[Xymon] PSclient sending from intranet

Kris Springer kspringer at innovateteam.com
Tue Nov 6 22:24:47 CET 2018


Thanks anyway.  I'm working on a how-to right now.  The documentation on 
this feature is practically nonexistent, but I think I'm about to get it 
figured out.

Kris Springer


On 11/6/18 2:22 PM, Timothy Williams wrote:
> Alas, I am unable to help further, as my InfoSec allows port 1984, and 
> not 80 or 443 to Xymon, so I don't have http running.
>
> Tim
>
> On Tue, Nov 6, 2018 at 3:29 PM Kris Springer 
> <kspringer at innovateteam.com <mailto:kspringer at innovateteam.com>> wrote:
>
>     I've configured one of my PSclients to test this HTTPS
>     functionality, and it indeed does try to send data over port 443. 
>     But the client logs say that my Xymon server is timing out.  Is
>     there a specific server url path that I need to be using?  The
>     documentation doesn't give any example.
>
>     Kris Springer
>
>
>     On 11/6/18 7:54 AM, Timothy Williams wrote:
>>     The Powershell client can connect to the Xymon server using TCP
>>     port 1984 as default, but can also connect using HTTP or HTTPS
>>     with/without user/password. You likely have port 80 or 443 open.
>>     Here are Word doc details:
>>
>>     HTTP is an alternate method. It can be used if you have
>>     xymoncgimsg.cgi running on the web server on your Xymon server –
>>     see
>>     https://www.xymon.com/help/manpages/man8/xymoncgimsg.cgi.8.html.
>>     The web server running the CGI can be configured for SSL (i.e.
>>     HTTPS) and / or authentication – XymonPSClient supports basic
>>     authentication and SSL. If you require authentication, the
>>     <serverHttpUsername> and <serverHttpPassword> elements should be
>>     configured.
>>     If you are using HTTP and transmitting over unsecure networks
>>     (e.g.  the internet), it is strongly recommended to enable SSL,
>>     authentication and disallow HTTP connections.
>>
>>     ServerHttpPassword encryption
>>     If <serverHttpPassword> is set, the Xymon client will encrypt the
>>     password if it is not encrypted and remove the plain text
>>     password from the configuration file, overwriting with the
>>     encrypted password. The Xymon client will prefix the encrypted
>>     password with ‘{SecureString}’, so it is easy to tell if the
>>     client has attempted to encrypt the password or not.
>>     This is done using the .NET SecureString functions, which means
>>     that the encryption is unique to the server and user. This means
>>     that once the password has been encrypted, you cannot use the
>>     same xymonclient_config.xml on another server. It also means that
>>     if you have been testing by running XymonPSClient from a command
>>     prompt, and this encrypts the password, when you run
>>     XymonPSClient as a service it will not be able to decrypt the
>>     password unless the service is running as the same user.
>>     In both scenarios, replacing the encrypted password with the
>>     plain text password and re-starting Xymon will cause the password
>>     to be re-encypted.
>>
>>
>>     Tim Williams
>>
>>     On Tue, Nov 6, 2018 at 9:37 AM Rolf Schrittenlocher
>>     <schritte at ub.uni-frankfurt.de
>>     <mailto:schritte at ub.uni-frankfurt.de>> wrote:
>>
>>         any possibility to send something from intranet to the world
>>         outside?
>>         creating webpage, send by sftp or scp? This could be done by
>>         cron and
>>         xymon could analyze this data then.
>>         > Anyone have an idea about how to collect client server
>>         stats using the
>>         > Powershell client on machines that are on an intranet that
>>         blocks port
>>         > 1984, and send it out to our external xymon server located
>>         in a
>>         > different part of the country?  The intranet network
>>         doesn't want to
>>         > open any additional ports to allow the traffic out.
>>         >
>>
>>         -- 
>>         Mit freundlichen Grüßen
>>         Rolf Schrittenlocher
>>
>>         Lokales Bibliothekssystem Frankfurt
>>         Bockenheimer Landstr. 134-138, 60325 Frankfurt
>>         Tel LBS: (49) 69 - 798 28830
>>         Tel persönlich: (49) 69 - 798 28908
>>         LBS: lbs at ub.uni-frankfurt.de <mailto:lbs at ub.uni-frankfurt.de>
>>         Persönlich: schritte at ub.uni-frankfurt.de
>>         <mailto:schritte at ub.uni-frankfurt.de>
>>
>>         _______________________________________________
>>         Xymon mailing list
>>         Xymon at xymon.com <mailto:Xymon at xymon.com>
>>         http://lists.xymon.com/mailman/listinfo/xymon
>>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20181106/cf6f5cd1/attachment.html>


More information about the Xymon mailing list