[Xymon] xymon for AIX

Ryan Novosielski novosirj at rutgers.edu
Wed May 25 23:30:47 CEST 2016


Check the “Ghost Clients” report under the Reports menu. If they are there, you may need to add CLIENT:<whatevername> to your hosts.cfg to make it clear that the client name is different than what the server expected. My Solaris clients were like this — they return the short name to Xymon. Probably this could be fixed automatically in the distribution, actually.

> On May 25, 2016, at 2:44 PM, L Foo <wonderfoo2 at gmail.com> wrote:
> 
> Thank you all for the valuable input! Appreciate it.
> 
> The netcat to port 1984 seems to have went through/connected ok based on below output:
> 
> # nc -v 172.31.2.131 1984
> Ncat: Version 6.40 ( http://nmap.org/ncat )
> Ncat: Connected to 172.31.2.131:1984.
> 
> p.s: The client pages are still not visible for AIX clients.
> 
> Thanke!
> 
> On Wednesday, May 25, 2016 9:25 AM, John Langbein <bigbandjohn at gmail.com> wrote:
> 
> 
> In case you need them, here are the firewall commands I used:
> 
> [root at xymontest rc3.d]# firewall-cmd --permanent --zone=public --add-port=80/tcp
> success
> [root at xymontest rc3.d]# firewall-cmd --permanent --zone=public --add-port=1984/tcp
> success
> [root at xymontest rc3.d]# firewall-cmd --reload
> 
> I also just created a service file for startup/shutdown. This may be helpful to you down the road so you won't have to re-invent the wheel. It took me a while and asking a CentOS mailing list to find the answer:
> 
> "/usr/lib/systemd/system/xymon.service" 27L, 816C
> 
> # xymonlaunch.service
> # systemd file for Fedora 18 and up, or RHEL 7 and up
> 
> [Unit]
> Description=Xymon systems and network monitor
> Documentation=man:xymon(7) man:xymonlaunch(8) man:xymon(1)
> After=network.target
> 
> [Install]
> # Compatibility with "xymon" and "xymon-client"
> Alias=xymon.service
> Alias=xymon-client.service
> WantedBy=multi-user.target
> 
> 
> [Service]
> #EnvironmentFile=/etc/sysconfig/xymonlaunch
> User=xymon
> # We wrap in xymoncmd to eliminate the need for the bulk of the old init script
> ExecStart=/home/xymon/server/bin/xymoncmd /home/xymon/server/bin/xymonlaunch --no-daemon $XYMONLAUNCHOPTS
> Type=simple
> 
> # Kill xymonlaunch, but don't send kills to the underlying procs, since they
> # might be doing important things (like writing checkpoints and flushing caches)
> KillMode=process
> # SendSIGHUP=yes
> SendSIGKILL=no
> 
> 
> ######################################## - next run the commands below after creating this service file
> systemctl enable xymon.service
> systemctl start xymon.service
> 
> 
> I had issues where it would only stop or only start. It was not obvious how to write this.  Hope you find this helpful
> 
> John
> 
> On Tue, May 24, 2016 at 6:49 PM, John Langbein <bigbandjohn at gmail.com> wrote:
> This sounds like a firewall issue. Search for open poet firewall centos 7 and the command should come up. I just had the same issue.
> On May 24, 2016 6:46 PM, "Jeremy Laidman" <jlaidman at rebel-it.com.au> wrote:
> On 25/05/2016 4:14 AM, "Wonder fo" <wonderfoo2 at gmail.com> wrote:
> >
> > Hi Jeremy,
> >
> > telnet is disabled by default on xymon server (running Centos 7.2.1511).
> As it should be, the telnet daemon is disabled. But not the telnet client. The centos should not allow anyone to connect to it, but shouldn't stop you connecting from it to other devices that use telnet.
> As an aside, telnet can be secured using kerberos.
> > Below is probably an expected output consider the security risk of clear text protocol ?
> Actually, no, it's not. Here, you are using the telnet command for something other than the telnet protocol. This is an old sysadmin trick. The telnet command primarily just connects to a TCP service, but that doesn't have to be the telnet service, it can be practically any TCP service. It might be a bit confusing at first, but it works; it's as if the command is really called "socket", and just happens to connect on the telnet port by default. But specify another service port, and you have a primitive tcp client for that other service. In fact people have even used telnet in place of a xymon client binary on systems where compiling or installing binaries is not possible.
> For kicks, try using it to connect to the ssh port on the Centos server, from itself.
> # telnet 127.1 22
> If you run an ssh service on the Centos server, then the above command will successfully connect, and also give you an ssh protocol banner. (To disconnect, press ctrl-] and type quit.)
> Here, we are using telnet like netcat (aka nc). Netcat is a generic socket connection tool that is much more flexible than the telnet client, but telnet is more universally available, which is why it's so popular as a socket test tool in the sysadmin's toolbox.
> >  # telnet 172.31.2.131 1984
> > Trying...
> This should say "connected" almost instantly. The fact that it says neither "connected" nor "refused" tells me that there's a firewall dropping packets. As you say, there's no firewall between the client and server. So the most likely cause is a firewall /on/ the client or server. That would be something like iptables (technically called netfilter) on the Centos Xymon server, restricting incoming connections on port 1984, or something like TCP/IP filters on the AIX Xymon client, restricting outbound connections. Try running "iptables-save" on the Xymon server to see if there are rules defined; try running "lsfilt" on the Xymon client to see if there are rules defined.
> Cheers
> Jeremy
> 
> _______________________________________________
> Xymon mailing list
> Xymon at xymon.com
> http://lists.xymon.com/mailman/listinfo/xymon
> 
> 
> 
> 
> _______________________________________________
> Xymon mailing list
> Xymon at xymon.com
> http://lists.xymon.com/mailman/listinfo/xymon

--
____
|| \\UTGERS,  	 |---------------------------*O*---------------------------
||_// the State	 |         Ryan Novosielski - novosirj at rutgers.edu
|| \\ University | Sr. Technologist - 973/972.0922 (2x0922) ~*~ RBHS Campus
||  \\    of NJ	 | Office of Advanced Research Computing - MSB C630, Newark
     `'

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 204 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20160525/5e6be132/attachment.sig>


More information about the Xymon mailing list