help us with translation, graphic design, bugs reporting and interesting
ideas.
.br
.SH SEE ALSO
.B pandora
.br
.B pandora_server
.br
.B pandora_agents
.br
.B pandora_console

342
pandora_doc/en/man/pandora.1 Normal file
View File

@ -0,0 +1,342 @@
PandoraFMS() PandoraFMS()
NNAAMMEE
pandorafms - Pandora Free Monitoring System User Guide
AAVVAAIILLAABBIILLIITTYY
Linux, AIX, Solaris, Windows...
DDEESSCCRRIIPPTTIIOONN
This is the user guide for Pandora FMS. This is not the full version,
full version contains images, you will be able to find at www.pando-
rafms.net
NNOOTTEESS
This is the main Pandora User Guide. If you have this man page also,
you are supposed to have also pandora_agent, pandora_network, pan-
dora_server and pandora_console man pages.
SSYYPPNNOOSSYYSS
Pandora FMS is a monitoring application to watch systems and applica-
tions. Pandora allows to know the status of any element of your bussi-
ness systems. Pandora watch for your hardware, your software, your mul-
tilayer system and of course your Operating System. Pandora could
detect a network interface down and the movement of any value of the
NASDAQ new technology market. If you want, Pandora could sent a SMS
message when your systems fails... or when Google value low below US$
330. Pandora FMS will adjust, like an octopus, to your systems and
requirements, because it has been designed to be open, modular, multi-
plattform and easy to customize.
PPaannddoorraa aarrcchhiitteeccttuurree::
_W_e_b _C_o_n_s_o_l_e
Pandoras user interface. The user controls and operates the system
with it. Several Web consoles can be implemented in a single system.
The Web console is written in PHP, and it is over a database and a Web
server. It is compatible with any platform - GNU/Linux, Solaris,
Win2000, AIX, etc.T official supported platform is GNU/Linux, though
The console permits the user to control the status of the agents, view
statistical information, generate graphs and data tables, keep a system
incident control,moreover it is able to generate reports and change the
alerts, agents, and user profile settings.
_S_e_r_v_e_r
In Pandora 1.2 there are three different servers: The core server is
the receptor of the data packages and generates the alerts - it is the
brain of the system. Several servers can work alongside for larger sys-
tems. The core server accesses Pandora database, which is shared with
the Web server, and stores the processed data packages. Server executes
as daemon, and processes the packages stored in its file system. Data
is generated by the system agents. Despite the server s low system
resources comsumption and simple installation and operation, the core
server is the most critical element of the system. The core server
receives and processes the produced data, and fires the alerts and the
events. The Network Servers monitorize remote systems using network
resources like ICMP, TCP, UDP or SNMP Queries. Network Servers are act-
ing itself like "Network Agents". This server fires the alerts and the
events for this modules. The SNMP Server receives and processes the
snmp traps, and fires the alerts associated to it. _C_e_n_t_r_a_l _D_a_t_a_b_a_s_e
At the moment the system only supports MySQL. The central database
keeps all the information Pandora needs to work - agent data, settings,
user information, incidents, system settings, etc. The system can use a
MySQL cluster to store the information, or a High Availability (HA)
solution for larger sytems. This database can work with any of the
platform officially supported by MySQL. Pandora can be implemented with
MySQL versions from 3.0 to 5.0, although the latest is recommended.
_P_a_n_d_o_r_a _A_g_e_n_t_s
They collect all the systems data. They are executed in each local
system, although they can also collect remote information by intalling
monitoring sytems for the agent in several different machines - called
satellite agents. They have been developed to work under a specific
platform, making use of the speci fic tools of the used language:
ShellScripting for Unix - which includes GNU/Linux, Solaris, AIX, HP-UX
and BSD, as well as the Nokias IPSO. Pandora agents can be developed
in virtually any language, given its simple API and being open source.
Windows agent are developed in a free development environment for C++
and uses the same interface and modularity than Unix agents. The old
agent for Windows plattforms was developed on VBS Scripting language,
and is deprecated with the new Pandora 1.2 windows agent.
WWhhaatt kkiinndd ooff ssyysstteemmss// sseerrvviicceess ccaann bbee mmoonniittoorreedd??
At present, with Pandora any process or system that through a command
returns a value can be monitored, as well as any value in any Operating
System log file or similar. Some examples of already existing implemen-
tations below: Number of connections (sessions) of Checkpoint FW-1 Num-
ber of NAT sessions of Checkpoint FW-1 Number of connections of Linux
NetFilter / IPTables firewall Number of FW-1 logged packets Number of
FW-1 dropped packets Number of FW-1 accepted packets State of High
Availability in FW1 NG Last policy installed in a Firewall-1 module
Synchronization state of the modules in FW1 NG CPU of the system: idle,
user and system Number of processes of the system Temperature of the
CPU of a system Value of a MS Windows registry entry Queued jobs in a
generic dispatcher Memory of the system: free, swap, kernel Fw-1, cache
Percentage of free space on disc (for different partitions) Messages
processed by a mail gateway Existence of a string in a text file IP
traffic (filtering based on the connections of the firewall) Hits of
pages in HTTP Servers (Apache, iPlanet, IIS, Netscape) Percentage of
erroneous packets in a Gateway Connections established in a Remote
Access Server (RAS) Size of a file Open sessions by a VPN server MySQL
Performance: Threads, queries, sessions... Snort system state Reported
events by IDS (Snort) up to six levels of priority Network load Number
of local Connections (TCP, UDP, Unix sockets) Detected viruses by a Web
Antivirus Gateway ICMP latency time towards a host Rate of average
transference in a file transfer tool Number of DNS requests attended by
a server (including types) Number of FTP sessions attended by a FTP
server (Generic) State of any active process / service in the system
(Generic) State of any countable parameter of the system
IInnffoorrmmaattiioonn ggaatthheerriinngg wwiitthh PPaannddoorraa aaggeennttss
Pandora agents are based on native languages in every platform: scripts
that can be written in any language. Its possible to reproduce any
agent in any programming language and can be extended without dif
ficulty the existing ones in order to cover aspects not taken into
account up to the moment. These scripts are formed by modules that
each one gathers a "chunk" of information. Thus, every agent gathers
several "chunks" of information; this one is organized in a data set
and stored in a single file, called data file. The process of trans-
ferring the data file from the agent to the server is made regularly at
a de fined time interval in the agent con figuration file, pan-
dora_agent.conf. Its possible to modify that parameter in order to do
not fill the database with non-relevant information, either load the
network or affect the system performance. The default interval is 300
(seconds), which is equivalent to five minutes. Minor values of 100
(seconds) are not recommended since host performance could be affected,
besides loading excessively Database and the Operating System of Pan-
dora Server. Pandora is not a real time system; its an applications
and systems general monitoring system in environments that are not
critical at real time. Packets transfers are made via SSH, with DSA
authentication (although also RSA can be used). The process is com-
pletely safe since neither any password nor unencrypted con fidential
information is sent. Confidentiality, integrity and authentication of
the connections between the agent and the server are ensured. In the
Agents and Server Installation and Configuration guides, the process of
generation of keys to do the automatic SCP transfer is detailed. Also
the transfer via FTP or any other file transfer system could be made,
although SSH has been chosen for security and compatibility with most
of the systems in the market. Pandora Agents are thought to be exe-
cuted from the agent from which they gather information, although the
agents can gather information of accessible machines from the host
where they are installed. In this case those agents are called "Satel-
lite Agents". These Satellite Agents can use Telnet, SNMP or any other
commands to get the information. We can also have a host with several
agents: Some that gather information from the accessible machines (act-
ing as "satellite agents") and the Standard Agent that monitors the
host where its running.
XXMMLL DDaattaa fiFFiilleess
The data file has the following syntax: hostname.serialnumber.data
This is an XML file, and its name is the combination of the hostname
where the agent runs, a different serial number for every data package
and the extension .data that indicates that its a data fifile. We
also have a control fifile for every data fifile:
_h_o_s_t_n_a_m_e_._s_e_r_i_a_l_n_u_m_b_e_r_._c_h_e_c_k_s_u_m This file has .checksum extension and
contains a MD5 hash of the data file. This allows checking that the
information has not been changed before being processed. The XML data
file generated by every agent is the core of Pandora. This file has the
information gathered by the Agent. Its easy structure allows that any
user could create its own developments to be processed in Pandora, or
use the included ones. An example of the information included into the
data file below:
_<_a_g_e_n_t _d_a_t_a _o_s___n_a_m_e_= _S_u_n_O_S_" _o_s___v_e_r_s_i_o_n_=_"_5_._8_" _t_i_m_e_s_t_a_m_p_=_"_3_0_0_"
_a_g_e_n_t___n_a_m_e_=_"_p_d_g_e_s_0_1_" _v_e_r_s_i_o_n_=_"_1_._0_"_>
_<_m_o_d_u_l_e_>
_<_n_a_m_e_>_S_S_H _D_a_e_m_o_n_<_/_n_a_m_e_> _._b_r
_<_t_y_p_e_>_g_e_n_e_r_i_c___p_r_o_c_<_/_t_y_p_e_>
_<_d_a_t_a_>_1_<_/_d_a_t_a_>
_<_/_m_o_d_u_l_e_>
_<_m_o_d_u_l_e_>
_<_n_a_m_e_>_F_T_P _D_a_e_m_o_n_<_/_n_a_m_e_>
_<_t_y_p_e_>_g_e_n_e_r_i_c___p_r_o_c_<_/_t_y_p_e_>
_<_d_a_t_a_>_0_<_/_d_a_t_a_>
_<_/_m_o_d_u_l_e_>
_<_m_o_d_u_l_e_>
_<_n_a_m_e_>_D_i_s_k_F_r_e_e_<_/_n_a_m_e_>
_<_t_y_p_e_>_g_e_n_e_r_i_c___d_a_t_a_<_/_t_y_p_e_>
_<_d_a_t_a_>_5_2_0_0_0_0_0_<_/_d_a_t_a_>
_<_/_m_o_d_u_l_e_>
_<_m_o_d_u_l_e_>
_<_n_a_m_e_>_U_s_e_r_s_C_o_n_n_e_c_t_e_d_<_/_n_a_m_e_>
_<_t_y_p_e_>_g_e_n_e_r_i_c___d_a_t_a___i_n_c_<_/_t_y_p_e_>
_<_d_a_t_a_>_1_1_9_<_/_d_a_t_a_>
_<_m_i_n_>_1_<_/_m_i_n_>
_<_m_a_x_>_2_5_0_<_/_m_a_x_>
_<_d_e_s_c_r_i_p_t_i_o_n_>_U_s_e_r_s _c_u_r_r_e_n_t_l_y _c_o_n_n_e_c_t_e_d_<_/_d_e_s_c_r_i_p_t_i_o_n_>
_<_/_m_o_d_u_l_e_>
_<_m_o_d_u_l_e_>
_<_n_a_m_e_>_L_a_s_t_L_o_g_i_n_<_/_n_a_m_e_>
_<_t_y_p_e_>_g_e_n_e_r_i_c___d_a_t_a___s_t_r_i_n_g_<_/_t_y_p_e_>_"
_<_d_a_t_a_>_s_l_e_r_e_n_a_<_/_d_a_t_a_>
_<_/_m_o_d_u_l_e_>
_<_/_a_g_e_n_t___d_a_t_a_>
PPaannddoorraa SSeerrvveerrss
With Pandora 1.2 version, you have three different types of servers:
_P_a_n_d_o_r_a _D_a_t_a _S_e_r_v_e_r
This is a PERL application that that processes the information sent by
the agents. The agents send the XML data file via SSH and the server
periodically verifies if it has new data files waiting to be processed.
You can setup different data servers in different systems or in the
same host (that will be different virtual servers).
_P_a_n_d_o_r_a _N_e_t_w_o_r_k _S_e_r_v_e_r
This is a PERL application that execute network tasks like sending
pings, TCP requests, SNMP requests and UDP request. When you assign an
agent to a server, you are assigning to a network server, not a data
server, so, this is very important that machines running network
servers have "network visibility" to hosts assigned in network modules.
For example, if you create a module to make a ping check to 192.168.1.1
and assign this agent/module to a server in a 192.168.2.0/24 network
without access to 192.168.1.0/24 module will always report DOWN.
_P_a_n_d_o_r_a _S_N_M_P _S_e_r_v_e_r
This is a PERL application that parse output from standard snmptradp
(we provide one binary for snmptrapd, but it is possible that you need
to replace it with a binary that runs better in your system). This dae-
mon receives SNMP traps, and Pandora SNMP Server stores in database and
fire alerts assigned in Pandora SNMP Console. Data are extracted from
the data file, identifying origin, type and category. Once its classi
fied, the data are inserted into the Database by the same Perl script.
Pandora Server can work in High Availability and/or Load Balancing. In
a very big architecture, several
Pandora Servers can be arranged simultaneously in order to be able to
manage big volumes of information distributed by geographical or func-
tional zones. Pandora Server is always running (as a daemon) and per-
manently verifies if some element causes to fire an alarm. If so, it
executes the action defined in the alarm, as to send a SMS, an email,
even activates the execution of a SCRIPT or to send an HTTP form.
We could have several simultaneous servers, one of them is the Main
Server or "Master Server " and the rest of servers are "Slave Servers".
The Master Server is the only one that verifies the alarms if any agent
goes down. The server which receives the data file from the agent
always fires the rest of alarms, defined in the agents modules. This
is also important if this server changes (due to configurations of high
availability, load balancing or clustering).
PPaannddoorraa ccoonnssoollee
The Web Console is a web application that allows to see graphical
reports, state of every agent, also to access to the information sent
by the agent, to see every monitored parameter and to see its evolution
throughout the time, to form the different nodes, groups and users of
the system. It is the part that interacts with the final user, and that
will allows you to administer the system. The Web Console is written
in PHP and no plug-in, Flash, Java or ActiveX is needed to access the
console, only a browser that supports HTML and CSS (IE5+ or Mozilla
4+). Pandora Web Console can run in several servers, the only thing you
need is to be allow to access Pandora Database, where Pandora stores
all the information.
PPaannddoorraa ddaattaabbaassee
Pandora uses a SQL Database to store all the information. Pandora
maintains an asynchronous database with all the received data, making a
temporary cohesion of everything it is receives and normalizing all the
information from the different sources. Every Agent data module gener-
ates an entry of information for every data bundle, which implies that
a real production system can have of the order of ten million of data,
or information atoms. This information is managed automatically from
Pandora, carrying out a periodic and automatic maintenance of the
database. This means that there is no operator either manager required
to run tasks as database administration ones. This is possible thanks
to a periodic purge of the past information over a date (by default 90
days), as well as a data which is older, by default, 30 days.
CCoommppaaccttiinngg ddaattaa
Data stored by Pandora are useful to see evolutions through the time,
in order to: make statistics, generate reports and to do capacity plan-
ning, as well as other statisticals tasks. To do that it isnt neces-
sary to have all the data, but its enough to have a representative
sample, of smaller resolution, enough to carry out the task that is
needed. With that philosophy the compaction system has been con-
structed. For instance, If we have a sample of 9.000 elements, dis-
tributed during 90 days, Pandora will take the data of last month,
which would be 3.000 elements and will compress it in 300. In the
graphs they will practically be equal, and it will be usful for the
reports, statistics and other tasks. This is made thanks to a interpo-
lation in temporary strips, in a totally automatic and periodic way,
there is no user or the administrator needed to do this.
PPaannddoorraa 11..22 nneeww ffeeaattuurreess
Alert system. Now it is possible to define a "minimun" and "maximum"
limit to fire an alert, just to delete "noisy" data that fires false
positives. Network Subsystem. Now it is possible to monitor and ana-
lyze data using remote network tools, without using agents, from the
new Pandora Network Server component. All management are made from Pan-
dora Console, and now you will be able to make ICMP checks (Ping), size
network latency, get all types of SNMP values (including scanning MIB),
and makes TCP/UDP connections to check ports, and test text applica-
tions, sending texts and waiting for a specific response. Module
groups.Modules now could be grouped using a new "module groups". Net-
work data refresh on demand. Could be for each module or using a
"global group refresh", forcing Pandora Network Servers to refresh all
network modules inside a group. Online contextual help, for Pandora
WEB Console. New Pandora server infraestructure. New SNMP trap con-
sole to receive SNMP traps and assigning alerts. Internal messaging
system, to notify events to Pandora users. Agent detail view autore-
fresh New main agent group view Improved database management system,
that allows to manage much more data.
Pandora is a project initiated and mainly developed by Sancho Lerena,
at present other people is working on it: Raul Mateos, David Vil-
lanueva, Esteban Sanchez, Jose Navarro, Jonathan Barajas and Manuel
Arostegui We want to thank many other people who help us with transla-
tion, graphic design, bugs reporting and interesting ideas.
Pandora is Free Software, and is published under GPL Licence. In order
to know the last features, go to the official web site of the project
in http://pandora.sourceforge.net.
AAUUTTHHOORR
Pandora Free Monitoring System is made and copyrighted by Sancho Lerena
<sancho.lerena@artica.es> Pandora is a project initiated and mainly
developed by Sancho Lerena, at present other people is working on it:
Raul Mateos, David Villanueva, Esteban Sanchez, Jose Navarro, Jonathan
Barajas and Manuel Arostegui We want to thank many other people who
help us with translation, graphic design, bugs reporting and interest-
ing ideas.
SSEEEE AALLSSOO
ppaannddoorraa
ppaannddoorraa__sseerrvveerr
ppaannddoorraa__aaggeennttss
ppaannddoorraa__ccoonnssoollee
PandoraFMS()

