[Xymon] Xymon pull client data setup

Thomas Eckert thomas.eckert at it-eckert.de
Wed Oct 8 08:59:19 CEST 2014


On 08 Oct 2014, at 07:56, Jeremy Laidman <jlaidman at rebel-it.com.au> wrote:

> On 8 October 2014 16:36, Thomas Eckert <thomas.eckert at it-eckert.de> wrote:
> Depending on the extent of the security requirements 'ssh-tunnel' may be an alternative.
> 
> Various methods of tunnelling Xymon are documented here:
> 
> http://en.wikibooks.org/wiki/System_Monitoring_with_Xymon/Administration_Guide#Encryption_and_Tunnelling
> 
> For example, add the following to tasks.cfg:
> 
> [xymon-over-ssh]
>     ENVFILE /usr/lib/xymon/server/etc/xymonserver.cfg
>     CMD ssh -R1984:127.0.0.1:1984 -o batchmode=yes xymon at xymon-client '/usr/lib/xymon/client/bin/xymoncmd sh -c "XYMSRV=127.0.0.1 /usr/lib/xymon/client/bin/xymonclient.sh"'
>     LOGFILE $XYMONERVERLOGS/xymon-over-ssh.log
>     INTERVAL 5m
> 
> This requires no additional software.  As long as the xymon user can ssh to the remote xymon client machine using key authentication, and as long as the xymon client is installed in the expected location, it should work as expected.

Agreed. That’s a nice and out-of-the-box solution.

It does not require the ssh-tunnel extension on the server-side. But if you do this for a lot of clients the ssh overhead _may_ become a problem (every 5 minutes).
The ssh-tunnel extension creates a persistent tunnel that is only re-created if not already established.

For only a few systems I’d use your example if pulldata is not desired.
For larger setups I prefer the persistent tunnel (with xymonproxy on the far end).

Cheers
Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20141008/dc883b17/attachment.html>


More information about the Xymon mailing list