[Xymon] Running a custom test on multiple clients.
Ralph M
ralphmitchell at gmail.com
Fri Dec 4 21:04:06 CET 2020
It's not very hard to construct a method to install custom scripts. Linux
systems generally have a package manager, whether it's rpm, yum, dnf,
zypper, apt or whatever. So, off the top of my head, I think this would
work:
1) construct packages for the various tests you want to install
2) construct a meta-package for each different server type (DB, App, web,
etc) that contains nothing other than requirements for the relevant packages
3) in Xymon's client-local.cfg you can put *anything* you want, so add a
line for each client that contains the name of the meta-package:
clientPKG: DB
clientPKG: APP
clientPKG: WEB
That will get delivered to the client every time the main client test
(cpu, disk, mem, port, procs) runs.
4) then distribute to each client a generic custom test that grep's that
line out of the local.cfg and does the equivalent of:
yum install xymon-client-DB
or -APP, or -WEB, to install the meta-package, which in turn will pull
in the appropriate group of test packages.
The client will then use all the safeguards built into the OS package
delivery/installation process to download and verify the signed package
before installing it. That ought to satisfy an auditor.
If you need to modify a test, just update its package, rebuild any
meta-package that has a dependency for it, and push them all to your
package repository server. Similarly for a new test. Clients will pull in
the updated meta-package whenever their update script checks in (hourly,
daily, weekly?), and install any updated bits. The updater can be run as a
Xymon task, even if it doesn't generate a report.
Ralph Mitchell
On Fri, Dec 4, 2020 at 11:19 AM Greg Hubbard <glh.forums at gmail.com> wrote:
> I think that the original philosophy behind Xymon was to "inform and
> notify" and not to "remediate." The client sends data to a predefined
> destination at regular intervals.
>
> However, you have described the Xymon administrators dilemma very well --
> what about custom tests? As Timothy points out, some thought has been put
> into this in the PowerShell client, but I am not sure what JC is planning
> for the Xymon "native" clients. Just keep in mind that once your Xymon
> server can start distributing code to its clients, the security
> requirements will likely escalate. Some form of "trust" will be needed
> between the client and the server as well as other features to keep the
> auditors at bay.
>
> However, you might be able to roll your own distribution function. All
> you need is a custom test that connects to your distribution point to look
> for changes. If anything changes, it can download the new code and "do the
> needful" to activate it. Another coping mechanism is to write your custom
> checks so they do not need to be updated very often, or isolate the updates
> so they can be easily applied.
>
> Regards,
>
> Greg Hubbard
>
> On Fri, Dec 4, 2020 at 9:21 AM Timothy Williams <tlwilliams4 at vcu.edu>
> wrote:
>
>> On the Windows PSXymon or (shudder) BBWin client, you can run an external
>> script by specifying it in the client-config file. Client can download from
>> a central repository using URL or BB: (from Xymon server) link to run every
>> scan or on slow scan. Therefore, changes to script are immediately
>> distributed. The script can write an output file to TMP folder and that is
>> picked up and displayed on Xymon console (name of file becomes name of
>> column).
>>
>> As Windows clients were built to mimic the Linux client, I would assume
>> there is a mechanism there as well.
>>
>>
>> *Timothy L. Williams*Windows Server
>> *Operating Systems Analyst*
>>
>> On Fri, Dec 4, 2020 at 9:12 AM Gabby Gibbons via Xymon <xymon at xymon.com>
>> wrote:
>>
>>>
>>>
>>>
>>> ---------- Forwarded message ----------
>>> From: Gabby Gibbons <gabby.gibbons at yahoo.com>
>>> To: Xymon Mailinglist <xymon at xymon.com>
>>> Cc:
>>> Bcc:
>>> Date: Fri, 4 Dec 2020 13:52:18 +0000 (UTC)
>>> Subject: Running a custom test on multiple clients.
>>> Hello,
>>>
>>> I am trying to figure out if there's a way to write a custom test on the
>>> xymon server and then run that test on each client as the client. I am
>>> aware of the ability to write a test on the server and then use XYMONGREP
>>> to run a test on each machine as the server, but the problem with that is,
>>> as far as I can tell, you can only run unauthenticated checks from the
>>> outside of the system. Say, for example, I want to monitor a log file using
>>> xymon on each client. If I were able to run the check on each system itself
>>> as the authenticated xymon user I could do that easily, but I wouldn't be
>>> able to view that file from the outside with another computer without first
>>> authenticating.
>>>
>>> Right now my solution is to simply copy all of the custom tests I have
>>> to each monitored machine. This works, but the problem is that it's so
>>> decentralized. Every time I make a simple change to a script or want to add
>>> a new custom script I have to go to every single machine and make the same
>>> change. Being able to centralize this somewhat and have the clients all
>>> read from one source would make managing custom tests much much easier. Is
>>> this possible to do?
>>>
>>>
>>>
>>> ---------- Forwarded message ----------
>>> From: Gabby Gibbons via Xymon <xymon at xymon.com>
>>> To: Xymon Mailinglist <xymon at xymon.com>
>>> Cc:
>>> Bcc:
>>> Date: Fri, 4 Dec 2020 13:52:18 +0000 (UTC)
>>> Subject: [Xymon] Running a custom test on multiple clients.
>>> _______________________________________________
>>> Xymon mailing list
>>> Xymon at xymon.com
>>> http://lists.xymon.com/mailman/listinfo/xymon
>>>
>> _______________________________________________
>> Xymon mailing list
>> Xymon at xymon.com
>> http://lists.xymon.com/mailman/listinfo/xymon
>>
>
>
> --
> Disclaimer: 1) all opinions are my own, 2) I may be completely wrong, 3)
> my advice is worth at least as much as what you are paying for it, or your
> money cheerfully refunded.
> _______________________________________________
> Xymon mailing list
> Xymon at xymon.com
> http://lists.xymon.com/mailman/listinfo/xymon
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20201204/d5a0426a/attachment.htm>
More information about the Xymon
mailing list