ASNMTAP
view release on metacpan or search on metacpan
lib/ASNMTAP/Asnmtap/Applications.pod view on Meta::CPAN
echo "Usage: '$AMNAME' {start|stop}"
exit 1
esac
exit 0
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ln -s /opt/asnmtap.sh /etc/init.d/asnmtap
/etc/rc3.d/S99asnmtap /etc/init.d/asnmtap
/etc/rc3.d/K99asnmtap /etc/init.d/asnmtap
/etc/rc0.d/S99asnmtap /etc/init.d/asnmtap
/etc/rc0.d/K99asnmtap /etc/init.d/asnmtap
=back
=back
=back
=back
=head1 PROGRAMS
=over 4
=item located at /opt/asnmtap/applications
=over 4
=item archive.pl
the Archiver.
This perl program
- create automatically new comments and events archive tables when needed.
- archiving the comments and events to the correspondending archiving tables
- removes the old unused cgisess files
- make backups and zips the csv, sql error, week, debug and report files
- removes the old zipped csv, sql error, week, debug and report files
=item archive.sh
=over 4
=item Central ASNMTAP
archive.pl -A ArchiveCT -c F -r T -d T
=item Central Apache
archive.pl -c T -r F -d F
=item Distributed ASNMTAP
archive.pl -A ArchiveCT -c T -r T -d F
=back
Shell script to run archive.pl with the default command line options
cd /opt/asnmtap/applications/
cp archive.sh-orig archive.sh
chmod 755 archive.sh
crontab -e
0 1 * * * /opt/asnmtap/applications/archive.sh > /dev/null
cd /opt/asnmtap/applications/
mv archive.sh-orig archive-apache.sh
chmod 755 archive-apache.sh
chown <apache>:<apache> archive-apache.sh
su - <apache>
crontab -e
0 1 * * * /opt/asnmtap/applications/archive-apache.sh > /dev/null
=back
=item located at /opt/asnmtap/applications/bin
=over 4
=item generateCollectorDaemonSchedulingReports.pl
this program generating automatically Collector Daemon Scheduling Reports in PDF format
Located at URL: http://asnmtap.citap.be/results/_ASNMTAP/reports/
=item generateCollectorDaemonSchedulingReports.sh
Shell script to run generateCollectorDaemonSchedulingReports.pl with the default command line options
cd /opt/asnmtap/applications/bin
mv generateCollectorDaemonSchedulingReports.sh-orig generateCollectorDaemonSchedulingReports.sh
chmod 755 generateCollectorDaemonSchedulingReports.sh
crontab -e
0 0 * * * /opt/asnmtap/applications/bin/generateCollectorDaemonSchedulingReports.sh > /dev/null
=item generateReports.pl
this program generate automatically reports in PDF format, defined by the CGI program reports.pl
=item generateReports.sh
Shell script to run generateReports.pl with the default command line options
cd /opt/asnmtap/applications/bin
mv generateReports.sh-orig generateReports.sh
chmod 755 generateReports.sh
crontab -e
30 0 * * * /opt/asnmtap/applications/bin/generateReports.sh > /dev/null
=item holidayBundleSetDowntimes.pl
this program automatically set the plugin downtimes, defined by the CGI program plugin.pl and holidaysBundle.pl
=item holidayBundleSetDowntimes.sh
Shell script to run holidayBundleSetDowntimes.pl with the default command line options
cd /opt/asnmtap/applications/bin
mv holidayBundleSetDowntimes.sh-orig holidayBundleSetDowntimes.sh
chmod 755 holidayBundleSetDowntimes.sh
crontab -e
15 0 * * * /opt/asnmtap/applications/bin/holidayBundleSetDowntimes.sh > /dev/null
=item importDataThroughCatalog.pl
this program imports automatically the data for other distributed/federated catalog members, defined by the CGI program catalog.pl
=item importDataThroughCatalog.sh
Shell script to run importDataThroughCatalog.pl with the default command line options
cd /opt/asnmtap/applications/bin
mv generateReports.sh-orig importDataThroughCatalog.sh
chmod 755 importDataThroughCatalog.sh
crontab -e
30 0 * * * /opt/asnmtap/applications/bin/importDataThroughCatalog.sh --type=CONFIG > /dev/null
*/5 * * * * /opt/asnmtap/applications/bin/importDataThroughCatalog.sh --type=DATA > /dev/null
=back
=item located at /opt/asnmtap/applications/sbin
=over 4
=item bash_stop_root.sh
Shell script to run CollectorCT-*.sh and DisplayCT-*.sh with uid protection.
cd /opt/asnmtap/applications/sbin
mv bash_stop_root.sh-orig bash_stop_root.sh
chmod 755 bash_stop_root.sh
Modify when required:
STOP_ROOT=TRUE
NOTICE: ASNMPTAP has been configured not to run as root !
WARNING: Running ASNMPTAP as root is not recommended !
ASNMPTAP_UID=32006
ASNMPTAP_USER=asnmtap
NOTICE: ASNMPTAP must be started with shell uid(user) !
