Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - normalcy

#1
General Support / RPM build for Fedora 39?
December 01, 2023, 06:05:39 AM
Hi, just wondering if you could build a RPM package set for Fedora 39? 

I know its fairly new, we use Fedora IoT atomic distro and it is a rolling release and has moved to fedora 39 now.  We're just waiting on the netxms agent packages to be available for 39 before we can upgrade from 38.

Kind regards.
#2
Hi, after upgrading to 4.1-377 I get an error on existing dashboards about missing DCI data.

It looks like the dashboard elements for rack diagram and DCI summary table are missing?  Editing properties of dashboard and trying to edit the dashboard elements for those types gives "Internal Error: no adaptor for dashboard element"
#3
Hi all, upgraded recently to 4.1.283 server and nxmc. 

Just tried a walk with the MIB explorer and noticed that the "OID as text" column is not being populated for anything in the entire compiled MIB tree that netxms uses.

So the OID as text column at the bottom of the panel and the field on the right of the explorer are both only displaying ".iso" rather than the text path as in the past.

Tried recompiling with nxmibc and still the same.  Has anyone else noticed this?

edit:
to clarify, the MIB tree on the left has the OID as text built properly in the tree.  But that same tree path is not shown in the OID as text fields.  See attached screenshot.

The fact the tree works makes me think the compiler is building properly and perhaps its a bug in the nxmc?
#4
Hi after installing the windows x64 agent 4.0.2088 I can see in the windows event log errors under eventid 1000 regarding openssl and sqlite:


- Cannot load user agent notifications (local database is unavailable)
- Compile time OpenSSL version (101010bf) does not match runtime OpenSSL version (1010107f)
- Unable to load database driver module "sqlite.ddr": The specified module could not be found.
- Cannot load SQLite database driver
- Local database unavailable


I've noticed the agent seems to stop occasionally and some polls from the management console complains about missing policy database.  Is this related to the sqlite.ddr module missing on the agent side?


[09.02.2022 13:46:10] Checking node's capabilities...
[09.02.2022 13:46:10]    Checking NetXMS agent...
[09.02.2022 13:46:10]    NetXMS agent is active
[09.02.2022 13:46:10]    Reading list of available Windows Performance Counters...
[09.02.2022 13:46:11]    168 counters read
[09.02.2022 13:46:11]    File manager is not available
[09.02.2022 13:46:11]    Checking agent policy deployment
[09.02.2022 13:46:11]       Cannot get policy inventory from agent (Agent database failure)
#5
General Support / Is netxms affected by CVE-2021-44228?
December 10, 2021, 11:45:05 PM
Hi, is netxms affected by log4j CVE-2021-44228?

Running a search on a debian VM with netxms installed shows:

# find / -name *log4j*
/var/lib/dpkg/info/liblog4j1.2-java.md5sums
/var/lib/dpkg/info/liblog4j1.2-java.list
/usr/share/java/slf4j-log4j12-1.7.22.jar
/usr/share/java/log4j-1.2-1.2.17.jar
/usr/share/java/log4j-over-slf4j.jar
/usr/share/java/ant-apache-log4j-1.9.9.jar
/usr/share/java/slf4j-log4j12.jar
/usr/share/java/log4j-1.2.jar
/usr/share/java/log4j-over-slf4j-1.7.22.jar
/usr/share/java/ant-apache-log4j.jar
/usr/share/maven-repo/org/apache/ant/ant-apache-log4j
/usr/share/maven-repo/org/apache/ant/ant-apache-log4j/debian/ant-apache-log4j-debian.pom
/usr/share/maven-repo/org/apache/ant/ant-apache-log4j/debian/ant-apache-log4j-debian.jar
/usr/share/maven-repo/org/apache/ant/ant-apache-log4j/1.9.9/ant-apache-log4j-1.9.9.jar
/usr/share/maven-repo/org/apache/ant/ant-apache-log4j/1.9.9/ant-apache-log4j-1.9.9.pom
/usr/share/maven-repo/org/slf4j/log4j-over-slf4j
/usr/share/maven-repo/org/slf4j/log4j-over-slf4j/1.7.22/log4j-over-slf4j-1.7.22.pom
/usr/share/maven-repo/org/slf4j/log4j-over-slf4j/1.7.22/log4j-over-slf4j-1.7.22.jar
/usr/share/maven-repo/org/slf4j/log4j-over-slf4j/debian/log4j-over-slf4j-debian.jar
/usr/share/maven-repo/org/slf4j/log4j-over-slf4j/debian/log4j-over-slf4j-debian.pom
/usr/share/maven-repo/org/slf4j/slf4j-log4j12
/usr/share/maven-repo/org/slf4j/slf4j-log4j12/1.7.22/slf4j-log4j12-1.7.22.jar
/usr/share/maven-repo/org/slf4j/slf4j-log4j12/1.7.22/slf4j-log4j12-1.7.22.pom
/usr/share/maven-repo/org/slf4j/slf4j-log4j12/debian/slf4j-log4j12-debian.jar
/usr/share/maven-repo/org/slf4j/slf4j-log4j12/debian/slf4j-log4j12-debian.pom
/usr/share/maven-repo/log4j
/usr/share/maven-repo/log4j/log4j
/usr/share/maven-repo/log4j/log4j/1.2.17/log4j-1.2.17.jar
/usr/share/maven-repo/log4j/log4j/1.2.17/log4j-1.2.17.pom
/usr/share/maven-repo/log4j/log4j/1.2.x/log4j-1.2.x.jar
/usr/share/maven-repo/log4j/log4j/1.2.x/log4j-1.2.x.pom
/usr/share/doc/liblog4j1.2-java
/usr/share/ant/lib/ant-apache-log4j.jar
/usr/share/jetty9/resources/log4j.properties


