271 lines
7.3 KiB
Plaintext
271 lines
7.3 KiB
Plaintext
# Base config file for Pandora FMS Windows Agent
|
|
# (c) 2006-2008 Artica Soluciones Tecnologicas
|
|
# Version 2.0
|
|
|
|
# This program is Free Software, you can redistribute it and/or modify it
|
|
# under the terms of the GNU General Public Licence as published by the Free Software
|
|
# Foundation; either version 2 of the Licence or any later version.
|
|
# This program is distributed in the hope that it will be useful, but
|
|
# WITHOUT ANY WARRANTY, without ever the implied warranty of MERCHANTABILITY or FITNESS
|
|
# FOR A PARTICULAR PURPOSE.
|
|
|
|
# Edit this file to change your parameters or/and add your own modules
|
|
# Any line with a # character at the first column will be ignored (comment)
|
|
# General Parameters
|
|
# ==================
|
|
|
|
# The variables $*$ will be substituted in the installation
|
|
|
|
server_ip $ServerIP$
|
|
server_path $ServerPath$
|
|
temporal "$AgentTemp$"
|
|
|
|
# Agent uses your hostname automatically, if you need to change agent name
|
|
# use directive agent_name
|
|
# agent_name $AgentName$
|
|
|
|
# Interval is defined in seconds
|
|
|
|
interval 300
|
|
|
|
# tranfer_modes: Possible values are local, tentacle (default), ftp and ssh.
|
|
transfer_mode tentacle
|
|
server_port 41121
|
|
|
|
# In case of using FTP or tentacle with password, uncomment and change (user is always pandora)
|
|
# server_pwd pandora
|
|
|
|
# Debug mode do not copy XML data files to server and stop executing after first one
|
|
# debug 1
|
|
|
|
# ODBC connections
|
|
# Configuring "ExampleDSN" DSN. Notice that this DSN connection must be configured
|
|
# under Control panel -> Administrative tools -> ODBC -> DSN
|
|
# odbc_ExampleDSN_username UserNameForDsn
|
|
# odbc_ExampleDSN_password Password1234
|
|
|
|
# If set to 1 allows the agent to be configured via the web console.
|
|
# remote_config 0
|
|
|
|
# Set XML encoding (ISO-8859-1 by default).
|
|
# encoding ISO-8859-1
|
|
|
|
# Module Definition
|
|
# =================
|
|
|
|
|
|
# Is Eventlog service running?
|
|
module_begin
|
|
module_name ServicioReg
|
|
module_type generic_proc
|
|
module_service Eventlog
|
|
module_description Eventlog Service
|
|
module_end
|
|
|
|
# Is Microsoft Messenger running?
|
|
module_begin
|
|
module_name MSN_Messenger
|
|
module_type generic_proc
|
|
module_proc msmsgs.exe
|
|
module_description Microsoft Messenger (MSN)
|
|
module_end
|
|
|
|
# Received packets using external program exec
|
|
module_begin
|
|
module_name ReceivedPackets
|
|
module_type generic_data
|
|
module_exec netstat -s | grep "Packets Received" | tr -d " " | cut -f 2 -d "=" | tr -d "\n"
|
|
module_description Received packets
|
|
module_end
|
|
|
|
|
|
# Received packets using external program exec
|
|
module_begin
|
|
module_name Listen_Conn
|
|
module_type generic_data
|
|
module_exec netstat -an | grep LISTEN | wc -l | tr -d " "
|
|
module_description Listening connections
|
|
module_end
|
|
|
|
# Free space on disk C:
|
|
module_begin
|
|
module_name FreeDiskC
|
|
module_type generic_data
|
|
module_freedisk C:
|
|
module_description Free space on drive C:
|
|
module_end
|
|
|
|
# CPU usage percentage
|
|
module_begin
|
|
module_name CPUUse0
|
|
module_type generic_data
|
|
module_cpuusage 0
|
|
module_description CPU#0 usage
|
|
module_end
|
|
|
|
# Free Memory
|
|
module_begin
|
|
module_name FreeMemory
|
|
module_type generic_data
|
|
module_freememory
|
|
module_description Amount of free memory.