674
pandora_doc/en/man/pandora_agents Normal file
View File

@ -0,0 +1,674 @@
.TH Pandora Agents
.SH NAME
pandora_agents - Agents for PandoraFMS
.SH AVAILABILITY
Linux, AIX, Solaris, Windows...
.SH DESCRIPTION
This is the man page for Linux Pandora Agents.
Pandora FMS agents collect all systems data. They are executed in each local system, although they can
also collect remote information by installing monitoring systems for the agent in several different
machines - called satellite agents
They are developed to work under a given platform, making use of the specific tools of the language
being used: VBSCript/Windows Scripting for Microsoft platforms (Win2000, WinXP y Win2003),
ShellScripting for UNIX - which includes Linux, Solaris, AIX, HP-UX and BSD, as well as the Nokias
IPSO. Pandora agents can be developed in virtually any language, given its simple API system and being
open source. There are branches of the Pandora project started for the creation of agents in Posix C, Perl
and Java for those systems requiring closed agents.
Pandora Agents are Free Software, i.e., the way agents collect and sent information is documented. An
agent can be recreated in any programming language, and can be upgraded easily, to improve aspects of
the program not covered so far.
This man describes the installation of agents in machines running over Linux operating systems.
.SH SYPNOSIS
.B Generic role of the agents
Regardless the platform an agent is running on, this is formed of the following elements:
A script (or binary application in Windows) that collects and sends the data to the server. For UNIX
machines the script is called pandora_agent.sh and is executed directly from the Pandora agent folder.
One or several configuration fifiles where the values to be collected are defined. The file is called
pandora_agent.conf both for Windows and Unix machines.
This simple structure makes it easy the customisation of an agent. There is no need to code again the
agent to modify the way it works, as the configuration file holds most of the parameters needed to do so.
.B Main Script
The main script is the executable file that collects the data specified in the configuration file. It sends the
data to the server in XML. In Windows machines application is installed as a service and is executed at
the time intervals set in the configuration fifile. In machines running over UNIX the main script is run
through a special script called pandora_agent_daemon, and runs continuously in the machine as a
process.
.B Configuration File
The data collection in the host system is the gathering of independent data units, which are defined in the
pandora_agent.conf fifile. The pandora_agent.conf file is divided in two parts:
.I General parameters
Configure general options about server location, agent name, interval, and other general options.
.I Module definitions
Configure and defined the method of extraction for each piece of information that will be extracted from local host and sent to Pandora Server.
.B General parameters
The general parameters of the agent configuration are defined in this section. Some of these parameters
are common for all systems and others specific for Windows or UNIX. The general parameters are:
.I server_path:
The server path is the full path of the folder where the server stores the data sent by the
agent. It is usually: /opt/pandora/data_in.
.I server_ip:
The server IP is the IP address or the host name of the Pandora server, where the data will
be stored. The host must be reachable and must be listening to port 22 (SSH).
.I temporal:
This is the full path of the folder where the agent stores the data locally, before it is sent to
the server. It must be said that the data packages are deleted once the agent tries to contact Pandora
server, no matter if the communication was successful or not. This is done to avoid over flcoding hard
drive of the host system where the agent runs. The location of the local folder varies with the
architecture of the host system. In Unix systems this is usually /opt/pandora/data_out
.I interval:
This is the time interval in seconds in which the agent will collect data from the host system
and send the data packages to the server. The recommended value ranges from 300 (5 minutes) to 600
(10 minutes). This number could be larger, although it is important to consider the impact of a larger
number on the database.
.I debug:
This parameter is used to test the generation of data fifiles, forcing the agent to do not copy data
file to server, so you can check data fifile contents and copy XML data fifile manually. It does not delete
any data when the process is finished, so data fifile will be in temp directory. The activity is written in a
log fifile. The fifile is named pandora_agent.log. This log fifile can be used to test the system and to
investigate potential issues.
.I agent_name:
This is an alternative host name. This parameter is optional as if it is not declared the
name is obtained directly from the system.
.I checksum:
This parameter can take two values. If the value is 1, the checksums are performed through
MD5. If the value is 0, the checksum is not performed at all. This may be useful for systems where a
MD5 tool cannot be implemented. If the checksum is deactivated in the agent it must be also
disconnected in the server. Otherwise it could create problems.
An example of the general parameters from a Unix configuration would be.
.I server_ip Pandora_Server
.br
.I server_path /opt/pandora/data_in
.br
.I temporal /opt/pandora/data_out
.br
.I interval 300
.br
.I agent_name satellite_agent
.br
.I debug 1
.br
.I checksum 1
.B Module definition
Each data item that is to be collected must be defined precisely in each module, using the exact syntax.
As many values as necessary can be set to be collected, adding at the end of the general parameters as
many modules as the number of values to collect. Each module is made of several directives. Following
is a descriptive relation of all module marks available for Unix agents.
.I module_begin
Defines the beginning of the module.
.I module_name name
Name of the module. This is the id for this module, choose a name without blank spaces and not very
long. There is no practical limitation (max of 250 chars) but will be easier to manage if you use short
names. This name CANNOT be duplicated with a similar name in the same agent. This name could be
duplicated with other modules in other agents.
.I module_type type
Data type the module will handle. There are four data types for agents:
.TP
Numeric (generic_data).
Simple numeric data, flfloat or integer. If the values are of the float type, they will be truncated to their integer value.
.TP
Incremental (generic_date_inc).
Integer numeric data equal to the differential between the actual value and the previous one. When this differential is negative the value is set to 0.
Alphanumeric (generic_string). Text strings up to 255 characters.
.TP•
Monitors (generic_proc).
Stores numerically the status of the processes. This data type is called monitor because it assigns 0 to an "Incorrect" status and any value above 0 to any "Correct" status.
.P
.I module_exec command
This is the generic "command to execute" directive. Both, for Unix and Windows agents there is only one
directive to obtain data in a generic way, executing a single command (you could use pipes for redirecting execution to anoter command). This directive executes a command and stores the returned value. This method is also available on Windows agents. This is the "general purpose method" for both
kind of agents.
.I module_min value
This is the minimum valid value for the data generated in this module. If the module has not yet been
defined in the web console this value will be taken from this directive. This directive is not compulsory.
This value does not override the value defined in the agent if the module does not exist in the
management console. It is created automatically when working on learning mode.
.I module_max value
It is the maximum valid value for the data generated in this module. If the module has not been defined in
the web console this value will be taken from this directive. This directive is not compulsory and is not
supported by the Windows agent. This value does not override the value defined in the agent if the
module does not exist in the management console. This is created automatically when working on
learning mode.
.I module_description text
This directive is used to add a comment to the module. This directive is not compulsory. This value does
not override the value defined in the agent if the module does not exist in the management console. This
is created automatically when working on learning mode.
.I module_interval factor
Pandora 1.2 introduces this new feature. You can, for each module, setup its own interval. This interval
its calculated as a multiply factor for agent interval. For example, if your agent has interval 300 (5
minutes), and you want a module only be calculated each 15 minutes, you could add this line:
module_interval 3. So this module will be calculated each 300sec x 3 = 900sec (15 minutes).
.I module_end
Ends module definition
.B Agent types
It is possible to monitor virtually any system with Pandora. This can be done either with a local agent
collecting data directly from the system to be monitored, using a a satellite agent collecting data from a
system by SNMP or using the new Pandora 1.2 agents, the remote agents, who can chack using remote
network polling (TCP, UCP, ICMP/PING and SNMP) remote services, from the Pandora Network Server.
The local agents can be either Windows or Unix agents. The satellite agents can be implemented using
any of the agents above. The modules are configured to collect data from the external system by, for
example, an SNMPGET tool.
.B UNIX agents
.I Introduction to Unix agents
The in-built UNIX applications and tools make the agents running on this system be very simple. There
are also agents developed for AIX, Linux, Solaris and BSD platforms, some of them very similar but not
identical. Requirements for the installation of Pandora Agents on UNIX
.I AIX
MD5 signatures are used to guarantee the integrity of the generated data packages. The MD5 package is
integrated in AIX 5.1 and above. There is a freeware package for AIX 4.3 but it has several issues and
might not work correctly. In the case of having problems with the AIX agents the checksum system used
to validate the integrity of the data can be disabled.
.I Solaris
The MD5 package is necessary to execute the Solaris agent correctly. This package is available from
http://sunfreeware.com . It can be also downloaded for Solaris 8 from the following URL:
ftp://ftp.sunfreeware.com/pub/freeware/sparc/8/md5-6142000-sol8-sparc-local.gz
MD5 Package installation on Solaris
.I root@stest:/tmp:> gzip -d md5-6142000-sol8-sparc-local.gz
.br
.I root@stest:/tmp:> pkgadd -d ./md5-6142000-sol8-sparc-local
.br
.I The following packages are available:
.br
.I 1 SMCmd5 md5
.br
.I (sparc) 6142000
.br
.I Select package(s) you wish to process (or all to process
.br
.I all packages). (default: all) [?,??,q]: 1
.br
.I Solaris SSH
The suggested SSH client is OpenSSH. If any other SSH client is to be used it must be considered that
each piece software may have different ways to generate or manage keys. For example, if F-Secure SSH
is used, the public key must be in OpenSSH format when the keys are generated. The format can be
changed from IETF to OpenSSH with F-Secure SSH, using the following command:
.I ssh-keygen -i -f file_ietf_pubkey
.B GNU/Linux
SSH and MD5 should be installed in Linux by default, but if they are not they can be installed using the
tools available in each distribution.
.B BSD (IPSO)
SSH and MD5 should be installed by default. If they are not, it is necessary to install them.
.B Pandora Unix Agent install
The software comes in a .tar.gz file. First of all the fifile needs to be extracted into a folder, usually
/opt/pandora_agent, although any other folder may be used. If a different folder is used, the daemon
launcher must be modified by changing route to $PANDORA_HOME.
There is hardly any difference between AIX, Solaris and Linux, and they all work around the hash MD5
generation binaries.
This is the structure of the installation in /opt/pandora_agent/ once the fifiles have been extracted:
.I /opt/pandora_agent/data_out
Folder where the data collected by the agents is stored.
.I /opt/pandora_agent/doc
Folder with information about the agent and its license.
.I /opt/pandora_agent/pandora_agent.conf
File where the data to be collected is defined, along side the command to be executed for the data collection. This is the system core, as it defines the main
data to be collected in any Firewall.
.I /opt/pandora_agent/pandora_user.conffi
File where several of the parameters to collect data from the monitored system are defined in more detail.
.I /opt/pandora_agent/pandora_agent.sh
This is the actual Pandora agent. This file is a shellscript that collects the data configured in the pandora_agent.conf and pandora_user.conf files. It also transfers
the data packages to the Pandora server.
.I /opt/pandora_agent/pandora_agent_daemon
Start and stop script. It makes a call to pandora_agent.sh. It offers two options, start and stop.
.I /opt/pandora_agent/pandora.log
Textfifile where the activity of the Pandora agent is saved, when the agent is executed in debugging mode.
.B Key generation
The SSH keys generated must be:
SSH version2 keys
Open SSH format keys
DiffieHellman (DH) format keys
To generate the keys the command ssh-keygen is executed followed by the specific parameters for our
operating system. Please, create key WITHOUT password.
The public key must be copied into the /home/.pandora/authorized_keys fifile in the Pandora
server. Before starting the Pandora agent the SSH authentication must be checked. To do this the
following command must be executed on the agent machine:
.I $ ssh pandora@pandora_server
The system must connect successfully BEFORE launching the Pandora agent.
.B First running of the Unix agent
To start the agent it is only necessary to execute pandora_agent_daemon start from /opt/pandora_client.
Pandora Agent creates a file (/var/run/pandora.pid) with the PID number of the process when it is started.
For IPSO systems the agent will be started with a nice -10 priority, so it becomes the process with the
lowest priority over the system CPU. It will be executed when no other processes with a higher priority
are waiting in the system CPU queue.
In BSD systems the maximum priority is +20 and the lowest -20.
To stop agent, execute pandora_agent_daemon stop from /opt/pandora_agent.
.B Advanced configuration for Unix Agent
The real power of Pandora resides in the capability of the agents to run user defined scripts. This could
be used to collect specific data or to perform an operation to return any desired value. This is the purpose
of pandora_user.conf.
This file is executed every in agent loop. It is a shell-script in which any command can be executed, as
long as the output is in the XML format the agent uses to send data to the server. The XML structure
would be:
.I <module>
.br
.I <name>NAME</name>
.br
.I <type>TYPE</type>
.br
.I <data>DATA</data>
.br
.I </module>
Where NAME, TYPE and DATA are the variables already defined in previous sections. The XML must
be built manually, usually using echo commands.
.SH EXAMPLES
An example of a Unix module would be:
.I module_begin
.br
.I module_name cpu_user
.br
.I module_type generic_data
.br
.I module_exec vmstat | tail -1 | awk { print $14 }
.br
.I module_min 0
.br
.I module_max 100
.br
.I module_description User CPU
.br
.I module_end
This would be the script a customized agent would use for Checkpoint FW1 in IPSO agents:
.I #!/bin/sh
.br
.I # Pandora User-Defined acquisition script
.br
.I # This code is under GPL licence
.br
.I # Please refer documentation for more example and a more
.br
.I # depth usage instructions
.br
.I # mbuf clusters usados (%)
.br
.I MBUF_TOTAL=netstat -m |grep "mbuf cluster" | tr -s "/" " " |awk { print $2 }
.br
.I MBUF_USED=netstat -m |grep "mbuf cluster" | tr -s "/" " " |awk { print $1 }
.br
.I MBUF_USED_PER=echo $MBUF_TOTAL $MBUF_USED | awk { print $2 / ($1 / 100) }
.br
.I echo "<module>"
.br
.I echo "<name>MBUF_CLUSTER_USED_PER</name>"
.br
.I echo "<data>$MBUF_USED_PER</data>"
.br
.I echo "<type>generic_data</type>"
.br
.I echo "</module>"
A more complex example could be:
.I #!/bin/sh
.br
.I # Pandora User-Defined acquisition script
.br
.I # This code is under GPL licence
.br
.I # Please refer documentation for more example and a more
.br
.I # depth usage instructions
.br
.I # Calculating the number of packages generated by ETH2,
.br
.I # if nothing is generated
.br
.I # within 20 seconds an alert is rosen
.br
.I # Perform the calculation between 8 to 23h. Return ok for times
.br
.I # outside this range
.br
.I echo "<module>"
.br
.I echo "<name>Packet_Generator_Check</name>"
.br
.I echo "<type>generic_proc</type>"
.br
.I UNO=ifconfig eth2 | grep "TX packets" | cut -f 2 -d ":" | grep -o -e "[0-9]*"
.br
.I sleep 20
.br
.I DOS=ifconfig eth2 | grep "TX packets" | cut -f 2 -d ":" | grep -o -e "[0-9]*"
.br
.I HORA=date "+%k"
.br
.I if [ "$HORA" -lt "8" ] && [ "$HORA" -gt "11" ]
.br
.I then
.br
.I # Time out of range, no checking, everything OK
.br
.I # Fuera de hora, no compruebo, esta OK
.br
.I echo "<data>1</data>"
.br
.I else
.br
.I if [ "$UNO" == "$DOS" ]
.br
.I then
.br
.I echo "<data>0</data>"
.br
.I else
.br
.I echo "<data>1</data>"
.br
.I fi
.br
.I fi
.br
.I echo "</module>"
.B Implementation examples for Unix Agents
Example #1: calculate the number of HITS of the main page of an Apache Web server:
.I module_begin
.br
.I module_name WEB_Hits
.br
.I module_type generic_data_inc
.br
.I module_exec cat /var/log/apache/access.log | grep "index" | wc -l
.br
.I module_end
Example: check if the process of the DNS server (named) is active or fell over:
.I module_begin
.br
.I module_name DNS_Daemon
.br
.I module_type generic_proc
.br
.I module_exec ps -Af | grep named | grep -v "grep" | wc -l
.br
.I module_end
Complete example of the configuration of an agent for Linux
# General Parameters
# ==================
.I server_ip 192.168.100.45
.br
.I server_path /opt/pandora/data_in
.br
.I pandora_path /opt/pandora_ng/
.br
.I temporal /opt/pandora_ng/data_out
.br
.I interval 300
.br
.I hostname linuxbox01
.br
.I debug 0
.br
.I checksum 1
# Module Definition
# =================
.I module_begin
.br
.I module_name cpu_user
.br
.I module_type generic_data
.br
.I module_exec vmstat 1 2 | tail -1 | awk { print $14 }
.br
.I module_end
.I module_begin
.br
.I module_name cpu_sys
.br
.I module_type generic_data
.br
.I module_exec vmstat 1 2 | tail -1 | awk { print $14 }
.br
.I module_end
.I module_begin
.br
.I module_name disk_root_free
.br
.I module_type generic_data
.br
.I module_exec df -kh / | tail -1 | awk { print 100 - $5 }
.br
.I module_end
.I module_begin
.br
.I module_name disk_store_free
.br
.I module_type generic_data
.br
.I module_exec df -kh /store | tail -1 | awk { print 100 - $5 }
.br
.I module_end
.I module_begin
.br
.I module_name memfree
.br
.I module_type generic_data
.br
.I module_exec cat /proc/meminfo | grep MemFree | cut -c 10-23
.br
.I module_end
.I module_begin
.br
.I module_name memused
.br
.I module_type generic_data
.br
.I module_exec cat /proc/meminfo | grep "Active" | cut -c 8- | cut -f 1 -d "k"
.br
.I module_end
.I module_begin
.br
.I module_name proctotal
.br
.I module_type generic_data
.br
.I module_exec ps -A | wc -l
.br
.I module_end
.I module_begin
.br
.I module_name sshd
.br
.I module_type generic_proc
.br
.I module_exec ps -Af | grep sshd | grep -v "grep" | wc -l
.br
.I module_end
.I module_begin
.br
.I module_name WEB_Hits
.br
.I module_type generic_data_inc
.I module_exec cat /var/log/apache/access.log | grep "index.php" | wc -l
.br
.I module_end
.I module_begin
.br
.I module_name eMails_proc
.br
.I module_type generic_data_inc
.br
.I module_exec cat /var/log/mail/mail.log | grep "message-id" | wc -l
.br
.I module_end
.I module_begin
.br
.I module_name FTP_sessions
.br
.I module_type generic_data_inc
.br
.I module_exec cat /var/log/syslog | grep "FTP session opened" | wc -l
.br
.I module_end
.I module_begin
.br
.I module_name eMails_SPAM
.br
.I module_type generic_data_inc
.br
.I module_exec cat /var/log/mail/mail.log | grep "identified spam" | wc -l
.br
.I module_end
.SH AUTHOR
Pandora Free Monitoring System is made and copyrighted by Sancho Lerena <sancho.lerena@artica.es>
Pandora is a project initiated and mainly developed by Sancho Lerena, at present other people is working
on it: Raul Mateos, David Villanueva, Esteban Sanchez, Jose Navarro, Jonathan Barajas and Manuel Arostegui We want to
thank many other people who help us with translation, graphic design, bugs reporting and interesting
ideas.
.br
.SH SEE ALSO
.B pandora
.br
.B pandora_server
.br
.B pandora_agents
.br
.B pandora_console