I've read online that some say log4j ver. 1.x is not vulnerable to the JNDI issue, but can't confirm that myself.  Is netxms affected do you think?  Or are these jars brought in with openjdk/jetty only and not used?
#6
Since upgrading to 3.9-235 for nxmc and server I can't deploy agent upgrades to windows clients.  I just get back an instant "file transfer failed" response.

Also get "cannot connect to NetXMS agent (internal error)" in status poll log on server.

Have restarted server (process and VM) no change.

nxdbmgr passes checks and is on the latest version.  Where should I look in the logs (and which level should I enable)?
#7
Hi when running nxdbmgr check on latest version I get asked if I want to delete orphaned tables.

The first few succeeded, however after the first few successful removals there are errors on subsequent tables re. constraint violations and the overall transaction fails:


# nxdbmgr check
NetXMS Database Manager Version 3.8.314 Build 3.8-314-g9d14b98df7 (UNICODE)

Checking database (excluding collected data):
* Zone object properties                                               [PASSED]
* Node object properties                                               [PASSED]
* Node to subnet bindings                                              [PASSED]
* Interface object properties                                          [PASSED]
* Interface bindings                                                   [PASSED]
* Network service object properties                                    [PASSED]
* Network service bindings                                             [PASSED]
* Cluster object properties                                            [PASSED]
* Cluster member nodes                                                 [PASSED]
* Template to node mapping                                             [PASSED]
* Object properties                                                    [PASSED]
* Container membership                                                 [PASSED]
* Event processing policy                                              [PASSED]
* Network map links                                                    [PASSED]
* Data tables                                                          [PASSED]
* Orphaned data tables                                                 [  12% ]
Data collection table tdata_1124 belongs to deleted object and no longer in use. Delete it? (Y/N)  (Yes/No/All/Skip) a
SQL query failed (2BP01 ERROR:  cannot drop table tdata_1124 because other objects depend on it
DETAIL:  constraint tdata_records_1124_record_id_fkey on table tdata_records_1124 depends on table tdata_1124
HINT:  Use DROP ... CASCADE to drop the dependent objects too.):
DROP TABLE tdata_1124
* Orphaned data tables                                                 [  12% ]
Data collection table tdata_1126 belongs to deleted object and no longer in use. Delete it? (Y/N)  (Yes/No/All/Skip) Y
SQL query failed (25P02 ERROR:  current transaction is aborted, commands ignored until end of transaction block):
DROP TABLE tdata_1126
* Orphaned data tables                                                 [  12% ]
Data collection table tdata_1128 belongs to deleted object and no longer in use. Delete it? (Y/N)  (Yes/No/All/Skip) Y
SQL query failed (25P02 ERROR:  current transaction is aborted, commands ignored until end of transaction block):
DROP TABLE tdata_1128
* Orphaned data tables                                                 [  12% ]
Data collection table tdata_1130 belongs to deleted object and no longer in use. Delete it? (Y/N)  (Yes/No/All/Skip) Y
SQL query failed (25P02 ERROR:  current transaction is aborted, commands ignored until end of transaction block):
DROP TABLE tdata_1130
* Orphaned data tables                                                 [  13% ]
Data collection table tdata_1132 belongs to deleted object and no longer in use. Delete it? (Y/N)  (Yes/No/All/Skip) Y
SQL query failed (25P02 ERROR:  current transaction is aborted, commands ignored until end of transaction block):
DROP TABLE tdata_1132
* Orphaned data tables                                                 [  13% ]
Data collection table tdata_1189 belongs to deleted object and no longer in use. Delete it? (Y/N)  (Yes/No/All/Skip) Y
SQL query failed (25P02 ERROR:  current transaction is aborted, commands ignored until end of transaction block):
DROP TABLE tdata_1189
* Orphaned data tables                                                 [  13% ]
<<SNIPPED>>


