############################################################################# # Pandora FMS Server Parameters # Pandora FMS, the Flexible Monitoring System. # Version 7.0NG.771 # Licensed under GPL license v2, # (c) 2003-2021 Artica Soluciones Tecnologicas # http://www.pandorafms.com # Please change it for your setup needs ############################################################################# # Servername: Name of this server # if not given, it takes hostname. It's preferable to setup one # because machine name could change by some reason. #servername greystone # incomingdir: Defines directory where incoming data packets are stored # You could set directory relative to base path or absolute, starting with / incomingdir /var/spool/pandora/data_in # log_file: Main logfile for pandora_server # You could set file relative to base path or absolute, starting with / log_file /var/log/pandora/pandora_server.log # Log file for Pandora FMS SNMP console. Its generated by NetSNMP Trap daemon # If you change it, please update the file /etc/logrotate.d/pandora_server accordingly. snmp_logfile /var/log/pandora/pandora_snmptrap.log # Error logfile: aux logfile for pandora_server errors (in Daemon mode) # You could set file relative to base path or absolute, starting with / errorlog_file /var/log/pandora/pandora_server.error # daemon: Runs in daemon mode (background) if 1, if 0 runs in foreground # this could be also configured on commandline with -D option # daemon 1 # dbengine: mysql dbengine mysql # Database credentials. A VERY important configuration. # This must be the same credentials used by your Pandora FMS Console # but could be different if your console is not running in the same # host than the server. Check your console setup in /include/config.php # dbname: Database name (pandora by default) dbname pandora # dbuser: Database user name (pandora by default) dbuser pandora # dbpass: Database password dbpass pandora # dbhost: Database hostname or IP address dbhost 127.0.0.1 # dbport: Database port number # Default value depends on the dbengine (mysql: 3306) #dbport 3306 # dbssl: Enable (1) or disable (0) SSL for the database connection. dbssl 0 # dbsslcafile: Path to a file in PEM format that contains a list of trusted SSL certificate authorities. # dbsslcafile # dbsslcapath: Path to a directory that contains trusted SSL certificate authority certificates in PEM format. # dbsslcapath # verbosity: level of detail on errors/messages (0 default, 1 verbose, 2 debug.... 10 noisy) # -v in command line (verbose) or -d (debug). Set this to 10 when try to locate problems and # set to 1 or 3 on production enviroments. verbosity 3 # Master Server priority. The running server with the highest master value will # be the master. Ties are broken at random. If set to 0, this server will # never become master. master 1 # Activate Pandora SNMP console (depending on snmptrapd) snmpconsole 0 # snmpconsole_threads: number of SNMP console threads for processing SNMP traps. snmpconsole_threads 1 # If set to 1, traps from the same source will never be processed in parallel. 0 by default. #snmpconsole_lock 0 # Time between consecutive reads of the SNMP log file in seconds. Defaults to server_threshold. #snmpconsole_threshold 5 # Attempt to translate variable bindings when processing SNMP traps. 1 enabled, 0 disabled. 0 by default. (ENTERPRISE ONLY). translate_variable_bindings 0 # Attempt to translate enterprise strings when processing SNMP traps. 1 enabled, 0 disabled. 