616
pandora_doc/en/man/pandora_agents.1 Normal file
View File

@ -0,0 +1,616 @@
Pandora(Agents) Pandora(Agents)
NNAAMMEE
pandora_agents - Agents for PandoraFMS
AAVVAAIILLAABBIILLIITTYY
Linux, AIX, Solaris, Windows...
DDEESSCCRRIIPPTTIIOONN
This is the man page for Linux Pandora Agents.
Pandora FMS agents collect all systems data. They are executed in
each local system, although they can also collect remote information by
installing monitoring systems for the agent in several different
machines - called satellite agents
They are developed to work under a given platform, making use of the
speci fic tools of the language being used: VBSCript/Windows Scripting
for Microsoft platforms (Win2000, WinXP y Win2003), ShellScripting for
UNIX - which includes Linux, Solaris, AIX, HP-UX and BSD, as well as
the Nokias IPSO. Pandora agents can be developed in virtually any
language, given its simple API system and being open source. There are
branches of the Pandora project started for the creation of agents in
Posix C, Perl and Java for those systems requiring closed agents.
Pandora Agents are Free Software, i.e., the way agents collect and sent
information is documented. An agent can be recreated in any programming
language, and can be upgraded easily, to improve aspects of the program
not covered so far.
This man describes the installation of agents in machines running over
Linux operating systems.
SSYYPPNNOOSSIISS
GGeenneerriicc rroollee ooff tthhee aaggeennttss
Regardless the platform an agent is running on, this is formed of the
following elements: A script (or binary application in Windows) that
collects and sends the data to the server. For UNIX machines the script
is called pandora_agent.sh and is executed directly from the Pandora
agent folder.
One or several configuration fifiles where the values to be collected
are defined. The file is called pandora_agent.conf both for Windows and
Unix machines.
This simple structure makes it easy the customisation of an agent.
There is no need to code again the agent to modify the way it works, as
the configuration file holds most of the parameters needed to do so.
MMaaiinn SSccrriipptt
The main script is the executable file that collects the data specified
in the configuration file. It sends the data to the server in XML. In
Windows machines application is installed as a service and is executed
at the time intervals set in the configuration fifile. In machines run-
ning over UNIX the main script is run through a special script called
pandora_agent_daemon, and runs continuously in the machine as a pro-
cess.
CCoonnffiigguurraattiioonn FFiillee
The data collection in the host system is the gathering of independent
data units, which are defined in the pandora_agent.conf fifile. The
pandora_agent.conf file is divided in two parts:
_G_e_n_e_r_a_l _p_a_r_a_m_e_t_e_r_s
Configure general options about server location, agent name, interval,
and other general options.
_M_o_d_u_l_e _d_e_f_i_n_i_t_i_o_n_s
Configure and defined the method of extraction for each piece of infor-
mation that will be extracted from local host and sent to Pandora
Server.
GGeenneerraall ppaarraammeetteerrss
The general parameters of the agent configuration are defined in this
section. Some of these parameters are common for all systems and others
specific for Windows or UNIX. The general parameters are: _s_e_r_v_e_r___p_a_t_h_:
The server path is the full path of the folder where the server stores
the data sent by the agent. It is usually: /opt/pandora/data_in.
_s_e_r_v_e_r___i_p_:
The server IP is the IP address or the host name of the Pandora server,
where the data will be stored. The host must be reachable and must be
listening to port 22 (SSH).
_t_e_m_p_o_r_a_l_:
This is the full path of the folder where the agent stores the data
locally, before it is sent to the server. It must be said that the data
packages are deleted once the agent tries to contact Pandora server, no
matter if the communication was successful or not. This is done to
avoid over flcoding hard drive of the host system where the agent runs.
The location of the local folder varies with the architecture of the
host system. In Unix systems this is usually /opt/pandora/data_out
_i_n_t_e_r_v_a_l_:
This is the time interval in seconds in which the agent will collect
data from the host system and send the data packages to the server. The
recommended value ranges from 300 (5 minutes) to 600 (10 minutes). This
number could be larger, although it is important to consider the impact
of a larger number on the database.
_d_e_b_u_g_:
This parameter is used to test the generation of data fifiles, forcing
the agent to do not copy data file to server, so you can check data
fifile contents and copy XML data fifile manually. It does not delete
any data when the process is finished, so data fifile will be in temp
directory. The activity is written in a log fifile. The fifile is named
pandora_agent.log. This log fifile can be used to test the system and
to investigate potential issues.
_a_g_e_n_t___n_a_m_e_:
This is an alternative host name. This parameter is optional as if it
is not declared the name is obtained directly from the system.
_c_h_e_c_k_s_u_m_:
This parameter can take two values. If the value is 1, the checksums
are performed through MD5. If the value is 0, the checksum is not per-
formed at all. This may be useful for systems where a MD5 tool cannot
be implemented. If the checksum is deactivated in the agent it must be
also disconnected in the server. Otherwise it could create problems.
An example of the general parameters from a Unix configuration would
be.
_s_e_r_v_e_r___i_p _P_a_n_d_o_r_a___S_e_r_v_e_r
_s_e_r_v_e_r___p_a_t_h _/_o_p_t_/_p_a_n_d_o_r_a_/_d_a_t_a___i_n
_t_e_m_p_o_r_a_l _/_o_p_t_/_p_a_n_d_o_r_a_/_d_a_t_a___o_u_t
_i_n_t_e_r_v_a_l _3_0_0
_a_g_e_n_t___n_a_m_e _s_a_t_e_l_l_i_t_e___a_g_e_n_t
_d_e_b_u_g _1
_c_h_e_c_k_s_u_m _1
MMoodduullee ddeeffiinniittiioonn
Each data item that is to be collected must be defined precisely in
each module, using the exact syntax. As many values as necessary can
be set to be collected, adding at the end of the general parameters as
many modules as the number of values to collect. Each module is made of
several directives. Following is a descriptive relation of all module
marks available for Unix agents.
_m_o_d_u_l_e___b_e_g_i_n
Defines the beginning of the module.
_m_o_d_u_l_e___n_a_m_e _n_a_m_e
Name of the module. This is the id for this module, choose a name with-
out blank spaces and not very long. There is no practical limitation
(max of 250 chars) but will be easier to manage if you use short names.
This name CANNOT be duplicated with a similar name in the same agent.
This name could be duplicated with other modules in other agents.
_m_o_d_u_l_e___t_y_p_e _t_y_p_e
Data type the module will handle. There are four data types for agents:
Numeric (generic_data).
Simple numeric data, flfloat or integer. If the values are of
the float type, they will be truncated to their integer value.
Incremental (generic_date_inc).
Integer numeric data equal to the differential between the
actual value and the previous one. When this differential is
negative the value is set to 0. Alphanumeric (generic_string).
Text strings up to 255 characters.
Monitors (generic_proc).
Stores numerically the status of the processes. This data type
is called monitor because it assigns 0 to an "Incorrect" status
and any value above 0 to any "Correct" status.
_m_o_d_u_l_e___e_x_e_c _c_o_m_m_a_n_d
This is the generic "command to execute" directive. Both, for Unix and
Windows agents there is only one directive to obtain data in a generic
way, executing a single command (you could use pipes for redirecting
execution to anoter command). This directive executes a command and
stores the returned value. This method is also available on Windows
agents. This is the "general purpose method" for both kind of agents.
_m_o_d_u_l_e___m_i_n _v_a_l_u_e
This is the minimum valid value for the data generated in this module.
If the module has not yet been defined in the web console this value