etc to the bottom:


<<SNIPPED>>
* Orphaned data tables                                                 [ERROR ]
* DCI configuration                                                    [   0SQL query failed (25P02 ERROR:  current transaction is aborted, commands ignored until end of transaction block):
SELECT item_id,node_id FROM items WHERE node_id NOT IN (SELECT object_id FROM object_properties)
SQL query failed (25P02 ERROR:  current transaction is aborted, commands ignored until end of transaction block):
SELECT item_id,node_id FROM dc_tables WHERE node_id NOT IN (SELECT object_id FROM object_properties)
[PASSED]
* Raw DCI values table                                                 [   0SQL query failed (25P02 ERROR:  current transaction is aborted, commands ignored until end of transaction block):
SELECT item_id FROM raw_dci_values
SQL query failed (25P02 ERROR:  current transaction is aborted, commands ignored until end of transaction block):
SELECT count(*) FROM raw_dci_values WHERE last_poll_time>1620602557
[PASSED]
* DCI thresholds                                                       [   0SQL query failed (25P02 ERROR:  current transaction is aborted, commands ignored until end of transaction block):
SELECT threshold_id,item_id FROM thresholds
[PASSED]
* Table DCI thresholds                                                 [   0SQL query failed (25P02 ERROR:  current transaction is aborted, commands ignored until end of transaction block):
SELECT id,table_id FROM dct_thresholds
[PASSED]
100 errors was found, 0 errors was corrected
Database still contain errors
Database check completed



I imagine cascade could be a risky thing to use by default?

I deleted what I could and left the other orphaned tables in there.  Wait for a patch or is there a manual alternative?

Cheers.
#8
Hi all, this is just a little papercut I've had that I wondered if anyone else has seen.

I've built a dashboard that contains a network map.  When I first open up NXMC and load the dashboard tab the network map element will refresh the status icons of the nodes, however the link colours (coloured by status) don't change from blue to to green until I open the network map by itself in its own tab.

Once that network map loads in its own tab correctly, if I go back to the dashboard tab and refresh it, the link status colours are green now.

Anyone else seen something similar?
#9
Has something changed with container auto-bind scripts in 3.7?

Since upgrading to 3.7 I just noticed that my containers with auto-bind scripts applied have stopped working (the nodes have been removed).

eg script:
if (
    $node->zoneUIN == 0 &&
    $node->isRouter == 1 &&
    $node->isPrinter != 1 &&
    GetCustomAttribute($node, "ignoreRouter") == null)
    {
      return true;
    }
return false;


But even a simpler version with Zone and other attribute checks removed:
if (
    $node->isRouter == 1)

    {
      return true;
    }
return false;


Will remove any bound node.

The relevant nodes have isRouter = Yes on the object details tab.

Same is happening to all atuo-bind containers (looking at isBridge, or isPrinter etc).
#10
Hi, just a suggestion.  Like the new layout of the object details overview in 3.4.

Could the commands box be moved over and under the capabilities box on the right?

Would give a little more room so the comments box could be visible, at the moment for me it is always pushed off screen.

Of course, the ultimate dream is to be able to adjust the layout of the overview by dragging the boxes into our own preferred order :D

Thanks for the update all.
#11
Hi I just wondered if anyone is using the "physical links" feature introduced in 3.1? Anyone got an example of how they're using it? I'm guessing its still early days on this feature?

