386 lines
9.8 KiB
Plaintext
Executable File
386 lines
9.8 KiB
Plaintext
Executable File
# Base config file for Pandora FMS agents
|
|
# Version 3.0
|
|
# Licensed under GPL license v2,
|
|
# (c) 2003-2009 Artica Soluciones Tecnologicas
|
|
# please visit http://pandora.sourceforge.net
|
|
|
|
# General Parameters
|
|
# ==================
|
|
|
|
server_ip localhost
|
|
server_path /var/spool/pandora/data_in
|
|
temporal /var/spool/pandora/data_out
|
|
logfile /var/log/pandora/pandora_agent.log
|
|
|
|
# Interval in seconds, 300 by default
|
|
interval 300
|
|
|
|
# Debug mode only generate XML, and stop after first execution,
|
|
# and does not copy XML to server.
|
|
debug 0
|
|
|
|
# By default, agent takes machine name
|
|
#agent_name adama
|
|
|
|
# Agent description
|
|
#description Demo agent
|
|
|
|
# Group assigned for this agent (descriptive, p.e: Servers)
|
|
#group Servers
|
|
|
|
# Autotime: Enforce to server to ignore timestamp coming from this
|
|
# agent, used when agents has no timer or it's inestable. 1 to enable
|
|
# this feature
|
|
# autotime 1
|
|
|
|
# By default agent try to take default encoding defined in host.
|
|
# encoding iso-8859-15
|
|
|
|
# Listening TCP port for remote server. By default is 41121 (for tentacle)
|
|
# if you want to use SSH use 22, and FTP uses 21.
|
|
server_port 41121
|
|
|
|
# Transfer mode: tentacle, ftp, ssh or local
|
|
transfer_mode tentacle
|
|
|
|
# Server password (Tentacle or FTP). Leave empty for no password (default).
|
|
# server_pwd mypassword
|
|
|
|
# Set to yes/no to enable/disable OpenSSL support for Tentacle (disabled by default).
|
|
# server_ssl no
|
|
|
|
# Extra options for the Tentacle client (for example, server_opts "-v -r 5").
|
|
# server_opts
|
|
|
|
# delayed_startup defines number of MINUTES before start execution
|
|
# for first time when startup Pandora FMS Agent
|
|
# delayed_startup 10
|
|
|
|
# Pandora nice defines priority of execution. Less priority means more intensive execution
|
|
# A recommended value is 10. 0 priority means no Pandora CPU protection enabled (default)
|
|
# pandora_nice 0
|
|
|
|
# Cron mode replace Pandora FMS own task schedule each XX interval seconds by the use
|
|
# of old style cron. You should add to crontab Pandora FMS agent script to use this mode.
|
|
# This is disabled by default, and is not recommended. Use Pandora FMS internal scheduler
|
|
# is much more safe.
|
|
# cron_mode
|
|
|
|
# If set to 1 allows the agent to be configured via the web console (Only Enterprise version)
|
|
# remote_config 1
|
|
|
|
# Secondary server configuration
|
|
# ==============================
|
|
|
|
# If secondary_mode is set to on_error, data files are copied to the secondary
|
|
# server only if the primary server fails. If set to always, data files are
|
|
# always copied to the secondary server.
|
|
# secondary_mode on_error
|
|
# secondary_server_ip localhost
|
|
# secondary_server_path /var/spool/pandora/data_in
|
|
# secondary_server_port 41121
|
|
# secondary_transfer_mode tentacle
|
|
# secondary_server_pwd mypassword
|
|
# secondary_server_ssl no
|
|
# secondary_server_opts
|
|
|
|
# Module Definition
|
|
# =================
|
|
|
|
# System information
|
|
|
|
module_begin
|
|
module_name CPU (User)
|
|
module_type generic_data
|
|
module_exec iostat -C | tail -1 | awk '{ print $4 }'
|
|
module_max 100
|
|
module_min 0
|
|
module_descripcion User CPU Usage (%)
|
|
module_end
|
|
|
|
module_begin
|
|
module_name CPU (System)
|
|
module_type generic_data
|
|
module_exec iostat -C | tail -1 | awk '{ print $5 }'
|
|
module_max 100
|
|
module_min 0
|
|
module_description System CPU Usage (%)
|
|
module_end
|
|
|
|
module_begin
|
|
module_name Disk Space on / (% Available)
|
|
module_type generic_data
|
|
module_exec df -kh / | tail -1 | awk '{ print 100-$5 }'
|
|
module_max 100
|
|
module_min 0
|
|
module_description Free disk percentage of root partition
|
|
module_end
|
|
|
|
module_begin
|
|
module_name Physical Memory (Total)
|
|
module_type generic_data
|
|
module_exec sysctl -n hw.physmem
|
|
module_description Total Physical Memory
|
|
module_end
|
|
|
|
module_begin
|
|
module_name Physical Memory (Used)
|
|
module_type generic_data
|
|
module_exec sysctl -n hw.usermem
|
|
module_description Used Physical Memory
|
|
module_end
|
|
|
|
module_begin
|
|
module_name Processes Total
|
|
module_type generic_data
|
|
module_exec ps -A | wc -l
|
|
module_description Total Number of Processes
|
|
module_end
|
|
|
|
# Networking
|
|
|
|
module_begin
|
|
module_name Network Packets (Incoming)
|
|
module_type generic_data_inc
|
|
module_exec netstat -as | grep "total packets received" | awk '{ print $1 }' | head -1
|
|
module_description Incoming packets arriving to system
|
|
module_end
|
|
|
|
module_begin
|
|
module_name Network Packets (Outgoing)
|
|
module_type generic_data_inc
|
|
module_exec netstat -as | grep "packets sent from this host" | awk '{ print $1 }' | head -1
|
|
module_description Outbound Packets sent by system
|
|
module_end
|
|
|
|
module_begin
|
|
module_name Network Packets (Connection Reset)
|
|
module_type generic_data_inc
|
|
module_exec netstat -as | grep "bad reset" | awk '{ print $1 }'
|
|
module_description Bad Resets
|
|
module_end
|
|
|
|
module_begin
|
|
module_name Network Adapter bond0 IPv4 Address
|
|
module_type generic_data_string
|
|
module_exec ifconfig bond0 | grep "inet " | awk '{ print $2 }'
|
|
module_description IP Address Interface 1
|
|
module_end
|
|
|
|
module_begin
|
|
module_name Network Adapter en0 Status
|
|
module_type generic_proc
|
|
module_exec ifconfig en0 | grep status | awk '{ if($6=="active") { print 1}; if($6!="active") {print 0}}'
|
|
module_description Ethernet Link 0
|
|
module_end
|
|
|
|