will be taken from this directive. This directive is not compulsory.
This value does not override the value defined in the agent if the mod-
ule does not exist in the management console. It is created automati-
cally when working on learning mode.
_m_o_d_u_l_e___m_a_x _v_a_l_u_e
It is the maximum valid value for the data generated in this module. If
the module has not been defined in the web console this value will be
taken from this directive. This directive is not compulsory and is not
supported by the Windows agent. This value does not override the value
de fined in the agent if the module does not exist in the management
console. This is created automatically when working on learning mode.
_m_o_d_u_l_e___d_e_s_c_r_i_p_t_i_o_n _t_e_x_t
This directive is used to add a comment to the module. This directive
is not compulsory. This value does not override the value defined in
the agent if the module does not exist in the management console. This
is created automatically when working on learning mode.
_m_o_d_u_l_e___i_n_t_e_r_v_a_l _f_a_c_t_o_r
Pandora 1.2 introduces this new feature. You can, for each module,
setup its own interval. This interval its calculated as a multiply fac-
tor for agent interval. For example, if your agent has interval 300 (5
minutes), and you want a module only be calculated each 15 minutes, you
could add this line: module_interval 3. So this module will be calcu-
lated each 300sec x 3 = 900sec (15 minutes).
_m_o_d_u_l_e___e_n_d
Ends module definition
AAggeenntt ttyyppeess
It is possible to monitor virtually any system with Pandora. This can
be done either with a local agent collecting data directly from the
system to be monitored, using a a satellite agent collecting data from
a system by SNMP or using the new Pandora 1.2 agents, the remote
agents, who can chack using remote network polling (TCP, UCP, ICMP/PING
and SNMP) remote services, from the Pandora Network Server.
The local agents can be either Windows or Unix agents. The satellite
agents can be implemented using any of the agents above. The modules
are con figured to collect data from the external system by, for exam-
ple, an SNMPGET tool.
UUNNIIXX aaggeennttss
_I_n_t_r_o_d_u_c_t_i_o_n _t_o _U_n_i_x _a_g_e_n_t_s
The in-built UNIX applications and tools make the agents running on
this system be very simple. There are also agents developed for AIX,
Linux, Solaris and BSD platforms, some of them very similar but not
identical. Requirements for the installation of Pandora Agents on UNIX
_A_I_X
MD5 signatures are used to guarantee the integrity of the generated
data packages. The MD5 package is integrated in AIX 5.1 and above.
There is a freeware package for AIX 4.3 but it has several issues and
might not work correctly. In the case of having problems with the AIX
agents the checksum system used to validate the integrity of the data
can be disabled.
_S_o_l_a_r_i_s
The MD5 package is necessary to execute the Solaris agent correctly.
This package is available from http://sunfreeware.com . It can be also
downloaded for Solaris 8 from the following URL:
ftp://ftp.sunfreeware.com/pub/freeware/sparc/8/md5-6142000-sol8-sparc-
local.gz MD5 Package installation on Solaris
_r_o_o_t_@_s_t_e_s_t_:_/_t_m_p_:_> _g_z_i_p _-_d _m_d_5_-_6_1_4_2_0_0_0_-_s_o_l_8_-_s_p_a_r_c_-_l_o_c_a_l_._g_z
_r_o_o_t_@_s_t_e_s_t_:_/_t_m_p_:_> _p_k_g_a_d_d _-_d _._/_m_d_5_-_6_1_4_2_0_0_0_-_s_o_l_8_-_s_p_a_r_c_-_l_o_c_a_l
_T_h_e _f_o_l_l_o_w_i_n_g _p_a_c_k_a_g_e_s _a_r_e _a_v_a_i_l_a_b_l_e_:
_1 _S_M_C_m_d_5 _m_d_5
_(_s_p_a_r_c_) _6_1_4_2_0_0_0
_S_e_l_e_c_t _p_a_c_k_a_g_e_(_s_) _y_o_u _w_i_s_h _t_o _p_r_o_c_e_s_s _(_o_r _a_l_l _t_o _p_r_o_c_e_s_s
_a_l_l _p_a_c_k_a_g_e_s_)_. _(_d_e_f_a_u_l_t_: _a_l_l_) _[_?_,_?_?_,_q_]_: _1
_S_o_l_a_r_i_s _S_S_H
The suggested SSH client is OpenSSH. If any other SSH client is to be
used it must be considered that each piece software may have different
ways to generate or manage keys. For example, if F-Secure SSH is used,
the public key must be in OpenSSH format when the keys are generated.
The format can be changed from IETF to OpenSSH with F-Secure SSH, using
the following command:
_s_s_h_-_k_e_y_g_e_n _-_i _-_f _f_i_l_e___i_e_t_f___p_u_b_k_e_y
GGNNUU//LLiinnuuxx
SSH and MD5 should be installed in Linux by default, but if they are
not they can be installed using the tools available in each distribu-
tion.
BBSSDD ((IIPPSSOO))
SSH and MD5 should be installed by default. If they are not, it is nec-
essary to install them.
PPaannddoorraa UUnniixx AAggeenntt iinnssttaallll
The software comes in a .tar.gz file. First of all the fifile needs to
be extracted into a folder, usually /opt/pandora_agent, although any
other folder may be used. If a different folder is used, the daemon
launcher must be modified by changing route to $PANDORA_HOME.
There is hardly any difference between AIX, Solaris and Linux, and they
all work around the hash MD5 generation binaries.
This is the structure of the installation in /opt/pandora_agent/ once
the fifiles have been extracted:
_/_o_p_t_/_p_a_n_d_o_r_a___a_g_e_n_t_/_d_a_t_a___o_u_t
Folder where the data collected by the agents is stored.
_/_o_p_t_/_p_a_n_d_o_r_a___a_g_e_n_t_/_d_o_c
Folder with information about the agent and its license.
_/_o_p_t_/_p_a_n_d_o_r_a___a_g_e_n_t_/_p_a_n_d_o_r_a___a_g_e_n_t_._c_o_n_f
File where the data to be collected is defined, along side the command
to be executed for the data collection. This is the system core, as it
defines the main data to be collected in any Firewall.
_/_o_p_t_/_p_a_n_d_o_r_a___a_g_e_n_t_/_p_a_n_d_o_r_a___u_s_e_r_._c_o_n_ffi
File where several of the parameters to collect data from the monitored
system are defined in more detail.
_/_o_p_t_/_p_a_n_d_o_r_a___a_g_e_n_t_/_p_a_n_d_o_r_a___a_g_e_n_t_._s_h
This is the actual Pandora agent. This file is a shellscript that col-
lects the data con figured in the pandora_agent.conf and pan-
dora_user.conf files. It also transfers the data packages to the Pan-
dora server.
_/_o_p_t_/_p_a_n_d_o_r_a___a_g_e_n_t_/_p_a_n_d_o_r_a___a_g_e_n_t___d_a_e_m_o_n
Start and stop script. It makes a call to pandora_agent.sh. It offers
two options, start and stop.
_/_o_p_t_/_p_a_n_d_o_r_a___a_g_e_n_t_/_p_a_n_d_o_r_a_._l_o_g
Textfifile where the activity of the Pandora agent is saved, when the
agent is executed in debugging mode.
KKeeyy ggeenneerraattiioonn
The SSH keys generated must be:
SSH version2 keys •
Open SSH format keys •
Dif fieHellman (DH) format keys • To generate the keys the command
ssh-keygen is executed followed by the specific parameters for our
operating system. Please, create key WITHOUT password.
The public key must be copied into the /home/.pandora/authorized_keys
fifile in the Pandora server. Before starting the Pandora agent the SSH
authentication must be checked. To do this the following command must
be executed on the agent machine:
_$ _s_s_h _p_a_n_d_o_r_a_@_p_a_n_d_o_r_a___s_e_r_v_e_r
The system must connect successfully BEFORE launching the Pandora
agent.
FFiirrsstt rruunnnniinngg ooff tthhee UUnniixx aaggeenntt
To start the agent it is only necessary to execute pandora_agent_daemon
start from /opt/pandora_client. Pandora Agent creates a file
(/var/run/pandora.pid) with the PID number of the process when it is
started.
For IPSO systems the agent will be started with a nice -10 priority, so
it becomes the process with the lowest priority over the system CPU. It
will be executed when no other processes with a higher priority are
waiting in the system CPU queue.
In BSD systems the maximum priority is +20 and the lowest -20.
To stop agent, execute pandora_agent_daemon stop from /opt/pan-
dora_agent.
AAddvvaanncceedd ccoonnfigguurraattiioonn ffoorr UUnniixx AAggeenntt
The real power of Pandora resides in the capability of the agents to
run user defined scripts. This could be used to collect specific data
or to perform an operation to return any desired value. This is the
purpose of pandora_user.conf.
This file is executed every in agent loop. It is a shell-script in
which any command can be executed, as long as the output is in the XML
format the agent uses to send data to the server. The XML structure
