[Xymon] Database Monitoring

Venkatesh Subbaramu Venkatesh_S04 at infosys.com
Wed Oct 31 16:18:19 CET 2012


Thanks Larry ! The concern was more about having all credentials stored in one single location . I will check out the sites .

Regards,
Venky

From: Larry Barber [mailto:lebarber at gmail.com]
Sent: Wednesday, October 31, 2012 7:30 PM
To: Venkatesh Subbaramu
Cc: xymon at xymon.com
Subject: Re: [Xymon] Database Monitoring

You're still going to need to have the account name and password stored somewhere, even if it is local to the database machine. The real way to provide good security in this case is to make sure the account that Xymon uses only has the permissions it needs, only "select" permissions on the DBA tables. This way nobody can use the account information to subvert your database nor will they be able to use it to obtain sensitive information. You can also make the file holding the passwords hard to access, zero out the permissions using chmod and then use setfacl to add in read permissions for the Xymon user.

I haven't used dbcheck.pl<http://dbcheck.pl>, but I strongly suspect that you could run on the Xymon clients that are hosting your databases, there are certainly other monitoring scripts, available at Xymonton and deadcat that do operate locally, but you will still need passwords stored in a plain text file somewhere.

Thanks,
Larry Barber

On Wed, Oct 31, 2012 at 7:41 AM, Venkatesh Subbaramu <Venkatesh_S04 at infosys.com<mailto:Venkatesh_S04 at infosys.com>> wrote:
Hi All ,

We have implemented db monitoring using dbcheck.pl<http://dbcheck.pl> for our Oracle and SQL Server databases which requires the database  user id and password to be stored in dbcheck.ini (its config file) .However the security team has raised concerns about this and proposed that we instead go for a agent based model like say leverage the BBWIN agent for windows to perform the database monitoring as well . Can you please let me know if this is possible to implement .If yes ,please provide some  details /sample scripts for implementation .

Thank You,

Regards,
Venky

**************** CAUTION - Disclaimer *****************

This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely

for the use of the addressee(s). If you are not the intended recipient, please

notify the sender by e-mail and delete the original message. Further, you are not

to copy, disclose, or distribute this e-mail or its contents to any other person and

any such actions are unlawful. This e-mail may contain viruses. Infosys has taken

every reasonable precaution to minimize this risk, but is not liable for any damage

you may sustain as a result of any virus in this e-mail. You should carry out your

own virus checks before opening the e-mail or attachment. Infosys reserves the

right to monitor and review the content of all messages sent to or from this e-mail

address. Messages sent to or from this e-mail address may be stored on the

Infosys e-mail system.

***INFOSYS******** End of Disclaimer ********INFOSYS***


_______________________________________________
Xymon mailing list
Xymon at xymon.com<mailto:Xymon at xymon.com>
http://lists.xymon.com/mailman/listinfo/xymon

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20121031/1f54572d/attachment.html>


More information about the Xymon mailing list