# Base config file for Pandora FMS agents
# Version 1.2
# Licensed under GPL license v2,
# (c) 2003-2007 Sancho Lerena and others.
# please visit http://pandora.sourceforge.net

# General Parameters
# ==================

server_ip 	192.168.50.1
server_path 	/opt/pandora_server/data_in
temporal    	/var/spool/pandora/data_out
logfile		/var/log/pandora_agent.log

# Interval in seconds, 300 by default
interval    	300

# Debug mode only generate XML, and stop after first execution, 
# and does not copy XML to server.
debug 		0

# By default is activated
checksum 	0

# By default, agent takes machine name
#agent_name     adama

# By default agent try to take default encoding defined in host.
# encoding 	iso-8859-15

# By default is 22
#server_port	22

# Module Definition
# =================

# System information

# vmstat syntax depends on linux distro and vmstat command version, please check before use it
module_begin 
module_name cpu_user
module_type generic_data
module_interval 1
module_exec vmstat 1 2 | tail -1 | awk '{ print $13 }'
module_max 100
module_min 0
module_descripcion User CPU Usage (%)
module_end

module_begin 
module_name cpu_sys
module_type generic_data
module_exec vmstat 1 2 | tail -1 | awk '{ print $14 }'
module_max 100
module_min 0
module_description System CPU Usage (%)
module_end

module_begin 
module_name disk_root_free
module_type generic_data
module_interval 2
module_exec df -kh / | tail -1 | awk '{ print 100-$5 }'
module_max 100
module_min 0
module_description Free disk Percentage of root partition
module_end

module_begin
module_name memfree
module_type generic_data
module_exec cat /proc/meminfo  | grep MemFree | awk '{ print $2 }'
module_end

module_begin
module_name memused
module_type generic_data
module_exec cat /proc/meminfo | grep "Active"  | awk '{ print $2 }'
module_end

module_begin
module_name proctotal
module_type generic_data
module_exec ps -A | wc -l
module_end

# Process information

module_begin
module_name snort
module_type generic_proc
module_exec ps -Af | grep snort | grep -v "grep" | wc -l
module_end

module_begin
module_name apache
module_type generic_proc
module_exec ps -Af | grep apache | grep -v "grep" | wc -l
module_end

module_begin
module_name sshDaemon
module_type generic_proc
module_exec ps -Af | grep sshd | grep -v "grep" | wc -l
module_end

# Informational stuff

module_begin
module_name last_syslog
module_type generic_data_string
module_exec tail -1 /var/log/syslog
module_description Last line of syslog
module_end

module_begin
module_name last_login
module_type generic_data_string
module_exec last | head -1
module_description Last connected to system
module_end


# Networking 

module_begin
module_name incoming_pkt
module_type generic_data_inc
module_exec netstat -as | grep "incoming packets delivered" | awk '{ print $1 }'
module_description Incoming packets arriving to system
module_end

module_begin
module_name outbound_pkt
module_type generic_data_inc
module_exec netstat -as | grep "requests sent out" | awk '{ print $1 }'
module_description Outbound Packets sent by system
module_end

module_begin
module_name conn_resets
module_type generic_data_inc
module_exec netstat -as | grep "connections reset due to unexpected SYN" | awk '{ print $1 }'
module_description Resets due to unexpected SYN
module_end