would be:
_<_m_o_d_u_l_e_>
_<_n_a_m_e_>_N_A_M_E_<_/_n_a_m_e_>
_<_t_y_p_e_>_T_Y_P_E_<_/_t_y_p_e_>
_<_d_a_t_a_>_D_A_T_A_<_/_d_a_t_a_>
_<_/_m_o_d_u_l_e_>
Where NAME, TYPE and DATA are the variables already defined in previous
sections. The XML must be built manually, usually using echo commands.
EEXXAAMMPPLLEESS
An example of a Unix module would be:
_m_o_d_u_l_e___b_e_g_i_n
_m_o_d_u_l_e___n_a_m_e _c_p_u___u_s_e_r
_m_o_d_u_l_e___t_y_p_e _g_e_n_e_r_i_c___d_a_t_a
_m_o_d_u_l_e___e_x_e_c _v_m_s_t_a_t _| _t_a_i_l _-_1 _| _a_w_k _{ _p_r_i_n_t _$_1_4 _}
_m_o_d_u_l_e___m_i_n _0
_m_o_d_u_l_e___m_a_x _1_0_0
_m_o_d_u_l_e___d_e_s_c_r_i_p_t_i_o_n _U_s_e_r _C_P_U
_m_o_d_u_l_e___e_n_d
This would be the script a customized agent would use for Checkpoint
FW1 in IPSO agents:
_#_!_/_b_i_n_/_s_h
_# _P_a_n_d_o_r_a _U_s_e_r_-_D_e_f_i_n_e_d _a_c_q_u_i_s_i_t_i_o_n _s_c_r_i_p_t
_# _T_h_i_s _c_o_d_e _i_s _u_n_d_e_r _G_P_L _l_i_c_e_n_c_e
_# _P_l_e_a_s_e _r_e_f_e_r _d_o_c_u_m_e_n_t_a_t_i_o_n _f_o_r _m_o_r_e _e_x_a_m_p_l_e _a_n_d _a _m_o_r_e
_# _d_e_p_t_h _u_s_a_g_e _i_n_s_t_r_u_c_t_i_o_n_s
_# _m_b_u_f _c_l_u_s_t_e_r_s _u_s_a_d_o_s _(_%_)
_M_B_U_F___T_O_T_A_L_= _n_e_t_s_t_a_t _-_m _|_g_r_e_p _m_b_u_f _c_l_u_s_t_e_r _| _t_r _-_s _/ _|_a_w_k _{ _p_r_i_n_t
_$_2 _}
_M_B_U_F___U_S_E_D_=_n_e_t_s_t_a_t _-_m _|_g_r_e_p _m_b_u_f _c_l_u_s_t_e_r _| _t_r _-_s _/ _|_a_w_k _{ _p_r_i_n_t _$_1
_}
_M_B_U_F___U_S_E_D___P_E_R_= _e_c_h_o _$_M_B_U_F___T_O_T_A_L _$_M_B_U_F___U_S_E_D _| _a_w_k _{ _p_r_i_n_t _$_2 _/ _(_$_1 _/
_1_0_0_) _}
_e_c_h_o _<_m_o_d_u_l_e_>
_e_c_h_o _<_n_a_m_e_>_M_B_U_F___C_L_U_S_T_E_R___U_S_E_D___P_E_R_<_/_n_a_m_e_>
_e_c_h_o _<_d_a_t_a_>_$_M_B_U_F___U_S_E_D___P_E_R_<_/_d_a_t_a_>
_e_c_h_o _<_t_y_p_e_>_g_e_n_e_r_i_c___d_a_t_a_<_/_t_y_p_e_>
_e_c_h_o _<_/_m_o_d_u_l_e_>
A more complex example could be:
_#_!_/_b_i_n_/_s_h
_# _P_a_n_d_o_r_a _U_s_e_r_-_D_e_f_i_n_e_d _a_c_q_u_i_s_i_t_i_o_n _s_c_r_i_p_t
_# _T_h_i_s _c_o_d_e _i_s _u_n_d_e_r _G_P_L _l_i_c_e_n_c_e
_# _P_l_e_a_s_e _r_e_f_e_r _d_o_c_u_m_e_n_t_a_t_i_o_n _f_o_r _m_o_r_e _e_x_a_m_p_l_e _a_n_d _a _m_o_r_e
_# _d_e_p_t_h _u_s_a_g_e _i_n_s_t_r_u_c_t_i_o_n_s
_# _C_a_l_c_u_l_a_t_i_n_g _t_h_e _n_u_m_b_e_r _o_f _p_a_c_k_a_g_e_s _g_e_n_e_r_a_t_e_d _b_y _E_T_H_2_,
_# _i_f _n_o_t_h_i_n_g _i_s _g_e_n_e_r_a_t_e_d
_# _w_i_t_h_i_n _2_0 _s_e_c_o_n_d_s _a_n _a_l_e_r_t _i_s _r_o_s_e_n
_# _P_e_r_f_o_r_m _t_h_e _c_a_l_c_u_l_a_t_i_o_n _b_e_t_w_e_e_n _8 _t_o _2_3_h_. _R_e_t_u_r_n _o_k _f_o_r _t_i_m_e_s
_# _o_u_t_s_i_d_e _t_h_i_s _r_a_n_g_e
_e_c_h_o _<_m_o_d_u_l_e_>
_e_c_h_o _<_n_a_m_e_>_P_a_c_k_e_t___G_e_n_e_r_a_t_o_r___C_h_e_c_k_<_/_n_a_m_e_>
_e_c_h_o _<_t_y_p_e_>_g_e_n_e_r_i_c___p_r_o_c_<_/_t_y_p_e_>
_U_N_O_=_i_f_c_o_n_f_i_g _e_t_h_2 _| _g_r_e_p _T_X _p_a_c_k_e_t_s _| _c_u_t _-_f _2 _-_d _: _| _g_r_e_p _-_o _-_e
_[_0_-_9_]_*
_s_l_e_e_p _2_0
_D_O_S_= _i_f_c_o_n_f_i_g _e_t_h_2 _| _g_r_e_p _T_X _p_a_c_k_e_t_s _| _c_u_t _-_f _2 _-_d _: _| _g_r_e_p _-_o _-_e
_[_0_-_9_]_*
_H_O_R_A_=_d_a_t_e _+_%_k
_i_f _[ _$_H_O_R_A _-_l_t _8 _] _&_& _[ _$_H_O_R_A _-_g_t _1_1 _]
_t_h_e_n
_# _T_i_m_e _o_u_t _o_f _r_a_n_g_e_, _n_o _c_h_e_c_k_i_n_g_, _e_v_e_r_y_t_h_i_n_g _O_K
_# _F_u_e_r_a _d_e _h_o_r_a_, _n_o _c_o_m_p_r_u_e_b_o_, _e_s_t_a _O_K
_e_c_h_o _<_d_a_t_a_>_1_<_/_d_a_t_a_>
_e_l_s_e
_i_f _[ _$_U_N_O _=_= _$_D_O_S _]
_t_h_e_n
_e_c_h_o _<_d_a_t_a_>_0_<_/_d_a_t_a_>
_e_l_s_e
_e_c_h_o _<_d_a_t_a_>_1_<_/_d_a_t_a_>
_f_i
_f_i
_e_c_h_o _<_/_m_o_d_u_l_e_>
IImmpplleemmeennttaattiioonn eexxaammpplleess ffoorr UUnniixx AAggeennttss
Example #1: calculate the number of HITS of the main page of an Apache
Web server:
_m_o_d_u_l_e___b_e_g_i_n
_m_o_d_u_l_e___n_a_m_e _W_E_B___H_i_t_s
_m_o_d_u_l_e___t_y_p_e _g_e_n_e_r_i_c___d_a_t_a___i_n_c
_m_o_d_u_l_e___e_x_e_c _c_a_t _/_v_a_r_/_l_o_g_/_a_p_a_c_h_e_/_a_c_c_e_s_s_._l_o_g _| _g_r_e_p _i_n_d_e_x _| _w_c _-_l
_m_o_d_u_l_e___e_n_d
Example: check if the process of the DNS server (named) is active or
fell over:
_m_o_d_u_l_e___b_e_g_i_n
_m_o_d_u_l_e___n_a_m_e _D_N_S___D_a_e_m_o_n
_m_o_d_u_l_e___t_y_p_e _g_e_n_e_r_i_c___p_r_o_c
_m_o_d_u_l_e___e_x_e_c _p_s _-_A_f _| _g_r_e_p _n_a_m_e_d _| _g_r_e_p _-_v _g_r_e_p _| _w_c _-_l
_m_o_d_u_l_e___e_n_d
Complete example of the configuration of an agent for Linux
# General Parameters
# ================== _s_e_r_v_e_r___i_p _1_9_2_._1_6_8_._1_0_0_._4_5
_s_e_r_v_e_r___p_a_t_h _/_o_p_t_/_p_a_n_d_o_r_a_/_d_a_t_a___i_n
_p_a_n_d_o_r_a___p_a_t_h _/_o_p_t_/_p_a_n_d_o_r_a___n_g_/
_t_e_m_p_o_r_a_l _/_o_p_t_/_p_a_n_d_o_r_a___n_g_/_d_a_t_a___o_u_t
_i_n_t_e_r_v_a_l _3_0_0
_h_o_s_t_n_a_m_e _l_i_n_u_x_b_o_x_0_1
_d_e_b_u_g _0
_c_h_e_c_k_s_u_m _1
# Module Definition # ================= _m_o_d_u_l_e___b_e_g_i_n
_m_o_d_u_l_e___n_a_m_e _c_p_u___u_s_e_r
_m_o_d_u_l_e___t_y_p_e _g_e_n_e_r_i_c___d_a_t_a
_m_o_d_u_l_e___e_x_e_c _v_m_s_t_a_t _1 _2 _| _t_a_i_l _-_1 _| _a_w_k _{ _p_r_i_n_t _$_1_4 _}
_m_o_d_u_l_e___e_n_d
_m_o_d_u_l_e___b_e_g_i_n
_m_o_d_u_l_e___n_a_m_e _c_p_u___s_y_s
_m_o_d_u_l_e___t_y_p_e _g_e_n_e_r_i_c___d_a_t_a
_m_o_d_u_l_e___e_x_e_c _v_m_s_t_a_t _1 _2 _| _t_a_i_l _-_1 _| _a_w_k _{ _p_r_i_n_t _$_1_4 _}
_m_o_d_u_l_e___e_n_d
_m_o_d_u_l_e___b_e_g_i_n
_m_o_d_u_l_e___n_a_m_e _d_i_s_k___r_o_o_t___f_r_e_e
_m_o_d_u_l_e___t_y_p_e _g_e_n_e_r_i_c___d_a_t_a
_m_o_d_u_l_e___e_x_e_c _d_f _-_k_h _/ _| _t_a_i_l _-_1 _| _a_w_k _{ _p_r_i_n_t _1_0_0 _- _$_5 _}
_m_o_d_u_l_e___e_n_d
_m_o_d_u_l_e___b_e_g_i_n
_m_o_d_u_l_e___n_a_m_e _d_i_s_k___s_t_o_r_e___f_r_e_e
_m_o_d_u_l_e___t_y_p_e _g_e_n_e_r_i_c___d_a_t_a
_m_o_d_u_l_e___e_x_e_c _d_f _-_k_h _/_s_t_o_r_e _| _t_a_i_l _-_1 _| _a_w_k _{ _p_r_i_n_t _1_0_0 _- _$_5 _}
_m_o_d_u_l_e___e_n_d
_m_o_d_u_l_e___b_e_g_i_n
_m_o_d_u_l_e___n_a_m_e _m_e_m_f_r_e_e
_m_o_d_u_l_e___t_y_p_e _g_e_n_e_r_i_c___d_a_t_a
_m_o_d_u_l_e___e_x_e_c _c_a_t _/_p_r_o_c_/_m_e_m_i_n_f_o _| _g_r_e_p _M_e_m_F_r_e_e _| _c_u_t _-_c _1_0_-_2_3
_m_o_d_u_l_e___e_n_d
_m_o_d_u_l_e___b_e_g_i_n
_m_o_d_u_l_e___n_a_m_e _m_e_m_u_s_e_d
_m_o_d_u_l_e___t_y_p_e _g_e_n_e_r_i_c___d_a_t_a
_m_o_d_u_l_e___e_x_e_c _c_a_t _/_p_r_o_c_/_m_e_m_i_n_f_o _| _g_r_e_p _A_c_t_i_v_e _| _c_u_t _-_c _8_- _| _c_u_t _-_f _1 _-_d _k
_m_o_d_u_l_e___e_n_d
_m_o_d_u_l_e___b_e_g_i_n
_m_o_d_u_l_e___n_a_m_e _p_r_o_c_t_o_t_a_l
_m_o_d_u_l_e___t_y_p_e _g_e_n_e_r_i_c___d_a_t_a
_m_o_d_u_l_e___e_x_e_c _p_s _-_A _| _w_c _-_l
_m_o_d_u_l_e___e_n_d
_m_o_d_u_l_e___b_e_g_i_n
_m_o_d_u_l_e___n_a_m_e _s_s_h_d
_m_o_d_u_l_e___t_y_p_e _g_e_n_e_r_i_c___p_r_o_c
_m_o_d_u_l_e___e_x_e_c _p_s _-_A_f _| _g_r_e_p _s_s_h_d _| _g_r_e_p _-_v _g_r_e_p _| _w_c _-_l
_m_o_d_u_l_e___e_n_d
_m_o_d_u_l_e___b_e_g_i_n
_m_o_d_u_l_e___n_a_m_e _W_E_B___H_i_t_s
_m_o_d_u_l_e___t_y_p_e _g_e_n_e_r_i_c___d_a_t_a___i_n_c _m_o_d_u_l_e___e_x_e_c _c_a_t _/_v_a_r_/_l_o_g_/_a_p_a_c_h_e_/_a_c_c_e_s_s_._l_o_g
_| _g_r_e_p _i_n_d_e_x_._p_h_p _| _w_c _-_l
_m_o_d_u_l_e___e_n_d
_m_o_d_u_l_e___b_e_g_i_n
_m_o_d_u_l_e___n_a_m_e _e_M_a_i_l_s___p_r_o_c
_m_o_d_u_l_e___t_y_p_e _g_e_n_e_r_i_c___d_a_t_a___i_n_c
_m_o_d_u_l_e___e_x_e_c _c_a_t _/_v_a_r_/_l_o_g_/_m_a_i_l_/_m_a_i_l_._l_o_g _| _g_r_e_p _m_e_s_s_a_g_e_-_i_d _| _w_c _-_l
_m_o_d_u_l_e___e_n_d
_m_o_d_u_l_e___b_e_g_i_n
_m_o_d_u_l_e___n_a_m_e _F_T_P___s_e_s_s_i_o_n_s
_m_o_d_u_l_e___t_y_p_e _g_e_n_e_r_i_c___d_a_t_a___i_n_c
_m_o_d_u_l_e___e_x_e_c _c_a_t _/_v_a_r_/_l_o_g_/_s_y_s_l_o_g _| _g_r_e_p _F_T_P _s_e_s_s_i_o_n _o_p_e_n_e_d _| _w_c _-_l
_m_o_d_u_l_e___e_n_d
_m_o_d_u_l_e___b_e_g_i_n
_m_o_d_u_l_e___n_a_m_e _e_M_a_i_l_s___S_P_A_M
_m_o_d_u_l_e___t_y_p_e _g_e_n_e_r_i_c___d_a_t_a___i_n_c
_m_o_d_u_l_e___e_x_e_c _c_a_t _/_v_a_r_/_l_o_g_/_m_a_i_l_/_m_a_i_l_._l_o_g _| _g_r_e_p _i_d_e_n_t_i_f_i_e_d _s_p_a_m _| _w_c _-_l
_m_o_d_u_l_e___e_n_d
AAUUTTHHOORR
Pandora Free Monitoring System is made and copyrighted by Sancho Lerena
<sancho.lerena@artica.es> Pandora is a project initiated and mainly
developed by Sancho Lerena, at present other people is working on it:
Raul Mateos, David Villanueva, Esteban Sanchez, Jose Navarro, Jonathan
Barajas and Manuel Arostegui We want to thank many other people who
help us with translation, graphic design, bugs reporting and interest-
ing ideas.
SSEEEE AALLSSOO
ppaannddoorraa
ppaannddoorraa__sseerrvveerr
ppaannddoorraa__aaggeennttss
ppaannddoorraa__ccoonnssoollee
Pandora(Agents)