1 by default. (ENTERPRISE ONLY). translate_enterprise_strings 0 # snmptrapd will ignore authenticationFailure traps if set to 1. snmp_ignore_authfailure 1 # snmptrapd will read the PDU source address instead of the agent-addr field is set to 1. snmp_pdu_address 0 # Path to the snmp_trapd binary. If set to manual, the server will not attemp to start snmp_trapd. #snmp_trapd manual # SNMP Trap forwarding. Go to https://pandorafms.com/manual/ for more information. #snmp_forward_trap 1 #snmp_forward_ip 192.168.1.145 #snmp_forward_version 1 #snmp_forward_secName #snmp_forward_engineid #snmp_forward_authProtocol #snmp_forward_authPassword #snmp_forward_privProtocol #snmp_forward_privPassword #snmp_forward_secLevel #snmp_forward_community # Activate (1) Pandora Network Server networkserver 1 # Activate (1) Pandora Data Server dataserver 1 # Enable (1) or disable (0) the Data Server smart queue, which gives priority # to new data coming from agents at the expense of buffered XML files. dataserver_smart_queue 1 # Activate (1) Pandora FMS Discovery server discoveryserver 1 # Discovery SAP (PANDORA FMS ENTERPRISE ONLY) # java /usr/bin/java # Discovery SAP utils (PANDORA FMS ENTERPRISE ONLY) # sap_utils /usr/share/pandora_server/util/recon_scripts/SAP # Discovery Microsoft SQL ODBC driver (PANDORA FMS ENTERPRISE ONLY) # mssql_driver ODBC Driver 17 for SQL Server # pluginserver : 1 or 0. Set to 1 to activate plugin server with this setup pluginserver 1 # Pandora FMS Plugin exec tool filepath (by default at /usr/bin) plugin_exec /usr/bin/timeout # predictionserver : 1 or 0. Set to 1 to activate prediction server with this setup # DISABLED BY DEFAULT predictionserver 0 # wmiserver : 1 or 0. Set to 1 to activate WMI server with this setup # DISABLED BY DEFAULT wmiserver 1 # Network timeout (in seconds) for timeout in network connections for Network agents network_timeout 4 # Network timeout (in seconds) for timeout in remote execution commands (PANDORA FMS ENTERPRISE ONLY). rcmd_timeout 10 # Pandora FMS remote execution commands timeout tool filepath (by default at /usr/bin) rcmd_timeout_bin /usr/bin/timeout # Remote execution modules, ssh_launcher extra option (PANDORA FMS ENTERPRISE ONLY). ssh_launcher /usr/share/pandora_server/util/ssh_launcher.sh # Server keepalive (in seconds) server_keepalive 45 # Log server thread status to disk (always set to 0, except when debugging). thread_log 0 # Server Threshold: defines number of seconds of main loop (in sec) server_threshold 5 # Network threads: Do not set too high (~40). Each threads make a network module check. network_threads 4 # icmp_checks x : defines number of pings for each icmp_proc module type. at least one of # that ping should be 1 to report 1. Setting this to 1 will make all icmp montioring faster but # with more probability of failure. icmp_checks 1 # Number of ICMP packets to send per request. icmp_packets 2 # tcp specific options : # tcp_checks: number of tcp retries if first attempt fails. # tcp_timeout: specific timeout for tcp connections tcp_checks 1 tcp_timeout 10 # snmp specific options : # snmp_checks: number of snmp request retries if first attempt fails. # snmp_timeout: specific timeout for snmp request. snmp_checks 1 snmp_timeout 4 # snmp_proc_deadresponse 1 (default): Return DOWN if cannot contact # or receive NULL from a SNMP PROC module. snmp_proc_deadresponse 1 # plugin_threads: Specify number of plugin server threads for processing plugin calls plugin_threads 1 # plugin_timeout: Specify number of seconds calling plugin exec waiting for response # after this time, call is aborted and result is "unknown". plugin_timeout 12 # wmi_timeout : specific timeout for wmi request. wmi_timeout 7 # wmi_threads: Specify number of WMI server threads for processing WMI remote calls wmi_threads 1 # WMI client binary (wmic by default). #wmi_client pandorawmic # recon_threads. Each thread will scan a different scantask. recon_threads 1 # dataserver_threads: Number of threads for data server (XML processing threads) dataserver_threads 1 # mta_address: External Mailer (MTA) IP Address to be used by Pandora FMS internal email capabilities # If not set, the MTA configuration specified in the Pandora FMS Console will be used. #mta_address localhost # mta_port, this is the mail server port (default 25) #mta_port 25 # mta_user MTA User (if needed for auth, FQD or simple user, depending on your server) #mta_user myuser@mydomain.com # mta_pass MTA Pass (if needed for auth) #mta_pass mypassword # mta_auth MTA Auth system (if needed, it supports