|
|
module_end
|
|
|
|
# Log events
|
|
module_begin
|
|
module_name Logevents
|
|
module_type generic_data_string
|
|
module_logevent
|
|
module_description Log Events
|
|
module_end
|
|
|
|
# More examples, uncomment (removing #) to use them
|
|
# =================================================
|
|
|
|
#module_begin
|
|
#module_name Fprot_AV
|
|
#module_type generic_proc
|
|
#module_proc FPAVServer.exe
|
|
#module_description FProt Antivirus running
|
|
#module_end
|
|
|
|
# Is Checkpoint SecureClient Service alive?
|
|
#module_begin
|
|
#module_name Checkpoint_SecureClient
|
|
#module_type generic_proc
|
|
#module_proc SR_Service.exe
|
|
#module_description Checkpoint Secure Client VPN client
|
|
#module_end
|
|
|
|
# Is Network Connect Service VPN Client from Juniper alive?
|
|
#module_begin
|
|
#module_name Juniper_VPN
|
|
#module_type generic_proc
|
|
#module_proc dsNcService.exe
|
|
#module_description Network Connect Service VPN Client from Juniper
|
|
#module_end
|
|
|
|
# ODBC query example using ExampleDSN connection defined above.
|
|
# This module gets the first row in example_table.
|
|
#module_begin
|
|
#module_name SQL query example
|
|
#module_type generic_string
|
|
#module_odbc ExampleDSN
|
|
#module_odbc_query SELECT * FROM example_table
|
|
#module_description The first row of example_table
|
|
#module_end
|
|
|
|
# ODBC query example using ExampleDSN connection defined above.
|
|
# This module gets the first row in example_table
|
|
#module_begin
|
|
#module_name SecondSQL query example
|
|
#module_type generic_data
|
|
#module_odbc ExampleDSN
|
|
#module_odbc_query SELECT punctuation FROM example_table WHERE id = 3
|
|
#module_description The punctuation row of example_tab where id is 3
|
|
#module_end
|
|
|
|
#Free space on disk D:
|
|
#module_begin
|
|
#module_name FreeDiskD
|
|
#module_type generic_data
|
|
#module_freedisk D:
|
|
#module_description Free space on drive D:
|
|
#module_end
|
|
|
|
#CPU usage percentage for second CPU
|
|
#module_begin
|
|
#module_name CPUUse1
|
|
#module_type generic_data
|
|
#module_cpuusage 1
|
|
#module_description CPU#1 usage
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name log_events_system
|
|
#module_type generic_data_string
|
|
#module_description System log events
|
|
#module_logevent
|
|
#module_source System
|
|
#module_end
|
|
|
|
#module_begin
|
|
#module_name log_events_security
|
|
#module_type generic_data_string
|
|
#module_description Security log events
|
|
#module_logevent
|
|
#module_source Security
|
|
#module_end
|
|
|
|
# Counting OpenedConnections (check the language string)
|
|
#module_begin
|
|
#module_name OpenNetConnections
|
|
#module_type generic_data
|
|
#module_exec netstat -na | grep ESTAB | wc -l | tr -d " "
|
|
#module_description Open Connections (interval 2)
|
|
#module_end
|
|
|
|
# Accepted server sessions (Server in Spanish)
|
|
#module_begin
|
|
#module_name ServerSessions
|
|
#module_type generic_data
|
|
#module_exec net statistics server | grep "Sesiones aceptadas" | gawk "{ print $3 }"
|
|
#module_description Accepted server sessions
|
|
#module_end
|
|
|
|
# Server sessions errors (Server in Spanish)
|
|
#module_begin
|
|
#module_name ServerErrors
|
|
#module_type generic_data
|
|
#module_exec net statistics server | grep "Error" | gawk "{ print $4 }"
|
|
#module_description Server errors
|
|
#module_end
|
|
|
|
# Example of asynchronous process checking
|
|
#module_begin
|
|
#module_name Notepad
|
|
#module_type generic_data
|
|
#module_proc notepad.exe
|
|
#module_description Notepad
|
|
#module_async yes
|
|
#module_end
|
|
|
|
# Example of watchdog process opening it if it gets closed
|
|
#module_begin
|
|
#module_name Notepad
|
|
#module_type generic_data
|
|
#module_proc notepad.exe
|
|
#module_description Notepad
|
|
#module_async yes
|
|
#module_watchdog yes
|
|
#module_start_command c:\windows\notepad.exe
|
|
#module_end
|
|
|
|
# Example of asynchronous service checking
|
|
# module_begin
|
|
# module_name ServiceSched
|
|
# module_type generic_proc
|
|
# module_service Schedule
|
|
# module_description Service Task scheduler
|
|
# module_async yes
|
|
# module_end
|
|
|
|
# Example of watchdog service opening it if it gets closed
|
|
# module_begin
|
|
# module_name ServiceSched
|
|
# module_type generic_proc
|
|
# module_service Schedule
|
|
# module_description Service Task scheduler
|
|
# module_async yes
|
|
# module_watchdog yes
|
|
# module_end
|
|
|
|
# Example UDP server to be able to execute remote actions such
|
|
# as starting or stopping process.
|
|
#udp_server 1
|
|
#udp_server_port 4321
|
|
#udp_server_auth_address 192.168.1.23
|
|
#process_firefox_start firefox
|
|
#process_firefox_stop killall firefox
|
|
#service_messenger 1
|