171
pandora_doc/en/man/pandora_console Normal file
View File

@ -0,0 +1,171 @@
.TH pandora_console
.SH NAME
pandora_console - PandoraFMS web application
.SH AVAILABILITY
Linux, AIX, Solaris
.SH DESCRIPTION
The Web Console is a web application that allows to see graphical reports, state of every agent, also to
access to the information sent by the agent, to see every monitored parameter and to see its evolution
throughout the time, to form the different nodes, groups and users of the system. It is the part that
interacts with the final user, and that will allows you to administer the system.
The Web Console is written in PHP and no plug-in, Flash, Java or ActiveX is needed to access the
console, only a browser that supports HTML and CSS (IE5+ or Mozilla 4+). Pandora Web Console can
run in several servers, the only thing you need is to be allow to access Pandora Database, where Pandora
stores all the information.
.SH SYPNOSIS
.B Pandora Console and Pandora database
.br
.I Pandora database install
Please look at MySQL install and management guide (http://dev.mysql.com/doc) to obtain information
about how to create a MySQL database, how to manage mysql users and give him/her privileges to
read/write in Pandora database. Remember that you must write the password of the root user in MySQL
database to enter mysql command line. This user is not the same of the Operating System. The root
password in MySQL is in blank by default (within almost all distributions), you must changed this
password with the MySQL command mysqladmin. Please be careful with this.
You need a database with name "pandora", you could rename it, but you need to reconfigure in server too.
To create the structure of Pandora database in MySQL Server you have the SQL script "pandoradb.sql".
It creates tables and indexes needed to insert information into Pandora database.
You MUST populate database with SQL script "pandoradb_data.sql",
it inserts data needed to run Web Console and default user (login: admin, pass: pandora) to access Pandora Web Console.
First create a database called "pandora", and set an user to be able to access this database:
.I mysql> create database pandora;
.br
Later, execute the next commands using a user with enough privileges to create tables and indexes for
pandora Database into your MySQL Server:
Designed to be open, modular, multiplattform and easy to customize.
.I cat pandoradb.sql | mysql -D pandora -u root -p
.I cat pandoradb_data.sql | mysql -D pandora -u root -p
You can also use the source command, if you are connected to MySQL, from the MySQL prompt:
.I mysql> use pandora
.br
.I mysql> source path_to_pandora_dbstruct.sql
.br
.I mysql> source path_to_pandora_dbdata.sql
This example is valid using root user in MySQL
Now we will create an user "pandora" and will be given to it privileges from the localhost:
.I mysql> grant all on pandora.* to pandora@localhost identified by pandora;
Keep in mind that users need access from Pandora WEB Console and from Pandora Server, if your
deployment has many subcomponents in different physical machines, you need to setup a MySQL user
with privileges to access from different locations.
If you get the error "Warning: mysql_connect() [function.mysql-connect]: client does not support
authentication protocol requested by server; consider upgrading" when authenticating Web Console, you
have to change the way the password is stored into the database:
.I mysql> set password for pandora@localhost = old_password(pandora);
Please note this user will be used by several pandora subcomponents (Pandora Server, Pandora Web
Console) to access database.
.B Pandora console install
Prior to install Pandora console, you need the following dependencies and software needed:
.I Web server. Apache2 is recommended
.I PHP 4.3.x, or PHP 5.x. Both has been tested for Pandora 1.2
.I PHP Modules for MySQL, GD, session management and SNMP.
.I JpGraph, it is necesary to generate graphics. It has an open source license, you can download it in
http://www.aditus.nu/jpgraph/
To install Pandora Console, simply untar in your HTTP server publishing directory and set perms to
www-data or http user.
To setup Pandora Console, you only need to modify a file, include/config.php, where the following
variables are included in .php code:
.I $dbname="pandora"; // name of database for pandora)
.br
.I $dbuser="pandora"; // mysql user to access db
.br
.I $dbpassword="pandora"; // Password for mysql user
.br
.I $dbhost="pandora"; // Hostname or IP of mySQL server
If database is define and was correctly installed, you can now access:
.I http://host:port/installdir/index.php
The first time you log there is a default admin user "admin" and password "pandora". Its worth to say
that YOU MUST CHANGE CREDENTIALS BEFORE LOGIN FIRST TIME, change it or create another
account, give it administrator privileges, and disable this one.
If you cannot see the pandora console login page, its possible that you have problems with PHP instalation. When you
installed the Web, please check that PHP engine its running. Fist try to access to the server IP with a
browser. You must see the Welcome Apache page.
Remember that alter installing the PHP and the PHP module for Apache you must stop and start the
Server Apache. As an example, Ubuntu with Apache2:
.I /etc/init.d/apache2 stop
.I /etc/init.d/apache2 start
To verify the PHP and Apache integration you can create the file test.php with the following lines:
.I <?PHP
.br
.I echo "<h1>TEST</h1>";
.br
.I phpinfo();
.br
.I ?>
Now, copy this file in the Apache HTTPDOC directory. This directory depend of the Operating System
or Linux Distribution, for example in Ubuntu this directory is /var/www and in SUSE is
/srv/www/htdocs), RedHat based distributions uses /var/www/html as well.
To check this integration, please use your browser to open the following URL:
.I http://IP/test.php
Where IP is IP Address of your Apache server. If the integration is correct you will see in the browser a
text string with big font: “TEST” and a big table with a lot of info about your PHP installation.
2.3.2.1. Graphic reporting instalation
For correct graphic generation, you need to enter the full path to a TrueType font installed in your
system. By default a free truetype font is distributed with Pandora Console package, and placed in
./reporting/FreeSans.ttf file. Please check that setup directive $config_fontpath is well
configured.
Pandora 1.2 uses JpGraph for viewing graphics. JpGraph is a different project and has no relationship
with Pandora, so you need to install it. You can find at http://www.aditus.nu/jpgraph/.
Download last version (2.x), and place all .php files from src directory into reporting/jpgraph
Pandora Console directory.
.SH AUTHOR
Pandora Free Monitoring System is made and copyrighted by Sancho Lerena <sancho.lerena@artica.es>
Pandora is a project initiated and mainly developed by Sancho Lerena, at present other people is working
on it: Raul Mateos, David Villanueva, Esteban Sanchez, Jose Navarro, Jonathan Barajas and Manuel Arostegui We want to
thank many other people who help us with translation, graphic design, bugs reporting and interesting
ideas.
.br
.SH SEE ALSO
.B pandora
.br
.B pandora_server
.br
.B pandora_agents
.br
.B pandora_console