HTTPD_UID=99
NOTICE: ASNMPTAP must be started with httpd uid !
=item sshWrapperASNMTAP.pl
ASNMTAP ssh wrapper script for ssh execution through a rsa or dsa key
Accepted ssh calls are as follows:
'script $APPLICATIONPATH/master/DisplayCT-<daemon name>.sh stop|start|restart|reload'
'script $APPLICATIONPATH/slave/DisplayCT-<daemon name>.sh stop|start|restart|reload'
'script $APPLICATIONPATH/master/CollectorCT-<daemon name>.sh stop|start|restart|reload'
'script $APPLICATIONPATH/slave/CollectorCT-<daemon name>.sh stop|start|restart|reload'
'remove $PIDPATH/DisplayCT-<daemon name>.pid'
'remove $PIDPATH/CollectorCT-<daemon name>.pid'
'killall <pid>'
'../' are forbidden into a directory of filename for security reasons !!!
You need to create an ssh account:
ssh-keygen -t dsa -f /home/asnmtap/.ssh/asnmtap
vi /home/asnmtap/.ssh/authorized_keys
lib/ASNMTAP/Asnmtap/Applications.pod view on Meta::CPAN
export ftp_proxy=http://proxy.citap.be:8080
alias su=/usr/bin/su
alias perl=/usr/bin/env perl
if [ -d /opt/asnmtap/cpan-shared/lib/perl5 ]; then
PERL5LIB=${PERL5LIB:+$PERL5LIB:}/opt/asnmtap/cpan-shared/lib/perl5
MANPATH=${MANPATH:+$MANPATH:}/opt/asnmtap/cpan-shared/share/man
export MANPATH PERL5LIB
fi
umask 022
=item .bash_profile example
MAIL=/usr/mail/${LOGNAME:?}
export PATH
umask 022
=item create ssh key
...
<slave server>:
ssh-keygen -q -t rsa -f /home/asnmtap/.ssh/ssh -N ''
or
ssh-keygen -q -t dsa -f /home/asnmtap/.ssh/ssh -N ''
chmod go-w /home/asnmtap/
chmod 700 /home/asnmtap/.ssh
chmod go-rwx /home/asnmtap/.ssh/*
chmod 644 ssh.pub
chown asnmtap:asnmtap ssh.pub
chmod 600 ssh
chown apache:asnmtap ssh
cat /home/asnmtap/.ssh/ssh.pub >> /home/asnmtap/.ssh/authorized_keys
chmod 600 /home/asnmtap/.ssh/authorized_keys
vi /home/asnmtap/.ssh/authorized_keys
add command='/opt/asnmtap/applications/sbin/sshWrapperASNMTAP.pl' before ssh.pub
or
add command='ASNMTAP_PERL5LIB=/opt/asnmtap/cpan-shared/lib/perl5; /opt/asnmtap/applications/sbin/sshWrapperASNMTAP.pl' before ssh.pub
=back
=item Apache
=over 4
=item Install for HTTPS support
install openssh, openssl, openssl096 & openssl-devel
=item add /etc/httpd/conf.d/asnmtap.conf
Link index.html and index-cv.html to the default screens
[/opt/asnmtap/applications/htmlroot]# ln -s citap.html index.html
[/opt/asnmtap/applications/htmlroot]# ln -s citap-cv.html index-cv.html
vi /etc/httpd/conf.d/asnmtap.conf
AddHandler cgi-script .cgi .pl
DirectoryIndex index.htm index.html index.html.var index.shtml index.cfm index.pl
<VirtualHost *:80>
ServerName asnmtap.citap.com
ServerAlias asnmtap.citap.be
ServerAdmin webmaster@citap.com
DocumentRoot /opt/asnmtap/applications/htmlroot
ErrorLog /var/log/httpd/asnmtap.citap.com-error.log
CustomLog /var/log/httpd/asnmtap.citap.com-combined.log combined
IndexIgnore *.png *nok.txt *all.txt *.html
IndexOptions NameWidth=* FancyIndexing FoldersFirst SuppressDescription
IndexOrderDefault Ascending Name
Alias /asnmtap "/opt/asnmtap/applications/htmlroot"
<Directory "/opt/asnmtap/applications/htmlroot">
AllowOverride AuthConfig
Options FollowSymLinks
Order allow,deny
Allow from all
</Directory>
Alias /results "/opt/asnmtap/results"
<Directory "/opt/asnmtap/results">
HeaderName HEADER.html
ReadmeName FOOTER.html
AllowOverride AuthConfig
Options Indexes
# Options Indexes FollowSymLinks
Order allow,deny
Allow from all
</Directory>
Alias /config "/opt/asnmtap/applications/tmp/config"
<Directory "/opt/asnmtap/applications/tmp/config">
HeaderName HEADER.html
ReadmeName FOOTER.html
AllowOverride AuthConfig
Options Indexes
# Options Indexes FollowSymLinks
Order allow,deny
Allow from all
</Directory>
ScriptAlias /asnmtap/cgi-bin/ "/opt/asnmtap/applications/htmlroot/cgi-bin/"
<Directory "/opt/asnmtap/applications/htmlroot/cgi-bin">
AllowOverride AuthConfig
Options ExecCGI
Order allow,deny
Allow from all
lib/ASNMTAP/Asnmtap/Applications.pod view on Meta::CPAN
[safe_mysqld]
err-log=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
Start the slave server. If it has been replicating previously, start the slave server with the --skip-slave-start option. You also may want to start the slave server with the --log-warnings option. That way, you will get more messages about problems...