LOGIN, PLAIN, CRAM-MD5, DIGEST-MD) #mta_auth LOGIN # mta_from Email address that sends the mail, by default is pandora@localhost # probably you need to change it to avoid problems with your antispam #mta_from Pandora FMS # SMTP encryption protocol (none, ssl, starttls) #mta_encryption none # Set 1 if want eMail deliver alert in separate mail (default). # Set 0 if want eMail deliver shared mail by all destination. mail_in_separate 1 # nmap: If provided, is used to detect OS type with recon server using # advanded OS fingerprint technique. Xprobe2 gives more accurate results # Nmap is also used to do TCP port scanning in detected host. nmap /usr/bin/nmap # Default path is /usr/sbin/fping for installation default in distro Centos , if you are installing in other distribution, # you install fping in /usr/bin/fping and change the path in this line. # Path to the fping binary. Used by the Enterprise ICMP Server. fping /usr/sbin/fping # fping /usr/bin/fping # A value that specifies how aggressive nmap should be from 1 to 5. 1 means slower but more reliable, 5 means faster but less reliable. 2 by default. nmap_timing_template 2 # Like nmap_timing_template, but applies to Satellite Server and Recon Server network scans. 3 by default. recon_timing_template 3 # snmpget: Needed to do SNMP checks. By default is on /usr/bin/snmpget snmpget /usr/bin/snmpget # Location of the pandorafsnmp/braa binary needed by the Enterprise SNMP Server v1 and v2c # /usr/bin/pandorafsnmp by default for v1 and v2c (PANDORA FMS ENTERPRISE ONLY). # /usr/bin/braa could be set as optional legacy binary for snmp v1 and v2c (PANDORA FMS ENTERPRISE ONLY). braa /usr/bin/pandorafsnmp # Number of retries before braa hands a module over to the Network Server (PANDORA FMS ENTERPRISE ONLY). braa_retries 3 # Location of the pandorafsnmp binary needed by the Enterprise SNMP Server v3. # /usr/bin/pandorafsnmp by default for snmp version 3 (PANDORA FMS ENTERPRISE ONLY). fsnmp /usr/bin/pandorafsnmp # Default group id for new agents created with Pandora FMS Data Server # If this token is enabled and Agent is setup with a fixed group, server settings will override agent settings # If this token is disabled and group is not provided in the agent, or provided group doesn't exist, agent data # will be dropped. We use the Group ID #10 (Unknown) for a "valid" default value, please change as your own decision. autocreate_group 10 # Works like autocreate_group, except the name of the group is specified (instead of its id). Do not set both. #autocreate_group_name Unknown # If set to 1, new agents will be added to the group specified by autocreate_group (the group specified by the agent will be used as fallback). # If set to 0, new agents will be added to the group specified by the agent (the group specified by autocreate_group will be used as fallback). autocreate_group_force 0 # Set to 1 if want to autocreate agents with Pandora FMS Data Server, # set to 0 to disable (for security purposes, for example). autocreate 1 # max_log_size: Specify max size of Pandora FMS server log file (1MB by default). If # log file grows above this limit, is renamed to "pandora_server.log.0". max_log_size 1048576 # max_log_generation: Specify max generation count (between 1 and 9) of Pandora FMS server log files. max_log_generation 1 # max_queue_files (5000 by default) # When server have more than max_queue_files in incoming directory, skips the read # the directory to avoid filesystem overhead. max_queue_files 5000 # If set to 0, the timestamp attribute in XML data files will be ignored and the system time will be used instead. # use_xml_timestamp 1 # Pandora FMS will autorestart itself each XXX seconds, use this if you experience problems with # shutting down threads, or other stability problems. # auto_restart 86400 # Pandora FMS will restart after restart_delay seconds on critical errors. restart 1 restart_delay 60 # More information about GIS Setup in /usr/share/pandora_server/util/gis.README # Flag to activate GIS (positional information for