NetXMS Support Forum

At this point we have all of the SNMP and Agent monitoring setup using templates with automatic bind rules so that as we add a device to the network we are assured to at least get the minimum amount of information so we know about it, and record standard metrics.

Now, however I want to try and template services (SSH, Telnet, HTTP,...).  I can manually create them on devices after they are discovered, but to make this as automated as possible I would like to have it do this for me at node discovery.  I have come up with one way for doing this, but want to see if somebody has a more elegant solution.  We have 100's of services to monitor (maybe 1,000's) and would like to do this right the first time.

Here is the current thought:

1.  We already have an event fired when a node is added that e-mails us to make sure we actually
want this device on our network and setup all the items manually that we currently need to.
2.  When this event is fired we would call an action that runs a process on the local server (something like nmap for example to get ports ope, or chkconfig to see services enabled) so that we can see the ports open.
3.  We can then setup a push of data back to the NetXMS node nicely formatted with values like:
                          mynode      port      22
                          mynode      port      80
                          mynode      service  spamassassin
                          mynode      service  reallyneatservice
4.  These pushed back values are then used by script to create custom attributes on the node.
                          portScan          22:80
                          serviceScan      spamassassin:reallyneatservice
5.  Templates are setup looking to bind nodes that have the specific custom attribute / value pair.


This of course only works for templating services that are running on the node at the time it is discovered.  I could of expand on this to scan again at a later time using one of many methods.

As mentioned, I am really hoping for feedback on either refining this idea or saying to me - that is ridiculous "xyz" is a much better way to do this.   Thanks to all in advance. 

Now I am off to upgrade everything to 1.2.2 which I see just made it onto the site  

Hi!

It's nice to see that such solutions are possible with NetXMS I hope you'll describe this in wiki when it will be working.

I would optimize this a bit by using nxevent instead of nxpush on step 3 and just calling script from library on some custom event. Also, if writing some Java code is an option, you can create simple class that will set custom attributes directly using NetXMS Java API. Otherwise solution looks good.

Best regards,
Victor

Appreciate the suggestions, will post to wiki as an example.  I notice that nxevent is not installed on my system however and is only in the client folder when viewing the source code trees which we have for viewing but install using the .deb files.  Does this only come from .deb installation if you install the console package?  Seems like some of this should be included in the server build as well. 

nxevent is a client tool and is not included into server deb file. I'll create separate deb file with client/integration tools.

Best regards,
Victor

Yes, that and the other tools provided in the console install as a package of its own would be great.  Thanks!

In the interim until there is a package for the tools we have compiled them and installed (pretty simple of course, but prefer packages).  However, I have yet to figure out the how to get nxevent to work, this is running on the same box as the server.  I have also tried all the combinations below replacing the XL_TESTEVENT name with the number assigned and the same results.  Here is what I get:
# nxevent -d -e -P MyPassword -u myser 123.123.123.123 XL_TESTEVENT
*debug* SendMsg("CMD_GET_SERVER_INFO", id:0)
*debug* RecvMsg("CMD_REQUEST_COMPLETED", id:0)
*debug* SendMsg("CMD_REQUEST_ENCRYPTION", id:1)
*debug* RecvMsg("CMD_REQUEST_SESSION_KEY", id:1)
*debug* SendMsg("CMD_SESSION_KEY", id:1)
*debug* RecvMsg("CMD_REQUEST_COMPLETED", id:1)
*debug* SendMsg("CMD_LOGIN", id:2)
*debug* RecvMsg("CMD_LOGIN_RESP", id:2)
*debug* SendMsg("CMD_TRAP", id:3)
*debug* RecvMsg("CMD_REQUEST_COMPLETED", id:3)
Unable to send event: Access denied
*debug* Network receiver thread stopped



Have also tried this to localhost (127.0.0.1) and using the event number instead of name.  Have tried it with no username / password:
*debug* SendMsg("CMD_GET_SERVER_INFO", id:0)
*debug* RecvMsg("CMD_REQUEST_COMPLETED", id:0)
*debug* SendMsg("CMD_REQUEST_ENCRYPTION", id:1)
*debug* RecvMsg("CMD_REQUEST_SESSION_KEY", id:1)
*debug* SendMsg("CMD_SESSION_KEY", id:1)
*debug* RecvMsg("CMD_REQUEST_COMPLETED", id:1)
*debug* SendMsg("CMD_LOGIN", id:2)
*debug* RecvMsg("CMD_LOGIN_RESP", id:2)
*debug* Network receiver thread stopped
Unable to connect to server: Access denied


No username/password and no encryption:
*debug* SendMsg("CMD_GET_SERVER_INFO", id:0)
*debug* RecvMsg("CMD_REQUEST_COMPLETED", id:0)
*debug* SendMsg("CMD_LOGIN", id:1)
*debug* RecvMsg("CMD_LOGIN_RESP", id:1)
*debug* Network receiver thread stopped
Unable to connect to server: Access denied

The user is setup in the server and at this point has ALL the permissions set just to make sure that was not causing issues.  Can you let me know what might be happening.  Also, what is the MINIMAL permissions that can be given and still allow the submission of nxevents.  Finally, should the <event_id> be specified by the name or the number? 

Thanks!

User must have "send events" access right on source object, i.e. if you are sending event from management server itself, user must have "send events" right on node object representing management server. This is the only requirement for that user. You can only use event codes in nxevent (it have to be fixed).

Best regards,
Victor

Yep, that resolved it.  Thought the rights on  the nodes were a subset / fine tooth version of the user rights.  It is working.  Off to automatic service profiling for me.......

Ok, I have all of the automatic port / service detection working and I will try to get this all up on the Wiki at some point soon.  Here is the next issue that I am facing in regards to templating services.  Let's just take Telnet as an example as it is very simple.

If the node is running an agent this is pretty much a non-issue.  I can create the necessary DCI(s) and away we go.  However, many of the devices we are looking to monitor are things like access points, routers, switches,... which of course cannot run the agent.

I see a few possible solutions but not sure which / if any can be accomplished:

1.  We need a way to bind network services to templates.
2.  I need some way to create a DCI on the server to use the agent it is running to perform the check for me.  Cannot figure out how to do this via scripting in the server.
3.  If we setup the Proxy on the node to check to be the server can we then create a DCI ServiceCheck right on that node and will this work?

Any suggestions would be appreciated.

Hello!

You can set "proxy node" directly in DCI. For example, you have node A without agent, and node B with agent and portcheck subagent, you can create DCI on node A with source agent, name ServiceCheck.xxx, and proxy node set to node B. Then you will have DCI on node A, but real data collection will be done from node B.

Best regards,
Victor

Learning more about this each day and it only keeps getting BETTER!  Thanks for the reply, this will solve the issue very well and offers exactly what I need.