I seem to get a yellow "error getting physical link list (Access Denied)" on every panel on every object that tries to view the physical links tab.  If I try to create a test link on the object physical links tab I also get access denied error.  However if I create a test link from Configuration > physical links, that works and shows up on objects.  I can't see any missing permissions in access control of user/group/object.  Also on the object's tab, the physical links sub-tab is missing an icon.

The other thing I'm trying to understand is how to use it properly. 

If I have devices linked as follows:



PC --> Patchpanel A/1 --> switch 0/1



Is the idea that you need to create 2x physical links for each side of the patch panel?

eg:

  • Link A: PC LAN interface -> Rack 1: Patch A/1 BACK
  • Link B: Rack 1: Patch A/1 FRONT -> Switchport 0/1 interface

Feature requests:

  • Will this feature integrate with the "find switchport" to include the physical links?
  • Could there eventually be a "layer-1" topology map as there is with layer-2 and layer-3 maps?  It would be great to potentially see all the cable joins in a relationship from switch to end device. I guess that would need a 'physical link' from a wall-plate to device as well as the rack side.
#12
Since upgrading to 3.0 I notice that network map link bend points seem to be a bit wonky.

If you insert or move a bend point the link label no longer closely follows the path of the link.  Instead it stays close to the original 'direct mode' path of the link before the bend point was inserted.  In 2.x it used to stay attached to the path.

Dragging bend points or adding removing sometimes seems to snap the link itself back to being direct mode although the bend point circles will stay in place.  This then flickers back and forth sometimes.

I found bend points useful to map diverse VPN paths between two locations and separate them enough to read the labels clearly.

I assume its a client console issue?  Although the two screenshots show two maps generated in the java console and web console so issue is common to both.

NXCM: 3.0.224
Server: 3.0.2292

Edit: created NX-1691
#13
If I select a single node and right click to get to syslog it loads really quickly.  If I right click on a container or subnet and view syslog it never seems to complete.  I haven't looked at the SQL but I assume there are missing indexes for container/subnet and its doing a full table scan?

I came across this old thread talking about adding the indexes to source: https://www.netxms.org/forum/feature-requests/syslog-table-index/

Is it feasible to add one to containers and/or subnets too?

Cheers.
#14
Hi have upgraded to 3.0.2292 and am trying to create a node in a zone and set it as the zone proxy and it doesn't seem to work if the proxy is in the zone.

eg: I have zone 1 and 2.  Netxms server is in zone 1.  If I create the proxy node in zone 1 and set it as the zone proxy for zone 2 (the old way as I understand it) then I can successfully poll all zone 2 nodes and things like the internal topology show the connection going via the proxy.

If I create the node in zone 2 as a zone proxy (or move the node into the zone 2) then the proxy itself can't be reached in a status poll and the whole zone goes unreachable.

My understanding is that the new way is to create the proxy for the zone inside that actual zone?  Doesn't seem to be working for me.

Have tried setting the zone 2 proxy to be its own proxy for polling/services and also tried the netxms server proxy.  Only thing that works is to put the proxy in the root zone 1 as we used to.
#15
Hi, when doing an apt-get update this morning on some debian wheezy machines, I'm getting a key expired error for netxms repo?

W: GPG error: http://packages.netxms.org wheezy Release: The following signatures were invalid: KEYEXPIRED 1522252127 KEYEXPIRED 1522252127 KEYEXPIRED 1522252127

Are those versions no longer maintained now?
#16
General Support / syslog parser rules not working
January 16, 2018, 08:31:33 AM
Hi, on ver 2.2.2, I have tried setting up a few syslog parser rules with the editor for the internal syslog.

I have one successfully working rule (looking at logins to a synology DSM).  However any rule I've added since (one for VPN logins and one for unifi time sync) does not seem to generate an event in the event log. 
Have tried:

  • altering the order of the rules
  • click process all
  • look at a level 9 debug (the syslog is being seen and added to the database but no EVENT is generated).
  • restarting the server
  • The custom events are configured to write to the event log
Is there an error in my regex?

