# Base config file for Pandora FMS agents # Version 2.0 # Licensed under GPL license v2, # (c) 2003-2008 Artica Soluciones Tecnologicas # (c) 2003-2008 Sancho Lerena # please visit http://pandora.sourceforge.net # General Parameters # ================== server_ip localhost server_path /var/spool/pandora/data_in temporal /var/spool/pandora/data_out logfile /var/log/pandora/pandora_agent.log # Interval in seconds, 300 by default interval 300 # Debug mode only generate XML, and stop after first execution, # and does not copy XML to server. debug 1 # By default, agent takes machine name #agent_name adama # By default agent try to take default encoding defined in host. # encoding iso-8859-15 # Listening TCP port for remote server. By default is 41121 (for tentacle) # if you want to use SSH use 22, and FTP uses 21. server_port 41121 # Transfer mode: tentacle, ftp, ssh or local transfer_mode tentacle # Server password (Tentacle or FTP). Leave empty for no password (default). # server_pwd mypassword # Set to yes/no to enable/disable OpenSSL support for Tentacle (disabled by default). # server_ssl no # Extra options for the Tentacle client (for example, server_opts "-v -r 5"). # server_opts # delayed_startup defines number of MINUTES before start execution # for first time when startup Pandora FMS Agent # delayed_startup 10 # Pandora nice defines priority of execution. Less priority means more intensive execution # A recommended value is 10. 0 priority means no Pandora CPU protection enabled (default) # pandora_nice 0 # Cron mode replace Pandora FMS own task schedule each XX interval seconds by the use # of old style cron. You should add to crontab Pandora FMS agent script to use this mode. # This is disabled by default, and is not recommended. Use Pandora FMS internal scheduler # is much more safe. # cron_mode # If set to 1 allows the agent to be configured via the web console. # remote_config 0 # Module Definition # ================= # System information for clients module_begin module_name CPU (User) module_type generic_data module_interval 1 module_exec iostat -C | tail -1 | awk '{ print $10 }' module_max 100 module_min 0 module_descripcion User CPU Usage (%) module_end module_begin module_name CPU (System) module_type generic_data module_exec iostat -C | tail -1 | awk '{ print $11 }' module_max 100 module_min 0 module_description System CPU Usage (%) module_end module_begin module_name Disk Space on / (Available) module_type generic_data module_exec df -kh / | tail -1 | awk '{ print 100-$5 }' module_max 100 module_min 0 module_description Free disk Percentage of root partition module_end module_begin module_name Physical Memory (Total) module_type generic_data module_exec sysctl -n hw.memsize module_description Used Physical Memory module_end module_begin module_name Physical Memory (Used) module_type generic_data module_exec top -l 1 | grep PhysMem | awk '{gsub("M","",$8)} {print $8}' module_description Used Physical Memory module_end module_begin module_name Processes Total module_type generic_data module_exec ps -A | wc -l module_description Total Number of Processes module_end # Hardware information module_begin module_name CPUs (Number) module_type generic_data module_exec sysctl -n hw.ncpu module_max 8 module_min 1 module_description Number of Processors module_end module_begin module_name Architecture module_type generic_data_string module_exec arch module_description Architecture module_end # Informational stuff module_begin module_name Syslog (Last string) module_type generic_data_string module_exec tail -1 /var/log/system.log module_description Last line of syslog module_end module_begin module_name Login (Last) module_type generic_data_string module_exec last | head -1 module_description Last connected to system module_end # Networking module_begin module_name Network Packets (Incoming) module_type generic_data_inc module_exec netstat -as | grep "total packets received" | awk '{ print $1 }' | head -1 module_description Incoming packets arriving to system module_end module_begin module_name Network Packets (Outgoing) module_type generic_data_inc module_exec netstat -as | grep "packets sent from this host" | awk '{ print $1 }' | head -1 module_description Outbound Packets sent by system module_end module_begin module_name Network Packets (Connection Reset) module_type generic_data_inc module_exec netstat -as | grep "bad reset" | awk '{ print $1 }' module_description Bad Resets module_end module_begin module_name Network Adapter en0 Status module_type generic_proc module_exec ifconfig en0 | grep status | awk '{ if($6=="active") { print 1}; if($6!