agents and maps) # by default it is desactivated #activate_gis 0 # Radius of error in meters to consider two gis locations as the same location. #location_error 50 # Recon reverse geolocation file. This is the database with the reverse # geolocation information using MaxMind GPL GeoLiteCity.dat format). # Comment it to disable the IP geolocation on agent creation. #recon_reverse_geolocation_file /usr/local/share/GeoIP/GeoIPCity.dat # Radius (in meters) of the circle in where the agents will be place randomly # when finded by a recon task. Center of the circle is guessed # by geolocating the IP. #recon_location_scatter_radius 1000 # Pandora Server self-monitoring (embedded agent) (by default enabled) self_monitoring 1 # Self monitoring interval (in seconds). self_monitoring_interval 300 # Update parent from the agent xml update_parent 1 # # # This enable realtime reverse geocoding using Google Maps public api. # This requires internet access, and could have performance penalties processing GIS # information due the connetion needed to resolve all GIS input. # NOTE: If you dont pay the service to google, they will ban your IP in a few days. # google_maps_description 1 # This enable realtime reverse geocoding using Openstreet Maps public api. # This requires internet access, and could have performance penalties processing GIS # information due the connetion needed to resolve all GIS input. # You can alter the code to use a local (your own) openstreet maps server. # openstreetmaps_description 1 # Enable (1) or disable (0) Pandora FMS Web Server/Goliat. webserver 1 # Number of threads for the Web Server/Goliat. web_threads 1 # Default timeout (in seconds) for web modules. web_timeout 60 # Uncomment to perform web checks with LWP instead of CURL. #web_engine lwp # Enable (1) or disable (0) Pandora FMS Inventory Server. inventoryserver 1 # Number of threads for the Inventory Server. inventory_threads 1 # Enable (1) or disable (0) Pandora FMS Export Server (PANDORA FMS ENTERPRISE ONLY). exportserver 0 # Number of threads for the Export Server (PANDORA FMS ENTERPRISE ONLY). export_threads 1 # Enable (1) or disable (0) Pandora FMS Event Server (PANDORA FMS ENTERPRISE ONLY). eventserver 0 # Enable (1) or disable (0) Pandora FMS Correlation Server (PANDORA FMS ENTERPRISE ONLY). correlationserver 0 # Time in seconds to re-evaluate correlation alerts pool (PANDORA FMS ENTERPRISE ONLY). correlation_threshold 30 # Correlated alerts, event window in seconds (3600 by default) (PANDORA FMS ENTERPRISE ONLY). event_window 3600 # Correlated Alerts, log window in seconds (3600 by default) (PANDORA FMS ENTERPRISE ONLY). log_window 3600 # Pre-load windows on start with available information. (PANDORA FMS ENTERPRISE ONLY). #preload_windows 0 # Correlated Alerts, group cache ttl (in seconds). Set to 0 to disable. (PANDORA FMS ENTERPRISE ONLY). #event_server_cache_ttl 10 # Log retrieving, items per request. (High values could make elasticsearch crash) #elastic_query_size 10 # If set to 1, an alert will not be fired if the last event it generated is in 'in-process' status. event_inhibit_alerts 0 # Enable (1) or disable (0) Pandora FMS Enterprise ICMP Server (PANDORA FMS ENTERPRISE ONLY). # You need nmap 5.20 or higher in order to use this ! icmpserver 1 # Number of threads for the Enterprise ICMP Server (PANDORA FMS ENTERPRISE ONLY). icmp_threads 4 # Enable (1) or disable (0) Pandora FMS Enterprise SNMP Server (PANDORA FMS ENTERPRISE ONLY). # Check braa tool is running and operative. snmpserver 1 # Number of threads for the Enterprise SNMP Server (PANDORA FMS ENTERPRISE ONLY). snmp_threads 4 # Block size for block producer/consumer servers, that is, the number of modules # per block (15 by default) (PANDORA FMS ENTERPRISE ONLY). block_size 20 # If set to 1, process XML data files in a stack instead of a queue. 