module_begin
|
|
module_name Network Adapter en1 Status
|
|
module_type generic_proc
|
|
module_exec ifconfig en1 | grep status | awk '{ if($6=="active") { print 1}; if($6!="active") {print 0}}'
|
|
module_description Ethernet Link 1
|
|
module_end
|
|
|
|
module_begin
|
|
module_name Network Adapter bond0 Status
|
|
module_type generic_proc
|
|
module_exec ifconfig bond0 | grep status | awk '{ if($6=="active") { print 1}; if($6!="active") {print 0}}'
|
|
module_description Ethernet Bond 0
|
|
module_end
|
|
|
|
|
|
# ========================
|
|
# Services
|
|
# =======================
|
|
|
|
## Uncomment/Comment as you go
|
|
|
|
#module_begin
|
|
#module_name Web (Apache) Status
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "bin\/httpd" | wc -l
|
|
#module_description Webserver
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name AFP
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "sbin\/AppleFileServer" | wc -l
|
|
#module_description Apple File Server
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name Application Server
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "/Library/JBoss/3.2/bin/run.sh" | wc -l
|
|
#module_description Application Server (Tomcat & JBoss)
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name DHCP
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "bootp" | wc -l
|
|
#module_description DHCP & BOOTP server
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name DNS
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "sbin\/named" | wc -l
|
|
#module_description DNS Server
|
|
#module_end
|
|
|
|
# You should have alerts in case the number of rules change
|
|
|
|
#module_begin
|
|
#module_name Firewall Status
|
|
#module_type generic_data
|
|
#module_exec ipfw show | wc -l
|
|
#module_description Firewall (number of rules)
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name FTP
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "LaunchDaemons\/ftp.plist" | wc -l
|
|
#module_description FTP Server
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name iChat
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "jabberd -c \/etc" | wc -l
|
|
#module_description iChat (jabber) Server
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name Mail (SMTP)
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "smtpd -n smtp" | wc -l
|
|
#module_description Mail - SMTP Server (postfix)
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name Mail (IMAP)
|
|
#module_type generic_proc
|
|
#module_exec ps -Au | grep "master" | grep "cyrus" | wc -l
|
|
#module_description Mail - IMAP Server (cyrus)
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name Mail (AV/AS)
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "amavisd (master)" | grep -v "grep" | wc -l
|
|
#module_description Mail - Antivirus/Antispam (amavisd)
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name Mail - ClamAV
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "clamd" | grep -v "grep" | wc -l
|
|
#module_description Mail - Antivirus (clamav)
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name Mail (Mailing Lists)
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "bin\/mailmanctl" | wc -l
|
|
#module_description Mail - Mailing Lists (mailman)
|
|
#module_end
|
|
|
|
|
|
#module_begin
|
|
#module_name NAT
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "sbin\/natd" | wc -l
|
|
#module_description NAT Service
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name NetBoot
|
|
#module_type generic_proc
|
|
#module_exec echo 0
|
|
#module_description NetBoot
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name NFS
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "nfsd-master" | grep -v "grep" | wc -l
|
|
#module_description NFS File Server
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name Open Directory
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "bin\/krb5kdc" | wc -l
|
|
#module_description Open Directory
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name Print
|
|
#module_type generic_proc
|
|
#module_exec echo 0
|
|
#module_description Print Service
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name QuickTime Streaming
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "sbin\/QuickTimeStreamingServer" | wc -l
|
|
#module_description QT Streaming Service
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name Software Update
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "etc\/swupd" | wc -l
|
|
#module_description Software Update
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name VPN
|
|
#module_type generic_proc
|
|
#module_exec echo 0
|
|
#module_description VPN
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name WebObjects
|
|
#module_type generic_proc
|
|
#module_exec echo 0
|
|
#module_description WebObjects
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name Windows (SMB daemon)
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "sbin\/smbd" | wc -l
|
|
#module_description Windows Services (Samba)
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name Windows (NMB daemon)
|
|
#module_type generic_proc
|
|
#module_exec ps -A | grep "sbin\/nmbd" | wc -l
|
|
#module_description Windows Services (Name Resolution)
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name XGrid
|
|
#module_type generic_proc
|
|
#module_exec echo 0
|
|
#module_description XGrid
|
|
#module_end
|
|
|
|
# Plugin example
|
|
|
|
# This parses /var/log/syslog file, under the module name "syslog"
|
|
# And search for "ssh" string into it, sending only that information.
|
|
|
|
module_plugin grep_log /var/log/syslog Syslog ssh
|
|
|
|
# Plugin for inventory on the agent (Only Enterprise)
|
|
|
|
# module_plugin inventory 1 cpu ram video nic hd cdrom software
|