[Xymon] PSclient sending from intranet
Kris Springer
kspringer at innovateteam.com
Tue Nov 6 20:43:32 CET 2018
Thanks for this info. From reading the man page it seems like this is
enabled by default. Looking at the XymonPSClient.doc it says to change
the <servers> element to <serverUrl> in order for the client to send
over HTTP(s). Do I simply put *https://*servername.com in the
xymonclient_config.xml if my intent is to use port 443?
Kris Springer
On 11/6/18 7:54 AM, Timothy Williams wrote:
> The Powershell client can connect to the Xymon server using TCP port
> 1984 as default, but can also connect using HTTP or HTTPS with/without
> user/password. You likely have port 80 or 443 open. Here are Word doc
> details:
>
> HTTP is an alternate method. It can be used if you have
> xymoncgimsg.cgi running on the web server on your Xymon server – see
> https://www.xymon.com/help/manpages/man8/xymoncgimsg.cgi.8.html. The
> web server running the CGI can be configured for SSL (i.e. HTTPS) and
> / or authentication – XymonPSClient supports basic authentication and
> SSL. If you require authentication, the <serverHttpUsername> and
> <serverHttpPassword> elements should be configured.
> If you are using HTTP and transmitting over unsecure networks (e.g.
> the internet), it is strongly recommended to enable SSL,
> authentication and disallow HTTP connections.
>
> ServerHttpPassword encryption
> If <serverHttpPassword> is set, the Xymon client will encrypt the
> password if it is not encrypted and remove the plain text password
> from the configuration file, overwriting with the encrypted password.
> The Xymon client will prefix the encrypted password with
> ‘{SecureString}’, so it is easy to tell if the client has attempted to
> encrypt the password or not.
> This is done using the .NET SecureString functions, which means that
> the encryption is unique to the server and user. This means that once
> the password has been encrypted, you cannot use the same
> xymonclient_config.xml on another server. It also means that if you
> have been testing by running XymonPSClient from a command prompt, and
> this encrypts the password, when you run XymonPSClient as a service it
> will not be able to decrypt the password unless the service is running
> as the same user.
> In both scenarios, replacing the encrypted password with the plain
> text password and re-starting Xymon will cause the password to be
> re-encypted.
>
>
> Tim Williams
>
> On Tue, Nov 6, 2018 at 9:37 AM Rolf Schrittenlocher
> <schritte at ub.uni-frankfurt.de <mailto:schritte at ub.uni-frankfurt.de>>
> wrote:
>
> any possibility to send something from intranet to the world outside?
> creating webpage, send by sftp or scp? This could be done by cron and
> xymon could analyze this data then.
> > Anyone have an idea about how to collect client server stats
> using the
> > Powershell client on machines that are on an intranet that
> blocks port
> > 1984, and send it out to our external xymon server located in a
> > different part of the country? The intranet network doesn't
> want to
> > open any additional ports to allow the traffic out.
> >
>
> --
> Mit freundlichen Grüßen
> Rolf Schrittenlocher
>
> Lokales Bibliothekssystem Frankfurt
> Bockenheimer Landstr. 134-138, 60325 Frankfurt
> Tel LBS: (49) 69 - 798 28830
> Tel persönlich: (49) 69 - 798 28908
> LBS: lbs at ub.uni-frankfurt.de <mailto:lbs at ub.uni-frankfurt.de>
> Persönlich: schritte at ub.uni-frankfurt.de
> <mailto:schritte at ub.uni-frankfurt.de>
>
> _______________________________________________
> Xymon mailing list
> Xymon at xymon.com <mailto:Xymon at xymon.com>
> http://lists.xymon.com/mailman/listinfo/xymon
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20181106/9765e453/attachment.html>
More information about the Xymon
mailing list