184
pandora_doc/en/man/pandora_console.1 Normal file
View File

@ -0,0 +1,184 @@
pandora_console() pandora_console()
NNAAMMEE
pandora_console - PandoraFMS web application
AAVVAAIILLAABBIILLIITTYY
Linux, AIX, Solaris
DDEESSCCRRIIPPTTIIOONN
The Web Console is a web application that allows to see graphical
reports, state of every agent, also to access to the information sent
by the agent, to see every monitored parameter and to see its evolution
throughout the time, to form the different nodes, groups and users of
the system. It is the part that interacts with the final user, and that
will allows you to administer the system.
The Web Console is written in PHP and no plug-in, Flash, Java or
ActiveX is needed to access the console, only a browser that supports
HTML and CSS (IE5+ or Mozilla 4+). Pandora Web Console can run in sev-
eral servers, the only thing you need is to be allow to access Pandora
Database, where Pandora stores all the information.
SSYYPPNNOOSSIISS
PPaannddoorraa CCoonnssoollee aanndd PPaannddoorraa ddaattaabbaassee
_P_a_n_d_o_r_a _d_a_t_a_b_a_s_e _i_n_s_t_a_l_l
Please look at MySQL install and management guide
(http://dev.mysql.com/doc) to obtain information about how to create a
MySQL database, how to manage mysql users and give him/her privileges
to read/write in Pandora database. Remember that you must write the
password of the root user in MySQL database to enter mysql command
line. This user is not the same of the Operating System. The root pass-
word in MySQL is in blank by default (within almost all distributions),
you must changed this password with the MySQL command mysqladmin.
Please be careful with this. You need a database with name "pandora",
you could rename it, but you need to reconfigure in server too. To
create the structure of Pandora database in MySQL Server you have the
SQL script "pandoradb.sql". It creates tables and indexes needed to
insert information into Pandora database. You MUST populate database
with SQL script "pandoradb_data.sql", it inserts data needed to run Web
Console and default user (login: admin, pass: pandora) to access Pan-
dora Web Console. First create a database called "pandora", and set an
user to be able to access this database: _m_y_s_q_l_> _c_r_e_a_t_e _d_a_t_a_b_a_s_e _p_a_n_-
_d_o_r_a_;
Later, execute the next commands using a user with enough privileges to
create tables and indexes for pandora Database into your MySQL Server:
Designed to be open, modular, multiplattform and easy to customize.
_c_a_t _p_a_n_d_o_r_a_d_b_._s_q_l _| _m_y_s_q_l _-_D _p_a_n_d_o_r_a _-_u _r_o_o_t _-_p
_c_a_t _p_a_n_d_o_r_a_d_b___d_a_t_a_._s_q_l _| _m_y_s_q_l _-_D _p_a_n_d_o_r_a _-_u _r_o_o_t _-_p
You can also use the source command, if you are connected to MySQL,
from the MySQL prompt:
_m_y_s_q_l_> _u_s_e _p_a_n_d_o_r_a
_m_y_s_q_l_> _s_o_u_r_c_e _p_a_t_h___t_o___p_a_n_d_o_r_a___d_b_s_t_r_u_c_t_._s_q_l
_m_y_s_q_l_> _s_o_u_r_c_e _p_a_t_h___t_o___p_a_n_d_o_r_a___d_b_d_a_t_a_._s_q_l
This example is valid using root user in MySQL Now we will create an
user "pandora" and will be given to it privileges from the localhost:
_m_y_s_q_l_> _g_r_a_n_t _a_l_l _o_n _p_a_n_d_o_r_a_._* _t_o _p_a_n_d_o_r_a_@_l_o_c_a_l_h_o_s_t _i_d_e_n_t_i_f_i_e_d
_b_y _p_a_n_d_o_r_a_;
Keep in mind that users need access from Pandora WEB Console and from
Pandora Server, if your deployment has many subcomponents in different
physical machines, you need to setup a MySQL user with privileges to
access from different locations.
If you get the error "Warning: mysql_connect() [function.mysql-con-
nect]: client does not support authentication protocol requested by
server; consider upgrading" when authenticating Web Console, you have
to change the way the password is stored into the database:
_m_y_s_q_l_> _s_e_t _p_a_s_s_w_o_r_d _f_o_r _p_a_n_d_o_r_a _@ _l_o_c_a_l_h_o_s_t _= _o_l_d___p_a_s_s_w_o_r_d_(
_p_a_n_d_o_r_a_)_;
Please note this user will be used by several pandora subcomponents
(Pandora Server, Pandora Web Console) to access database.
PPaannddoorraa ccoonnssoollee iinnssttaallll
Prior to install Pandora console, you need the following dependencies
and software needed:
_W_e_b _s_e_r_v_e_r_. _A_p_a_c_h_e_2 _i_s _r_e_c_o_m_m_e_n_d_e_d
_P_H_P _4_._3_._x_, _o_r _P_H_P _5_._x_. _B_o_t_h _h_a_s _b_e_e_n _t_e_s_t_e_d _f_o_r _P_a_n_d_o_r_a _1_._2
_P_H_P _M_o_d_u_l_e_s _f_o_r _M_y_S_Q_L_, _G_D_, _s_e_s_s_i_o_n _m_a_n_a_g_e_m_e_n_t _a_n_d _S_N_M_P_.
_J_p_G_r_a_p_h_, _i_t _i_s _n_e_c_e_s_a_r_y _t_o _g_e_n_e_r_a_t_e _g_r_a_p_h_i_c_s_. _I_t _h_a_s _a_n _o_p_e_n _s_o_u_r_c_e
_l_i_c_e_n_s_e_, _y_o_u _c_a_n _d_o_w_n_l_o_a_d _i_t _i_n http://www.aditus.nu/jpgraph/
To install Pandora Console, simply untar in your HTTP server publishing
directory and set perms to www-data or http user.
To setup Pandora Console, you only need to modify a file, include/con-
fig.php, where the following variables are included in .php code:
_$_d_b_n_a_m_e_=_"_p_a_n_d_o_r_a_"_; _/_/ _n_a_m_e _o_f _d_a_t_a_b_a_s_e _f_o_r _p_a_n_d_o_r_a_)
_$_d_b_u_s_e_r_=_"_p_a_n_d_o_r_a_"_; _/_/ _m_y_s_q_l _u_s_e_r _t_o _a_c_c_e_s_s _d_b
_$_d_b_p_a_s_s_w_o_r_d_=_"_p_a_n_d_o_r_a_"_; _/_/ _P_a_s_s_w_o_r_d _f_o_r _m_y_s_q_l _u_s_e_r
_$_d_b_h_o_s_t_=_"_p_a_n_d_o_r_a_"_; _/_/ _H_o_s_t_n_a_m_e _o_r _I_P _o_f _m_y_S_Q_L _s_e_r_v_e_r
If database is define and was correctly installed, you can now access:
_h_t_t_p_:_/_/_h_o_s_t_:_p_o_r_t_/_i_n_s_t_a_l_l_d_i_r_/_i_n_d_e_x_._p_h_p
The first time you log there is a default admin user "admin" and pass-
word "pandora". Its worth to say that YOU MUST CHANGE CREDENTIALS
BEFORE LOGIN FIRST TIME, change it or create another account, give it
administrator privileges, and disable this one.
If you cannot see the pandora console login page, its possible that
you have problems with PHP instalation. When you installed the Web,
please check that PHP engine its running. Fist try to access to the
server IP with a browser. You must see the Welcome Apache page.
Remember that alter installing the PHP and the PHP module for Apache
you must stop and start the Server Apache. As an example, Ubuntu with
Apache2:
_/_e_t_c_/_i_n_i_t_._d_/_a_p_a_c_h_e_2 _s_t_o_p
_/_e_t_c_/_i_n_i_t_._d_/_a_p_a_c_h_e_2 _s_t_a_r_t To verify the PHP and Apache integration you
can create the file test.php with the following lines:
_<_?_P_H_P
_e_c_h_o _<_h_1_>_T_E_S_T_<_/_h_1_> _;
_p_h_p_i_n_f_o_(_)_;
_?_>
Now, copy this file in the Apache HTTPDOC directory. This directory
depend of the Operating System or Linux Distribution, for example in
Ubuntu this directory is /var/www and in SUSE is /srv/www/htdocs), Red-
Hat based distributions uses /var/www/html as well.
To check this integration, please use your browser to open the follow-
ing URL: _h_t_t_p_:_/_/_I_P_/_t_e_s_t_._p_h_p
Where IP is IP Address of your Apache server. If the integration is
correct you will see in the browser a text string with big font: “TEST
” and a big table with a lot of info about your PHP installation.
2.3.2.1. Graphic reporting instalation
For correct graphic generation, you need to enter the full path to a
TrueType font installed in your system. By default a free truetype font
is distributed with Pandora Console package, and placed in configured.
Pandora 1.2 uses JpGraph for viewing graphics. JpGraph is a different
project and has no relationship with Pandora, so you need to install
it. You can find at http://www.aditus.nu/jpgraph/. Download last ver-
sion (2.x), and place all .php files from src directory into report-
ing/jpgraph Pandora Console directory.
AAUUTTHHOORR
Pandora Free Monitoring System is made and copyrighted by Sancho Lerena
<sancho.lerena@artica.es> Pandora is a project initiated and mainly
developed by Sancho Lerena, at present other people is working on it:
Raul Mateos, David Villanueva, Esteban Sanchez, Jose Navarro, Jonathan
Barajas and Manuel Arostegui We want to thank many other people who
help us with translation, graphic design, bugs reporting and interest-
ing ideas.
SSEEEE AALLSSOO
ppaannddoorraa
ppaannddoorraa__sseerrvveerr
ppaannddoorraa__aaggeennttss
ppaannddoorraa__ccoonnssoollee
pandora_console()

154
pandora_doc/en/man/pandora_server Normal file
View File

@ -0,0 +1,154 @@
.TH Pandora Server
.SH NAME
pandora_server - PandoraFMS Server
.SH AVAILABILITY
Linux, AIX, Solaris.
.SH DESCRIPTION
Pandora FMS 1.2 has three kind of servers: Data server, Network Server and SNMP Server/Trap console.
All of them could be installed in the same machine or in different machines, also, you could setup many
of them in a High Availability environment or using it to manage highs loads of data.
.SH SYPNOSIS
.B Pandora Data Server
To build Pandora Data Server you need to have the following perl modules and software installed in your
machine. This packages could be installed using your distribution packaging system or using CPAN.
• XML::Simple, useful XML functions
.br
• Digest::MD5, MD5 generation
.br
• Time::Local, Date and Time basic manipulation
.br
• DBI, DB interface with MySQL
.br
• Date::Manip, needed to manipulate Date and Time formats of input, output and compare
You can find them at http://www.cpan.org or install using your default package instalation system. These
packages are in the default distribution of Suse 9.1 and Debian 3.0 GNU/Linux. Also available for
Solaris in CPAN repository. Next, you need to set the TZ (Time Zone) environment variable.
.B Pandora Network Server
Requires SSH Server and Perl v5.8 or higher and the next Perl Modules:
• IO::Socket, manage and manipulation of TCP/UDP sockets
.br
• Time::HiRes, needed for ICMP times
.br
• Time::Local, Date and Time basic manipulation
.br
• SNMP, for SNMP management
.br
• Date::Manip, needed to manipulate Date and Time formats of input, output and compare
.br
• Net::Ping, to calculate latency times (its required that the server runs as root user).
To use SNMP fuctions its needed also to have installed the net-snmp package. Its worth to say that to run modules of GENERIC_ICMP_DATA type (calculate ICMP latency time) Pandora Network Server must run with root privileges.
.B Pandora SNMP Server
You need to install the NET-SNMP package which is included in all GNU/Linux distributions. You have to use the snmptrapd binary and copy or link it to $HOME_PANDORA/util, where $HOME_PANDORA is the instalation directory of Pandora.
This binary gets the SNMP traps, generating a log that is parsed by the Pandora Server.
.B Installing Pandora Server
Create the /opt/pandora directory and "gunzip" and "untar" here the pandora_server_1.2.tar.gz file.
Create an user pandora in OS. Usually you do that in GNU/Linux with commands:
.I useraddd pandora -d /home/pandora
.br
.I mkdir /home/pandora
.br
.I chown pandora /home/pandora
This user will be used by the SSH transfers to the server, so this user will need a strong password.
In the file /home/pandora/.ssh/authorized_keys we will add the public key of each agent which send data to Pandora Server. These keys must be SSH v2, OpenSSH DiffieHellman (DF) or RSA. To convert between keys you can use the ssh-keygen tool. Pandora Server will check and parse XML fifiles sent by Pandora Agents and will insert the datainto the Database.
Check launch scripts (pandora_network, pandora_server, pandora_snmp) and check for pathnames in the
first two variables in script. roa Server. This usually is /opt/pandora_server
.B Configuring your new Pandora Server setup
After install Pandora Server in, you will need to edit the fifile pandora_server.conf, where are defined
the variables of the server configuration. File pandora_server.conf is a text fifile, you could edit with
your prefer text editor, like emacs. This configuration fifile is common to all kinds of Pandora Server (Data
server, SNMP Server, Network server), you also could have different copies of configuration file for each
Pandora Server you have.
Edit configuration fifile of Pandora Server, usually /opt/pandora/conf/pandora_server.conf and
take a look at the lines:
.I dbuser pandora
.br
.I dbpass pandora
.br
.I dbhost localhost
Please change them to your own data. For security reasons isnt recommended use the default values.
These are default values, and all must be existing directory and filename and valid username, password
and hostname.
Remember: you need to create the directory /opt/pandora/data_in where Pandora Server will read and
write data, sent by remote agents using ssh/scp. This directory must be owned or with permissions to
write for user "pandora". If you dont have a "pandora" user yet, create it.
You can run Pandora Server with an user without privilegues, you can use the user "pandora", it only
needs to run /usr/bin/perl and access to /opt/pandora and /opt/pandora/data_in directories.
This is true with all the components but with Pandora SNMP Console needs root user to open UDP port
161 (this can be solved setting SUID0 to the snmptrapd binary) and running the rest of the Server using
an user without privileges.
Also Pandora Network Server can be run using an user without privileges, but the
GENERIC_ICMP_DATA type wont work, as root privileges are required to get ICMP latency times.
Check the MySQL connection with the user and password before running the server
Pandora Server distribution tarball includes a Posix/System V start/stop script for "daemonize" Pandora
Server. It is possible that you need to customize, but its runs smoothly on GNU/Linux (debian, Suse) and
Solaris 8 systems. It has start|stop|restart parameters to include it in your default init level directory and it
creates a logfifile defined in $log_fifile variable (by default is /opt/pandora/pandora.log):
.I /etc/init.d/pandora_server start
.B Setting up SSH configuration
Pandora, uses SSH protocol to copy XML data packets, generated by the agents, to the server. You need to generate a SSH2 key in every agent, and copy the public key in
/home/pandora/.ssh/authorized_keys, so you need to create a user called "pandora" without
privileges. This user will be used by agents to copy data into Pandora Data Server
/opt/pandora/data_in directory.
Please BE SURE that user "pandora" exists (if not, create with useradd), and
/home/pandora/.ssh/authorized_keys exists and ownership of this file and directory is for
pandora user, and permissions set to 600.
Please be sure that directory /opt/pandora/data_in exists and pandora user is able to write in.
.SH AUTHOR
Pandora Free Monitoring System is made and copyrighted by Sancho Lerena <sancho.lerena@artica.es>
Pandora is a project initiated and mainly developed by Sancho Lerena, at present other people is working
on it: Raul Mateos, David Villanueva, Esteban Sanchez, Jose Navarro, Jonathan Barajas and Manuel Arostegui We want to
thank many other people who help us with translation, graphic design, bugs reporting and interesting
ideas.
.br
.SH SEE ALSO
.B pandora
.br
.B pandora_server
.br
.B pandora_agents
.br
.B pandora_console

