[Xymon] Server to Server communication

J.C. Cleaver cleaver at terabithia.org
Thu Mar 17 14:23:58 CET 2016 

On Wed, March 16, 2016 9:41 pm, Woods, Trevor T wrote:
> Hi,
> what's the best way to send data between xymon servers when http is not
> available. Our network will be very restricted and we can only send files
> through.
> I have setup a centralized master xymon server ready to go just trying to
> find the best solution of getting the data to it from the child servers.
> All I have found so far is creating pre generated report for the master
> server to read.
>
> Regards,
> Trev
>

Hi Trev,

It depends a little bit on what you mean by "between xymon servers" here.

Xymon inherently communicates using an extended version of the Big Brother
protocol on port 1984, so there's typically no http involved except for
the actual (human) viewing of pages generated by the 'xymongen' program
and associated CGIs.


The primary way HTTP can be utilized is by xymoncgimsg being installed on
a xymond server, which accepts single messages over HTTP transport and
relays them locally. (If you know for a fact that you're only using
one-way messages that don't need a reply, it's been reported that HTTP
proxies w/ nginx can be used to accept transport as well.)

The "summary" messages made by xymongen can reference an http/https
destination but the communication is still via the BB protocol.

The port used for the BB protocol can be changed to an arbitrary one, and
some folks use port 80/443/8080/8443/etc to get around a firewall, but
you're still just speaking BB.


There's also xymonproxy (receive and relay), xymonfetch (retrieve from
clients), and msgcache (store local messages on clients until picked up),
which can all also run on arbitrary ports, but -again- you're still just
speaking BB there.


Generally speaking, when you're behind a restrictive firewall like that,
some combination of xymonproxy on a single machine behind the FW for
servers to send messages to, with a single hole for that box to report
upwards to your main xymon server, and a single xymonnet instance behind
the firewall to do your local network testing is used.

If you have lots of inbound access, just no outbound access, either the
msgcache/xymonfetch solution, or a remote SSH call like Jeremy's
xymon-rclient script (http://tools.rebel-it.com.au/xymon-rclient/) could
be used. (Some of this might depend on your concurrency and performance
needs.)


HTH,
-jc

More information about the Xymon mailing list