[Xymon] How Xymon invokes an SSH connection to the Client?

Agege Information Systems, Inc. cs at agege.com
Wed Mar 16 04:15:11 CET 2016


Thank you Jeremy!

Yes, the issues is that I have been asked to figure out is how Xymon handle monitoring activities with Xymon Clients.

And the reason being is that we have one Xymon server with over 3,000 Xymon clients on it.  And  we keep getting thousands of alert emails every day from Xymon clients.

Therefore, the Upper Management would like to move some servers to Tivoli and they want to understand what Xymon does, and how it actually communicate with Clients.   So that when we finally move some servers to Tivoli, we will not be missing anything that Xymon has been monitoring.

Thanks,
Agege
> On Mar 15, 2016, at 6:08 PM, Jeremy Laidman <jlaidman at rebel-it.com.au> wrote:
> 
> Please what script trigger the SSH tests that are built into the services that Xymon uses.
> 
> The SSH test, and all of the other network-probe tests (ping, http, etc) are performed by the xymonnet program.  This is launched by the xymonlaunch supervisor process, by default once every 5 minutes.  The execution parameters are defined in the tasks.cfg file, in the [xymonnet] section.
> 
> The way it works is this.  When xymonnet runs, it looks in protocols.cfg and builts up its suite of TCP tests from there, such as "smtp" and "ssh".  It also has built-in the three special non-TCP tests "ping", "dns" (or "dig") and "ntp".  Next, xymonnet scans the hosts file for any host with a tag matching any of these defined test names.  And then it runs through each test for each host having that test.
> 
> It's actually slightly more complicated than that, but it's functionally equivalent to how I've explained it.  For more of the details, refer to the man page for xymonnet, and read the "XYMONNET INTERNALS" section.
> 
> The "ssh" test is defined in protocols.cfg as follows:
> 
> [ssh|ssh1|ssh2]
>    send "SSH-2.0-OpenSSH_4.1\r\n"
>    expect "SSH"
>    options banner
>    port 22
> 
> This defines the port (which can be overridden per host in hosts.cfg) and whether the status page should show the response received after sending the "send" string.  The "send" string gets sent to the remote server being subjected to the test.  The "expect" string is matched against the response (banner) and if successful, the status goes green, otherwise red.  Or if the TCP socket fails to connect, the status goes red.
> 
> Is there a particular problem you're trying to solve?  If you would like some more relevant help, perhaps you could explain what you're trying to do, and what you are expecting to happen but is not.
> 
> Cheers
> Jeremy

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20160315/bf6a8b81/attachment.html>


More information about the Xymon mailing list