="active") {print 0}}' module_description Ethernet Link 0 module_end # You should have alerts in case the number of rules change #module_begin #module_name Firewall Status #module_type generic_data #module_exec ipfw show | wc -l #module_description Firewall (number of rules) #module_end ####################################################################### # # # The following is for use if you have services (or a server) running # # This works for most services both in Leopard and Tiger # # # ####################################################################### ## Uncomment/Comment as you go #module_begin #module_name Web (Apache) Status #module_type generic_proc #module_exec ps -A | grep "bin\/httpd" | wc -l #module_description Webserver #module_end #module_begin #module_name AFP #module_type generic_proc #module_exec ps -A | grep "sbin\/AppleFileServer" | wc -l #module_description Apple File Server #module_end #module_begin #module_name Application Server #module_type generic_proc #module_exec ps -A | grep "/Library/JBoss/3.2/bin/run.sh" | wc -l #module_description Application Server (Tomcat & JBoss) #module_end #module_begin #module_name DHCP #module_type generic_proc #module_exec ps -A | grep "bootp" | wc -l #module_description DHCP & BOOTP server #module_end #module_begin #module_name DNS #module_type generic_proc #module_exec ps auxw | grep "sbin\/named" | wc -l #module_description DNS Server #module_end #module_begin #module_name FTP #module_type generic_proc #module_exec ps -A | grep "LaunchDaemons\/ftp.plist" | wc -l #module_description FTP Server #module_end #module_begin #module_name iChat #module_type generic_proc #module_exec ps -A | grep "jabberd -c \/etc" | wc -l #module_description iChat (jabber) Server #module_end #module_begin #module_name Mail (SMTP) #module_type generic_proc #module_exec ps -axu | grep "postfix" | grep -v "grep" | wc -l #module_description Mail - SMTP Server (postfix) #module_end #module_begin #module_name Mail (IMAP) #module_type generic_proc #module_exec ps -axu | grep "master" | grep "cyrus" | grep -v "grep" | wc -l #module_description Mail - IMAP Server (cyrus) #module_end #module_begin #module_name Mail (AV/AS) #module_type generic_proc #module_exec ps -A | grep "amavisd (master)" | grep -v "grep" | wc -l #module_description Mail - Antivirus/Antispam (amavisd) #module_end #module_begin #module_name Mail - ClamAV #module_type generic_proc #module_exec ps -A | grep "clamd" | grep -v "grep" | wc -l #module_description Mail - Antivirus (clamav) #module_end #module_begin #module_name Mail (Mailing Lists) #module_type generic_proc #module_exec ps -A | grep "bin\/mailmanctl" | wc -l #module_description Mail - Mailing Lists (mailman) #module_end #module_begin #module_name NAT #module_type generic_proc #module_exec ps -A | grep "sbin\/natd" | wc -l #module_description NAT Service #module_end #module_begin #module_name NFS #module_type generic_proc #module_exec ps auxw | grep "nfsd-master" | grep -v "grep" | wc -l #module_description NFS File Server #module_end #module_begin #module_name Open Directory #module_type generic_proc #module_exec ps auxw | grep "krb5kdc" | grep -v "grep" | wc -l #module_description Open Directory #module_end #module_begin #module_name Print #module_type generic_proc #module_exec echo 0 #module_description Print Service #module_end #module_begin #module_name QuickTime Streaming #module_type generic_proc #module_exec ps -A | grep "sbin\/QuickTimeStreamingServer" | wc -l #module_description QT Streaming Service #module_end #module_begin #module_name Software Update #module_type generic_proc #module_exec if [ `ps -A | grep "etc\/swupd" | wc -l` -gt "1" ]; then echo 1; else echo 0; fi #module_description Software Update #module_end #module_begin #module_name VPN #module_type generic_proc #module_exec echo 0 #module_description VPN #module_end #module_begin #module_name WebObjects #module_type generic_proc #module_exec echo 0 #module_description WebObjects #module_end #module_begin #module_name Windows (SMB daemon) #module_type generic_proc #module_exec ps -A | grep "sbin\/smbd" | wc -l #module_description Windows Services (Samba) #module_end #module_begin #module_name Windows (NMB daemon) #module_type generic_proc #module_exec ps -A | grep "sbin\/nmbd" | wc -l #module_description Windows Services (Name Resolution) #module_end #module_begin #module_name XGrid #module_type generic_proc #module_exec echo 0 #module_description XGrid #module_end # Plugin example (new in Pandora 2.0) module_plugin grep_log /var/log/syslog Syslog ssh