181
pandora_doc/en/man/pandora_server.1 Normal file
View File

@ -0,0 +1,181 @@
Pandora(Server) Pandora(Server)
NNAAMMEE
pandora_server - PandoraFMS Server
AAVVAAIILLAABBIILLIITTYY
Linux, AIX, Solaris.
DDEESSCCRRIIPPTTIIOONN
Pandora FMS 1.2 has three kind of servers: Data server, Network Server
and SNMP Server/Trap console. All of them could be installed in the
same machine or in different machines, also, you could setup many of
them in a High Availability environment or using it to manage highs
loads of data.
SSYYPPNNOOSSIISS
PPaannddoorraa DDaattaa SSeerrvveerr
To build Pandora Data Server you need to have the following perl mod-
ules and software installed in your machine. This packages could be
installed using your distribution packaging system or using CPAN.
• XML::Simple, useful XML functions
• Digest::MD5, MD5 generation
• Time::Local, Date and Time basic manipulation
• DBI, DB interface with MySQL
• Date::Manip, needed to manipulate Date and Time formats of input,
output and compare
You can find them at http://www.cpan.org or install using your default
package instalation system. These packages are in the default distribu-
tion of Suse 9.1 and Debian 3.0 GNU/Linux. Also available for Solaris
in CPAN repository. Next, you need to set the TZ (Time Zone) environ-
ment variable.
PPaannddoorraa NNeettwwoorrkk SSeerrvveerr
Requires SSH Server and Perl v5.8 or higher and the next Perl Modules:
• IO::Socket, manage and manipulation of TCP/UDP sockets
• Time::HiRes, needed for ICMP times
• Time::Local, Date and Time basic manipulation
• SNMP, for SNMP management
• Date::Manip, needed to manipulate Date and Time formats of input,
output and compare
• Net::Ping, to calculate latency times (its required that the
server runs as root user).
To use SNMP fuctions its needed also to have installed the net-snmp
package. It s worth to say that to run modules of GENERIC_ICMP_DATA
type (calculate ICMP latency time) Pandora Network Server must run with
root privileges.
PPaannddoorraa SSNNMMPP SSeerrvveerr
You need to install the NET-SNMP package which is included in all
GNU/Linux distributions. You have to use the snmptrapd binary and copy
or link it to $HOME_PANDORA/util, where $HOME_PANDORA is the instala-
tion directory of Pandora.
This binary gets the SNMP traps, generating a log that is parsed by the
Pandora Server.
IInnssttaalllliinngg PPaannddoorraa SSeerrvveerr
Create the /opt/pandora directory and "gunzip" and "untar" here the
pandora_server_1.2.tar.gz file.
Create an user pandora in OS. Usually you do that in GNU/Linux with
commands:
_u_s_e_r_a_d_d_d _p_a_n_d_o_r_a _-_d _/_h_o_m_e_/_p_a_n_d_o_r_a
_m_k_d_i_r _/_h_o_m_e_/_p_a_n_d_o_r_a
_c_h_o_w_n _p_a_n_d_o_r_a _/_h_o_m_e_/_p_a_n_d_o_r_a
This user will be used by the SSH transfers to the server, so this user
will need a strong password.
In the file /home/pandora/.ssh/authorized_keys we will add the public
key of each agent which send data to Pandora Server. These keys must be
SSH v2, OpenSSH DiffieHellman (DF) or RSA. To convert between keys you
can use the ssh-keygen tool. Pandora Server will check and parse XML
fifiles sent by Pandora Agents and will insert the datainto the
Database.
Check launch scripts (pandora_network, pandora_server, pandora_snmp)
and check for pathnames in the first two variables in script. roa
Server. This usually is /opt/pandora_server
CCoonnffiigguurriinngg yyoouurr nneeww PPaannddoorraa SSeerrvveerr sseettuupp
After install Pandora Server in, you will need to edit the fifile pan-
dora_server.conf, where are defined the variables of the server config-
uration. File pandora_server.conf is a text fifile, you could edit with
your prefer text editor, like emacs. This configuration fifile is com-
mon to all kinds of Pandora Server (Data server, SNMP Server, Network
server), you also could have different copies of configuration file for
each Pandora Server you have. Edit configuration fifile of Pandora
Server, usually /opt/pandora/conf/pandora_server.conf and take a look
at the lines:
_d_b_u_s_e_r _p_a_n_d_o_r_a
_d_b_p_a_s_s _p_a_n_d_o_r_a
_d_b_h_o_s_t _l_o_c_a_l_h_o_s_t
Please change them to your own data. For security reasons isnt recom-
mended use the default values. These are default values, and all must
be existing directory and filename and valid username, password and
hostname.
Remember: you need to create the directory /opt/pandora/data_in where
Pandora Server will read and write data, sent by remote agents using
ssh/scp. This directory must be owned or with permissions to write for
user "pandora". If you dont have a "pandora" user yet, create it.
You can run Pandora Server with an user without privilegues, you can
use the user "pandora", it only needs to run /usr/bin/perl and access
to /opt/pandora and /opt/pandora/data_in directories.
This is true with all the components but with Pandora SNMP Console
needs root user to open UDP port 161 (this can be solved setting SUID0
to the snmptrapd binary) and running the rest of the Server using an
user without privileges.
Also Pandora Network Server can be run using an user without privi-
leges, but the GENERIC_ICMP_DATA type wont work, as root privileges
are required to get ICMP latency times. Check the MySQL connection
with the user and password before running the server
Pandora Server distribution tarball includes a Posix/System V
start/stop script for "daemonize" Pandora Server. It is possible that
you need to customize, but its runs smoothly on GNU/Linux (debian,
Suse) and Solaris 8 systems. It has start|stop|restart parameters to
include it in your default init level directory and it creates a log
fifile defined in $log_fifile variable (by default is /opt/pandora/pan-
dora.log): _/_e_t_c_/_i_n_i_t_._d_/_p_a_n_d_o_r_a___s_e_r_v_e_r _s_t_a_r_t
SSeettttiinngg uupp SSSSHH ccoonnfigguurraattiioonn
Pandora, uses SSH protocol to copy XML data packets, generated by the
agents, to the server. You need to generate a SSH2 key in every agent,
and copy the public key in /home/pandora/.ssh/authorized_keys, so you
need to create a user called "pandora" without privileges. This user
will be used by agents to copy data into Pandora Data Server /opt/pan-
dora/data_in directory.
Please BE SURE that user "pandora" exists (if not, create with user-
add), and /home/pandora/.ssh/authorized_keys exists and ownership of
this file and directory is for pandora user, and permissions set to
600.
Please be sure that directory /opt/pandora/data_in exists and pandora
user is able to write in.
AAUUTTHHOORR
Pandora Free Monitoring System is made and copyrighted by Sancho Lerena
<sancho.lerena@artica.es> Pandora is a project initiated and mainly
developed by Sancho Lerena, at present other people is working on it:
Raul Mateos, David Villanueva, Esteban Sanchez, Jose Navarro, Jonathan
Barajas and Manuel Arostegui We want to thank many other people who
help us with translation, graphic design, bugs reporting and interest-
ing ideas.
SSEEEE AALLSSOO
ppaannddoorraa
ppaannddoorraa__sseerrvveerr
ppaannddoorraa__aaggeennttss
ppaannddoorraa__ccoonnssoollee
Pandora(Server)

2
pandora_doc/en/pandora_advanced.xml
View File

@ -44,7 +44,7 @@
<listitem>
<para>
<emphasis>Multiple Pandora Network Servers for HA
</emphasis>. This is more easy. You need to setup multiple
</emphasis>. This is easier. You need to setup multiple
network servers in several machines across your network (or
all of them in the same segment), and assign modules to the
same server. If this servers fails, and there are other

12
pandora_doc/en/pandora_install.xml
View File

@ -224,7 +224,7 @@
generated by the agents, to the server. You need to generate a
SSH2 key in every agent, and copy the public key in
<filename>/home/pandora/.ssh/authorized_keys</filename>, so you
need to create a user called "pandora" withour privileges. This
need to create a user called "pandora" without privileges. This
user will be used by agents to copy data into Pandora Data Server
<filename>/opt/pandora/data_in</filename> directory.
</para>
@ -381,7 +381,7 @@
If database is defined and was correctly installed, you can
now access:
<programlisting>
http://hoste:port/installdir/index.php
http://host:port/installdir/index.php
</programlisting>
The first time you log there is a default admin user "admin"
and password "pandora". It's worth to say that <emphasis>YOU
@ -418,7 +418,8 @@
directory depend of the Operating System or Linux
Distribution, for example in Ubuntu this directory is
<filename>/var/www</filename> and in SUSE is
<filename>/srv/www/htdocs</filename>).
<filename>/srv/www/htdocs</filename>). RedHat based
distributions uses <filename>/var/www/html</filename> as well
</para>
<para>
To check this integration, please use your browser to open the
@ -669,7 +670,7 @@
<para>
Name of the module. This is the id for this module, choose a
name without blank spaces and not very long. There is no
practical limitation (max of 250 chars) but will be more easy to
practical limitation (max of 250 chars) but will be more easier to
manage if you use short names. This name CANNOT be duplicated
with a similar name in the same agent. This name could be
duplicated with other modules in other agents.
@ -1216,7 +1217,8 @@
module_name sshd
module_type generic_proc
module_exec ps -Af | grep sshd | grep -v "grep" | wc -l
module_end
module_begin
module_name WEB_Hits
module_type generic_data_inc

8
pandora_doc/en/pandora_introduction.xml
View File

@ -428,9 +428,9 @@
constructed. For instance, If we have a sample of 9.000 elements,
distributed during 90 days, Pandora will take the data of
last month, which would be 3.000 elements and will compress it in 300.
In the graphs they will practically be equal, and it will be usfel for the reports, statistics
In the graphs they will practically be equal, and it will be useful for the reports, statistics
and other tasks. This is made thanks to a interpolation in temporary
strips, in a totally automatic and periodic way, there is not user
strips, in a totally automatic and periodic way, there is no user
or the administrator needed to do this.
</para>
</sect3>
@ -495,8 +495,8 @@
<para>
Pandora is a project initiated and mainly developed by Sancho
Lerena, at present other people is working on it: Raul Mateos,
David Villanueva, Esteban Sanchez, Jose Navarro and Jonathan
Barajas. We want to thank many other people who help us
David Villanueva, Esteban Sanchez, Jose Navarro, Jonathan
Barajas and Manuel Arostegui. We want to thank many other people who help us
with translation, graphic design, bugs reporting and interesting
ideas.
</para>