[Xymon] PSclient sending from intranet
Kris Springer
kspringer at innovateteam.com
Tue Nov 6 22:24:47 CET 2018
Thanks anyway. I'm working on a how-to right now. The documentation on
this feature is practically nonexistent, but I think I'm about to get it
figured out.
Kris Springer
On 11/6/18 2:22 PM, Timothy Williams wrote:
> Alas, I am unable to help further, as my InfoSec allows port 1984, and
> not 80 or 443 to Xymon, so I don't have http running.
>
> Tim
>
> On Tue, Nov 6, 2018 at 3:29 PM Kris Springer
> <kspringer at innovateteam.com <mailto:kspringer at innovateteam.com>> wrote:
>
> I've configured one of my PSclients to test this HTTPS
> functionality, and it indeed does try to send data over port 443.
> But the client logs say that my Xymon server is timing out. Is
> there a specific server url path that I need to be using? The
> documentation doesn't give any example.
>
> Kris Springer
>
>
> On 11/6/18 7:54 AM, Timothy Williams wrote:
>> The Powershell client can connect to the Xymon server using TCP
>> port 1984 as default, but can also connect using HTTP or HTTPS
>> with/without user/password. You likely have port 80 or 443 open.
>> Here are Word doc details:
>>
>> HTTP is an alternate method. It can be used if you have
>> xymoncgimsg.cgi running on the web server on your Xymon server –
>> see
>> https://www.xymon.com/help/manpages/man8/xymoncgimsg.cgi.8.html.
>> The web server running the CGI can be configured for SSL (i.e.
>> HTTPS) and / or authentication – XymonPSClient supports basic
>> authentication and SSL. If you require authentication, the
>> <serverHttpUsername> and <serverHttpPassword> elements should be
>> configured.
>> If you are using HTTP and transmitting over unsecure networks
>> (e.g. the internet), it is strongly recommended to enable SSL,
>> authentication and disallow HTTP connections.
>>
>> ServerHttpPassword encryption
>> If <serverHttpPassword> is set, the Xymon client will encrypt the
>> password if it is not encrypted and remove the plain text
>> password from the configuration file, overwriting with the
>> encrypted password. The Xymon client will prefix the encrypted
>> password with ‘{SecureString}’, so it is easy to tell if the
>> client has attempted to encrypt the password or not.
>> This is done using the .NET SecureString functions, which means
>> that the encryption is unique to the server and user. This means
>> that once the password has been encrypted, you cannot use the
>> same xymonclient_config.xml on another server. It also means that
>> if you have been testing by running XymonPSClient from a command
>> prompt, and this encrypts the password, when you run
>> XymonPSClient as a service it will not be able to decrypt the
>> password unless the service is running as the same user.
>> In both scenarios, replacing the encrypted password with the
>> plain text password and re-starting Xymon will cause the password
>> to be re-encypted.
>>
>>
>> Tim Williams
>>
>> On Tue, Nov 6, 2018 at 9:37 AM Rolf Schrittenlocher
>> <schritte at ub.uni-frankfurt.de
>> <mailto:schritte at ub.uni-frankfurt.de>> wrote:
>>
>> any possibility to send something from intranet to the world
>> outside?
>> creating webpage, send by sftp or scp? This could be done by
>> cron and
>> xymon could analyze this data then.
>> > Anyone have an idea about how to collect client server
>> stats using the
>> > Powershell client on machines that are on an intranet that
>> blocks port
>> > 1984, and send it out to our external xymon server located
>> in a
>> > different part of the country? The intranet network
>> doesn't want to
>> > open any additional ports to allow the traffic out.
>> >
>>
>> --
>> Mit freundlichen Grüßen
>> Rolf Schrittenlocher
>>
>> Lokales Bibliothekssystem Frankfurt
>> Bockenheimer Landstr. 134-138, 60325 Frankfurt
>> Tel LBS: (49) 69 - 798 28830
>> Tel persönlich: (49) 69 - 798 28908
>> LBS: lbs at ub.uni-frankfurt.de <mailto:lbs at ub.uni-frankfurt.de>
>> Persönlich: schritte at ub.uni-frankfurt.de
>> <mailto:schritte at ub.uni-frankfurt.de>
>>
>> _______________________________________________
>> Xymon mailing list
>> Xymon at xymon.com <mailto:Xymon at xymon.com>
>> http://lists.xymon.com/mailman/listinfo/xymon
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20181106/cf6f5cd1/attachment.html>
More information about the Xymon
mailing list