# Base config file for Pandora FMS agents # Version 7.0NG.750, FreeBSD Version # Licensed under GPL license v2, # Copyright (c) 2003-2016 Artica Soluciones Tecnologicas # http://www.pandorafms.com # General Parameters # ================== server_ip localhost server_path /var/spool/pandora/data_in temporal /tmp logfile /var/log/pandora/pandora_agent.log #include /etc/pandora/pandora_agent_alt.conf #broker_agent name_agent # Interval in seconds, 300 by default interval 300 # Debug mode renames XML in the temp folder and continues running debug 0 # Optional. UDP Server to receive orders from outside # By default is disabled, set 1 to enable # Set port (41122 by default) # Set address to restrict who can order a agent restart (0.0.0.0 = anybody) # udp_server 0 udp_server_port 41122 udp_server_auth_address 0.0.0.0 #process_xeyes_start xeyes #process_xeyes_stop killall xeyes # By default, agent takes machine name #agent_name adama # To define agent name by specific command, define 'agent_name_cmd'. # (In the following example, agent name is 'hostname_IP') # If set to __rand__ the agent will generate a random name. #agent_name_cmd LANG=C; /bin/echo -n `hostname`; /bin/echo -n "_"; /bin/echo `/sbin/ifconfig eth0 | /bin/grep 'inet addr' | /usr/bin/awk '{print $2;}' | /usr/bin/cut -d: -f2` agent_name_cmd __rand__ #Parent agent_name #parent_agent_name parent_name # Agent description #description Demo agent # Group assigned for this agent (descriptive, p.e: Servers) group Servers # Group password (if defined). #group_password # address: Enforce to server a ip address to this agent # You can also try to detect the first IP using "auto", for example address auto # or setting a fixed IP address, like for example: #address 192.168.36.73 # Autotime: Enforce to server to ignore timestamp coming from this # agent, used when agents has no timer or it's inestable. 1 to enable # this feature #autotime 1 # Timezone offset: Difference with the server timezone #timezone_offset 0 # Agent position paramters # Those parameters define the geographical position of the agent # gis_exec: Call a script that returns a string with a fixed # format of latitude,longitude,altitude # i.e.: 41.377,-5.105,2.365 #gis_exec /tmp/gis.sh # This sets the GIS coordinates as fixed values: # latitude #latitude 0 # longitude #longitude 0 # altitude #altitude 0 #GPS Position description #position_description Madrid, centro # By default agent try to take default encoding defined in host. #encoding UTF-8 # Listening TCP port for remote server. By default is 41121 (for tentacle) # if you want to use SSH use 22, and FTP uses 21. server_port 41121 # Transfer mode: tentacle, ftp, ssh or local transfer_mode tentacle # Transfer mode user: Owner of files copied on local transfer mode (default apache) #transfer_mode_user apache # timeout in seconds for file transfer programs execution (30 by default) #transfer_timeout 30 # Server password (Tentacle or FTP). Leave empty for no password (default). #server_pwd mypassword # Set to yes/no to enable/disable OpenSSL support for Tentacle (disabled by default). #server_ssl no # Extra options for the Tentacle client (for example: server_opts -v -r 5). #server_opts # delayed_startup defines number of seconds before start execution # for first time when startup Pandora FMS Agent #delayed_startup 10 # Pandora nice defines priority of execution. Less priority means more intensive execution # A recommended value is 10. 0 priority means no Pandora CPU protection enabled (default) #pandora_nice 0 # Cron mode replace Pandora FMS own task schedule each XX interval seconds by the use # of old style cron. You should add to crontab Pandora FMS agent script to use this mode. # This is disabled by default, and is not recommended. Use Pandora FMS internal scheduler # is much more safe. #cron_mode # If set to 1 allows the agent to be configured via the web console (Only Enterprise version) remote_config 0 # Default 0, set to 1 to avoid module executions and report to server # standby 1 # If set to 1 start Drone Agent's Proxy Mode #proxy_mode 1 # Max number of simmultaneus connection for proxy (by default 10) #proxy_max_connection 10 # Proxy timeout (by default 1s) #proxy_timeout 1 # Address the proxy will listen on. #proxy_address 0.0.0.0 # Port the proxy will listen on. #proxy_port 41121 # Number of threads to execute modules in parallel #agent_threads 1 # User the agent will run as #pandora_user pandora # Enable or disable XML buffer. # If you are in a secured environment and want to enable the XML buffer you # should consider changing the temporal directory, since /tmp is world writable. xml_buffer 1 # Minimum available bytes in the temporal directory to enable the XML buffer temporal_min_size 1024 # Secondary groups. You can select several groups separated by comma. # secondary_groups Group1,Group2 #Secondary server configuration #============================== # If secondary_mode is set to on_error, data files are copied to the secondary # server only if the primary server fails. If set to always, data files are # always copied to the secondary server. #secondary_mode on_error #secondary_server_ip localhost #secondary_server_path /var/spool/pandora/data_in #secondary_server_port 41121 #secondary_transfer_mode tentacle #secondary_transfer_timeout 30 #secondary_server_pwd mypassword #secondary_server_ssl no #secondary_server_opts # Module Definition # ================= # System information # vmstat syntax depends on system configuration, please check before use it module_begin module_name cpu_user module_type generic_data module_interval 1 module_exec vmstat -n0 1 2 | tail -1 | awk '{ print $15 }' module_max 100 module_min 0 module_description User CPU Usage (%) module_end module_begin module_name cpu_system module_type generic_data module_interval 1 module_exec vmstat -n0 1 2 | tail -1 | awk '{ print $16 }' module_max 100 module_min 0 module_description System CPU Usage (%) module_end module_begin module_name cpu_idle module_type generic_data module_interval 1 module_exec vmstat -n0 1 2 | tail -1 | awk '{ print $17 }' module_max 100 module_min 0 module_description CPU Idle (%) module_end module_begin module_name Load Average module_type generic_data module_exec uptime | cut -d "," -f 4 | cut -d ":" -f 2 | sed "s/ //g" module_description Average process in CPU (Last minute) module_end module_begin module_name disk_root_free module_type generic_data module_exec df -kh / | tail -1 | awk '{ print 100-$5 }' module_max 100 module_min 0 module_description Free disk Percentage of root partition module_end module_begin module_name memfree module_type generic_data module_exec vmstat -H 1 2 | tail -1 | awk '{print $5}' module_description Unused RAM memory module_end module_begin module_name proctotal module_type generic_data module_exec ps -A | wc -l | sed "s/ //g" module_end # Process information module_begin module_name sshDaemon module_type generic_proc module_exec ps -Af | grep sshd | grep -v "grep" | wc -l | sed "s/ //g" module_end # Async data example module_begin module_name LastLogin module_type async_string module_exec last | head -1 module_end # This plugin detects all disk and report free space (%) module_plugin pandora_df_free # This parses /var/log/auth.log file, under the module name "syslog" # And search for "sshd" string into it, sending only that information. module_plugin grep_log /var/log/auth.log Syslog sshd # Plugin for inventory on the agent (Only Enterprise) # module_plugin inventory 1 cpu ram video nic hd cdrom software init_services filesystem users route # Log collection modules. Only for enterprise version, this will collect log files for forensic analysis. # This is for LOG monitoring, only on enterprise version #module_plugin grep_log_module /var/log/messages Syslog \.\*