Status NORMAL on closed port

Started by jmgm, December 14, 2012, 09:00:08 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

jmgm

December 14, 2012, 09:00:08 AM
Hi,

I need to fire a CRITICAL error if a port is OPEN (instead of closed) and I cannot find a way to do this.

Thanks in advance

Juan

SKYnv

#1
December 14, 2012, 09:57:00 AM
Quote from: jmgm on December 14, 2012, 09:00:08 AM
Hi,

I need to fire a CRITICAL error if a port is OPEN (instead of closed) and I cannot find a way to do this.

Thanks in advance

Juan

change interface expected state, "up" by default

jmgm

#2
December 14, 2012, 05:58:56 PM
Hi Viktor,

Thanks for your fast response.

When I click on the node, and the in the "interfaces" tab, the services I' added aren't listed (i.e. ftp, ssh, etc) . Just the interfaces (i.e. eth0, etc)

So I don't know how to access the "polling" options for these ones.

Thanks

Juan


jmgm

#3
December 14, 2012, 06:02:48 PM
I've also tried a simple "transformation" to change values in the data collection, without success

Victor Kirhenshtein

#4
December 14, 2012, 06:26:27 PM
Hi!

You have to manually add network services you want to monitor. Right-click on node object, and select "create network service".

What kind of problem you have with transformation script?

Best regards,
Victor

jmgm

#5
December 14, 2012, 06:32:00 PM Last Edit: December 14, 2012, 06:37:51 PM by jmgm
Victor,

I've already added several network services, and most of them are being monitored correctly.

However, the issue I have is that in the "Interfaces" tab of the Object Details Section of the node, I only have the INTERFACES listed (not the NETWORK SERVICES I've manually added). In the Object Details of each Network Service I do not have any way to set expected state either.

The transformation script seems to be ignored.

Can you give me a quick example to return Normal on Critical state?

Thanks, and many thanks for your time

Juan

PS: I've attached an screenshot to be more clear.

As you can see on the left, I've created _SSH and __Apache. However, in the "Interfaces" list, they aren't listed.

jmgm

#6
December 14, 2012, 07:00:03 PM
Also, In the right click menu of an INTERFACE I have the expected state option, while in the right click menu of a network service, I don't  :(

Alex Kirhenshtein

#7
January 18, 2013, 01:01:32 PM
Right now it's not possible. Services do not have "expected state", as interfaces do. Right now they are expected to be up, so if normal state for network service is "down", you'll always get critical status.
As a workaround, you can handle SYS_SERVICE_UP / SYS_SERVICE_DOWN (there is default rule for that in Event Processin Policy, so add your rule before that and select "stop processing" checkbox) to create alarm / send notification.
To prevent "critical" status on the node itself as well as whole tree, you can status propagation for service to fixed -> Normal. This way service itself will be shown with red dot, but whole tree will be left intact.
Print
Go Up Pages1
User actions