[Xymon] xymon client in 'local' mode, build pain

John Thurston john.thurston at alaska.gov
Mon Feb 10 19:25:19 CET 2014 

On 2/10/2014 5:56 AM, henrik at hswn.dk wrote:
> Den 2014-02-08 3:49, John Thurston skrev:
>> I've been using my Solaris BB clients with my Xymon server, but am
>> hoping the xymon client will be more zfs-aware than the ancient BB
>> client. To that end, I'm trying to compile a xymon client.
>>
>> I've spent most of the day fighting with the 'make' process.
>
> [snip]
- snip -
> The "xymond_client" binary is the only difference between a client- and
> server-side configured client. "xymond_client" is the program that
> analyses the client data and generates the status updates, so when you
> configure the client for "client-side" configuration, then you get this
> extra binary. However, it also uses a lot of external libraries that you
> can avoid installing on all of the servers you monitor by using
> server-side configuration.

It appeared to me to only require the pcre libraries. Were there others 
I missed?

> Client-side really is a hack, and it will probably be removed in v5. So
> I really do recommend that you use server-side configuration, to keep
> the client installation as dumb as possible.

I can see the case for server-side, but do not think it meets our 
business needs. I'm willing to be corrected if I've misunderstood how 
server-side configuration behaves:

  + In server-side configuration, our log, process, user, etc data is 
passed across the network on clear TCP connections. In the client-side 
configuration, our host-specific data never leaves our host. The client 
can be rigged to leak very little host-data.

  + If a server-side configuration for log-watching is doing the pattern 
matching on the Xymon server, how do I avoid sending (resending) my 
entire log file to the server for analysis?

  + Dumb client configurations are not always possible. We have many 
servers for which the Xymon-server admins do not understand the business 
requirements. In the client-side configuration, once the host is 
defined/authorized (in hosts.cfg) the server and application 
administrators can configure their alarm levels to meet their needs. In 
the server-side configuration, the Xymon-server admins are going to have 
to define the alarm levels for every defined/authorized host.

+ If my testing is correct, the client-local.cfg permits the Xymon 
server to instruct the client to execute commands on its behalf. The 
'file:' option accepts `back-ticked` strings which are used to generate 
dynamic names. This is very useful, but can also be used to do other 
things... maybe `rm -rf ~/*`.

The short version is, server-side client configuration can work for 
hosts on which I am the sysadmin and business owner. Since that 
represents only about 20 of the 300+ hosts we monitor with Xymon, it 
isn't a very good fit. I hope you don't drop client-side configuration, 
but I will understand if you do.

- snip -

> Building only the client with "configure --client" should work, but I'll
> readily admit that testing on Solaris is not at the top of my priority
> list.

I can understand that. We Solaris users are decreasing in number (thanks 
Oracle!).


-- 
    Do things because you should, not just because you can.

John Thurston    907-465-8591
John.Thurston at alaska.gov
Enterprise Technology Services
Department of Administration
State of Alaska

More information about the Xymon mailing list