0 by default. # WARNING: Incremental modules will not work properly if dataserver_lifo is set to 1!!! dataserver_lifo 0 # If set to 1, the policy manager is enabled and the server is listening the policy queue. # 0 by default (PANDORA FMS ENTERPRISE ONLY) policy_manager 1 # If set to 1, new events validate older event for the same module. This will # affect the performance of the server. This was the "normal behaviour" on previous (4.x) versions. # disable only if you really know what you are doing !!. event_auto_validation 1 # If defined, events generated by Pandora FMS will be written to the specified text file. #event_file /var/log/pandora/pandora_events.txt # Set the maximum number of traps that will be processed from a single source in a # configured time interval. snmp_storm_protection 25 # Time interval for snmp_storm protection (in seconds). snmp_storm_timeout 10 # Silenced time period in seconds, when trap storm is detected snmp_storm_silence_period 300 # Default texts for some events. The macros _module_ and _data_ are supported. #text_going_down_normal Module '_module_' is going to NORMAL (_data_) #text_going_up_critical Module '_module_' is going to CRITICAL (_data_) #text_going_up_warning Module '_module_' is going to WARNING (_data_) #text_going_down_warning Module '_module_' is going to WARNING (_data_) #text_going_unknown Module '_module_' is going to UNKNOWN # Events older that the specified time (in seconds) will be auto-validated. Set to 0 to disable this feature. event_expiry_time 0 # Only events more recent than the specified time window (in seconds) will be auto-validated. This value must # be greater than event_expiry_time. #event_expiry_window 86400 # If set to 1, SNMP modules run by the Network Server will be claimed back by # the SNMP Enterprise Server when pandora_db is run. claim_back_snmp_modules 1 # If set to 1 asynchronous modules that do not receive data for twice their # interval will become normal. Set to 0 to disable. async_recovery 1 # Console API credentials. # Required for some features like the module graphs macros. # console_api_url: Api URL (http://localhost/pandora_console/include/api.php by default) # console_api_url http://localhost/pandora_console/include/api.php # console_api_pass: Api pass # console_api_pass 1234 # Passphrase used to generate the key for password encryption (PANDORA FMS ENTERPRISE ONLY). #encryption_passphrase passphrase # Enable (1) or disable (0) events related to the unknown module status. unknown_events 1 # Time interval (as a multiple of the module interval) before a module becomes unknown. Twice the module's interval by default. #unknown_interval 2 # Number of unknown modules that will be processed per iteration. unknown_block_size 1000 # Maximum executing time of an alert (in seconds) global_alert_timeout 15 # If set to 1 allows PandoraFMS Server to be configured via the web console (PANDORA FMS ENTERPRISE ONLY). remote_config 1 # Remote address to send the configuration file (PANDORA FMS ENTERPRISE ONLY). remote_config_address localhost # Remote port to send the configuration file (PANDORA FMS ENTERPRISE ONLY). #remote_config_port 41121 # Extra options for the Tentacle client to send the configuration file (PANDORA FMS ENTERPRISE ONLY). #remote_config_opts # Module status change events will not be generated and module alerts will not # be executed for the specified number of seconds since the server starts up. warmup_event_interval 0 # Modules will not become unknown (so no unknown events will be generated) and # keepalive modules will not be updated for the specified number of seconds # since the server starts up. warmup_unknown_interval 300 # Directory were additional enc files for the XML parser are located. enc_dir /usr/share/pandora_server/enc/ # The number of times dynamic_min and dynamic_max will be recalculated per dynamic_interval. # Go to https://pandorafms.com/manual/ for more information. dynamic_updates 5 #dynamic_warning #dynamic_constant # Periodically update unknown modules (1), instead of only once (0). Periodic # updates may affect server performance. unknown_updates 0 # Enable (1) or disable (0) the Pandora FMS WUX Server (PANDORA FMS ENTERPRISE ONLY). wuxserver 