<parser trace="9">
   <file/>
   <rules>
      <rule name="L2TP login to routers">
         <match repeatCount="0" repeatInterval="60">^l2tp,ppp,info,account (.*) logged in, (.*)</match>
         <event params="2">100811</event>
         <severity>5</severity>
         <tag>l2tp</tag>
         <description>Trigger a login event when VPN logins to routers occur</description>
      </rule>
      <rule name="Synology Admin Logins">
         <match repeatCount="0" repeatInterval="120">(Connection admin:.*User.*logged in from.*)</match>
         <event params="1">100801</event>
         <severity>64</severity>
         <tag>Connection</tag>
         <description>Trigger Log event when synology admin logins occur</description>
      </rule>
      <rule name="unifi current time not set">
         <match repeatCount="0" repeatInterval="120">(.*current time is not set yet)</match>
         <event params="1">100813</event>
         <severity>5</severity>
         <facility>1</facility>
         <tag>syswrapper</tag>
         <description>Log event when ntp is not updating on unifi devices</description>
      </rule>
   </rules>
   <macros/>
</parser>


syslog format:
16.01.2018 16:20:18 r01.domain.name 1 5 r01.domain.name l2tp l2tp,ppp,info,account USERNAME logged in, IPADDRESS
#17
General Support / Missing "status" DCI on some nodes
December 29, 2017, 05:06:15 AM
Hi, I was trying out the MTBF/MTTR script from the wiki and getting transformation script errors:
6102883 29.12.2017 12:28:50 netxms 2330 SYS_SCRIPT_ERROR Minor Script (DCI::OCB WiFi Demarc::2330::TransformationScript) execution error: Error 17 in line 8: Argument is not of string type and cannot be converted to string 0
After some fiddling I could trace it back to the fact the some of my nodes are missing what looks like some sort of default "status" DCI while others aren't (those work with the script).

Is the "status" DCI created when a new node is added automatically (discovery)?  I don't seem to have any templates that add this DCI.

Are there any conditions that can cause it not to be created by the server (hence my missing items)?  What happens if this DCI is missing on a node?

Thanks.
#18
General / git.netxms.org down?
December 21, 2017, 04:00:19 AM
Just wondering if git.netxms.org is down or moved?  I usually track changes via sourcetree and I receive this error when trying to pull changes:

git -c diff.mnemonicprefix=false -c core.quotepath=false fetch origin
fatal: repository 'https://git.netxms.org/public/netxms.git/' not found
Completed with errors, see above.


I notice that the web interface https://git.netxms.org/public/netxms.git/shortlog?js=1  is 13 days out of date which is about when I stopped being able to pull changes.

Has the repo moved or is down for anyone else?

Cheers.
#19
Hi all.  Looking at the agent tunnel functions and wondering how have some of you deployed them operationally? 

I can see their utility for allowing hole-punching out of a proxy site back to the server, but how do you do this securely?

Are you placing the NetXMS server on the public internet to receive the tunnels? 

Or are some of you using an extra NetXMS server in a DMZ and forwarding events/alarms to a primary server behind the firewall?  using a SSL proxy like nginx to unwrap and forward to the server behind the firewall?

Just curious of any deployment recommendations that can avoid directly placing the server online?  Or is the SSL code sufficiently isolated from the rest of the server and I'm being paranoid?

Cheers.
#20
Hi all, I have a WMI DCI that pulls the Dell service tag from the windows machines running the netxms agent.

WMI.Query(root\cimv2,select * from Win32_ComputerSystemProduct,IdentifyingNumber)

This number is generally not what is entered when calling up support, they prefer the DTMF friendly Express Service Code that is a numerical version of the Service Tag (easier to type on number pad).
I've found a couple of links that describe the service tag as a base-36 number [A-Z][0-9] that you just convert to decimal.

http://creativyst.com/Doc/Articles/HT/Dell/DellNumb.htm
https://serverfault.com/questions/589774/how-to-convert-a-dell-service-tag-to-an-express-service-code

What is the best way to do this in NetXMS?

Do I create a DCI that takes the same WMI query and uses a transformation script to convert the number?  Is this possible in NXSL with base36 conversion to decimal?

Or if NXSL can't handle arbitrary bases do I have to use an external Python/nxshell script to do the conversion and call that from a DCI?

My goal is to get it represented as a DCI to display on the object details tab and in DCI summary tables.

Thanks for any suggestions.