[Xymon] RFE: message encryption

Ralph Mitchell ralphmitchell at gmail.com
Thu Oct 27 22:01:16 CEST 2011

On Mon, Oct 10, 2011 at 2:58 PM, T.J. Yang <tjyang2001 at gmail.com> wrote:

> Hi, Henrik
> Passing message without encryption among xymon client and server will
> cause concerns in corporate  IT.
> I know you did some work at previous branches, can you activate this
> message encryption work or put it on roadmap ?

I was taking another crack at this today and found some interesting things.
 The xymon command, which delivers messages to the server, can take a URL
for a parameter.  Also, lurking in xymon-4.3.5/xymonproxy there is a little
program called xymoncgimsg, which takes an HTTP-delivered Xymon message and
hands it directly to Xymon.  I went a step further and poked around in the
code to see what was being sent, and came up with this:

1) Discover the state of some service, including the color. Assemble the

     MESSAGE="status $MACHINE.$TEST $COLOR `date`
        some message(s) relating to the test we're reporting"

2) instead of doing: $XYMON $XYMSRV "$MESSAGE"  to deliver, do this:

     curl -s -S -L --cacert /path/to/secure/xymon-server/cert.pem \
           -H "Content-Ty[e: application/octet-stream" \
           -H "MIME-version: 1.0" \
           -d "$MESSAGE" \

Curl validates the server certificate and manages the encrypted connection.
 $MESSAGE is shoved down the pipe to the cgi script and directly to xymon.

Ralph Mitchell
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20111027/2757571b/attachment.html>

More information about the Xymon mailing list