[Xymon] Database Monitoring

Larry Barber lebarber at gmail.com
Wed Oct 31 15:00:25 CET 2012


You're still going to need to have the account name and password stored
somewhere, even if it is local to the database machine. The real way to
provide good security in this case is to make sure the account that Xymon
uses only has the permissions it needs, only "select" permissions on the
DBA tables. This way nobody can use the account information to subvert your
database nor will they be able to use it to obtain sensitive information.
You can also make the file holding the passwords hard to access, zero out
the permissions using chmod and then use setfacl to add in read permissions
for the Xymon user.

I haven't used dbcheck.pl, but I strongly suspect that you could run on the
Xymon clients that are hosting your databases, there are certainly other
monitoring scripts, available at Xymonton and deadcat that do operate
locally, but you will still need passwords stored in a plain text file
somewhere.

Thanks,
Larry Barber


On Wed, Oct 31, 2012 at 7:41 AM, Venkatesh Subbaramu <
Venkatesh_S04 at infosys.com> wrote:

>  Hi All ,****
>
> ** **
>
> We have implemented db monitoring using dbcheck.pl for our Oracle and SQL
> Server databases which requires the database  user id and password to be
> stored in dbcheck.ini (its config file) .However the security team has
> raised concerns about this and proposed that we instead go for a agent
> based model like say leverage the BBWIN agent for windows to perform the
> database monitoring as well . Can you please let me know if this is
> possible to implement .If yes ,please provide some  details /sample scripts
> for implementation .****
>
> ** **
>
> Thank You,****
>
> ** **
>
> Regards,****
>
> Venky****
>
> **************** CAUTION - Disclaimer *****************
> This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely
> for the use of the addressee(s). If you are not the intended recipient, please
> notify the sender by e-mail and delete the original message. Further, you are not
> to copy, disclose, or distribute this e-mail or its contents to any other person and
> any such actions are unlawful. This e-mail may contain viruses. Infosys has taken
> every reasonable precaution to minimize this risk, but is not liable for any damage
> you may sustain as a result of any virus in this e-mail. You should carry out your
> own virus checks before opening the e-mail or attachment. Infosys reserves the
> right to monitor and review the content of all messages sent to or from this e-mail
> address. Messages sent to or from this e-mail address may be stored on the
> Infosys e-mail system.
> ***INFOSYS******** End of Disclaimer ********INFOSYS***
>
>
> _______________________________________________
> Xymon mailing list
> Xymon at xymon.com
> http://lists.xymon.com/mailman/listinfo/xymon
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20121031/db055cf5/attachment.html>


More information about the Xymon mailing list