0 # Host of the Selenium Grid Server. #wux_host localhost # Port of the Selenium Grid Server. #wux_port 4444 # Maximum timeout to connect to a target web site, also for communications with a Selenium Grid server. #wux_webagent_timeout 15 # Force closing previous sessions on remote wux_host, only for Selenium Grid server 3. #clean_wux_sessions 1 # Enable (1) or disable (0) the Pandora FMS Syslog Server (PANDORA FMS ENTERPRISE ONLY) disabled by default. syslogserver 0 # Full path to syslog's output file (PANDORA FMS ENTERPRISE ONLY). syslog_file /var/log/messages # Number of threads for the Syslog Server (PANDORA FMS ENTERPRISE ONLY). syslog_threads 2 # Maximum number of lines queued by the Syslog Server's producer on each run (PANDORA FMS ENTERPRISE ONLY). syslog_max 65535 # Sync Server #syncserver # Port tentacle server #sync_port 41121 # Sync certificate path of the authenticating CA #sync_ca /home/cacert.pem # Sync server certificate path #sync_cert /home/tentaclecert.pem # Sync server certificate private key path #sync_key /home/tentaclekey.pem # Sync number of attempts #sync_retries 3 # Sync timeout #sync_timeout 10 # Address # sync_address # Network manager configuration server (PANDORA FMS ENTERPRISE ONLY). #ncmserver 1 # Threads for NCM server (PANDORA FMS ENTERPRISE ONLY). ncmserver_threads 1 # NCM utility to avoid Net::SSH::Expect issues in multi-threaded environments. ncm_ssh_utility /usr/share/pandora_server/util/ncm_ssh_extension # Pandora FMS Daemon Watchdog execution interval in seconds (PANDORA FMS ENTERPRISE ONLY). ha_interval 30 # HA operation mode. For backward compatibility with pacemaker. Do not change this value (PANDORA FMS ENTERPRISE ONLY). ha_mode pandora # Comma separated list of HA host IPs or FQDNs (PANDORA FMS ENTERPRISE ONLY). #ha_hosts 172.16.0.8,172.168.0.16 # Database username for pandora_ha (PANDORA FMS ENTERPRISE ONLY). #ha_dbuser pandora # Database password for pandora_ha (PANDORA FMS ENTERPRISE ONLY). #ha_dbpass pandora # SSH username for pandora_ha (PANDORA FMS ENTERPRISE ONLY). #ha_sshuser pandora # SSH port for pandora_ha (PANDORA FMS ENTERPRISE ONLY). #ha_sshport 22 # Absolute path to the HA slave resync script (PANDORA FMS ENTERPRISE ONLY). #ha_resync /usr/share/pandora_server/util/pandora_ha_resync_slave.sh # Database username for HA replication (PANDORA FMS ENTERPRISE ONLY). #repl_dbuser pandora # Database password for HA replication (PANDORA FMS ENTERPRISE ONLY). #repl_dbpass pandora # Number of retries for connection attempts to HA databases. #ha_connect_retries 2 # Enable (1) or disable (0) Pandora FMS Alert Server. alertserver 0 # Pandora FMS Alert Server threads. alertserver_threads 4 # Generate an hourly warning event if alert execution is being delayed more than alertserver_warn seconds. alertserver_warn 180 # If set to 1, alerts are queued for the Pandora FMS Alert Server.If alertserver is set to 1, alerts are always queued. alertserver_queue 0 # Pandora FMS HA MySQL cluster splitbrain auto-recovery (PANDORA FMS ENTERPRISE ONLY) # IMPORTANT! Please understand and configure all settings from pandora_console/index.php?sec=gservers&sec2=enterprise/godmode/servers/HA_cluster&tab=setup # before enable this feature. #splitbrain_autofix 0 # Pandora FMS HA MySQL cluster splitbrain auto-recovery settings (PANDORA FMS ENTERPRISE ONLY) # Maximum number of retries #ha_max_splitbrain_retries 2 # Maximum number of retries to verify resync status. #ha_max_resync_wait_retries 3 # Maximum number of seconds waiting while verifying resync status. #ha_resync_sleep 10 # Enable (1) or disable (0) the Tentacle Server watchdog (enabled by default). tentacle_service_watchdog 1 # Enable (1) or disable (0) the parameter of mysql ssl certification (mysql_ssl_verify_server_cert) (enabled by default). verify_mysql_ssl_cert 1 # Enable (1) or disable (0) the Pandora FMS Netflow Server (PANDORA FMS ENTERPRISE ONLY). netflowserver 0 # Number of threads for the Pandora FMS Netflow Server (PANDORA FMS ENTERPRISE ONLY). netflowserver_threads 1