Execute the following command on the slave, replacing the values within <> with the actual values relevant to your system:
This is where you put the values you got earlier from SHOW MASTER STATUS from 2)
mysql> CHANGE MASTER TO
MASTER_HOST='<master hostname>',
MASTER_USER='<replication username>',
MASTER_PASSWORD='<replication password>',
MASTER_LOG_FILE='<recorded log file name>', <-- replace with the value show 'SHOW MASTER STATUS' on the master server
MASTER_LOG_POS=<recorded log offset>; <-- replace with the value show 'SHOW MASTER STATUS' on the master server
mysql> START SLAVE; <-- if you want to restart replication
mysql> SHOW MASTER STATUS;
write down the values
mysql> QUIT;
At this point you got master -> slave replication
=item onto the master server, part II:
copy the slave server *.bin.* (binary logs), put it in the master server mysql data dir
mysql> STOP SLAVE; <-- if replication was running
This is where you put the values you got earlier from SHOW MASTER STATUS from 3)
mysql> CHANGE MASTER TO
MASTER_HOST='<slave hostname>',
MASTER_USER='<replication username>',
MASTER_PASSWORD='<replication password>',
MASTER_LOG_FILE='<recorded log file name>', <-- replace with the value show 'SHOW MASTER STATUS' on the master server
MASTER_LOG_POS=<recorded log offset>; <-- replace with the value show 'SHOW MASTER STATUS' on the master server
mysql> START SLAVE; <-- if you want to restart replication
At this point you got master -> slave -> master replication
You can now execute any query on any of them, and it will appear on both.
We will do it always onto the master server, unless the master server is down then we uses the slave server!!!
=back
=item Update your ASNMTAP configuration
vi /opt/asnmtap/Asnmtap.cnf
Here you can modify all the varibales used by the ASNMTAP package !!!
vi /opt/asnmtap/applications/Applications.cnf
URL: http://asnmtap.citap.be/asnmtap/cgi-bin/sadmin/index.pl
regarding the server administrator, the default username: `sadmin` and password: `a1A`
Now you can build your config !!!
=back
=item Install perl modules from CPAN
export http_proxy=http://proxy:8080
export ftp_proxy=http://proxy:8080
perl -MCPAN -e shell
install Bundle::CPAN
install Bundle::DBI
install Bundle::DBD::mysql # need mysql-devel
=item Perfparse integration
Perfparse (http://perfparse.sourceforge.net/)
We use the 'Pipe to Perfparse' methode
=over 4
=item Compiling Perfparse
wget http://belnet.dl.sourceforge.net/sourceforge/perfparse/perfparse-0.106.1.tar.gz
cd /export/download/
tar -xvzf perfparse-0.106.1.tar.gz
cd /export/download/perfparse-0.106.1
./configure --prefix=/opt/asnmtap/perfparse --with-imagedir=/opt/asnmtap/applications/htmlroot/img/ --with-cgidir=/opt/asnmtap/applications/htmlroot/cgi-bin --with-http_image_path=/asnmtap/img --with-data-source=asnmtap --disable-phpui
make
make install-strip
=item Installing Perfparse database
cd /export/download/perfparse-0.106.1/scripts
cat mysql_create.sql | mysql -u root -p -D asnmtap
=item Configuration of Perfparse v19 for ASNMTAP
cp /opt/asnmtap/perfparse/etc/perfparse.cfg.example /opt/asnmtap/perfparse/etc/perfparse.cfg
First you should edit '/opt/asnmtap/perfparse/etc/perfparse.cfg', adding the correct database settings (if using something other than 'nagios' as DB name, username, and password). The options are :
Use_Storage_Mysql (only in perfparsed; considered as enabled in perfparse-log2mysql)
vi /opt/asnmtap/perfparse/etc/perfparse.cfg
...
Service_Log "-"
...
# Error handling :
Error_Log = "/opt/asnmtap/log/perfparse-asnmtap-all"
Drop_File = "/opt/asnmtap/log/perfparse-asnmtap-drop"
...
# Database managment :
# ====================
Use_Storage_Mysql = "yes"
No_Raw_Data = "no"
lib/ASNMTAP/Asnmtap/Applications.pod view on Meta::CPAN
First you should edit '/opt/asnmtap/perfparse/etc/perfparse20.cfg', adding the correct database settings (if using something other than 'nagios' as DB name, username, and password). The options are :
Use_Storage_Mysql (only in perfparsed; considered as enabled in perfparse-log2mysql)
vi /opt/asnmtap/perfparse/etc/perfparse20.cfg
...
Service_Log "-"
...
# Error handling :
Error_Log = "/opt/asnmtap/log/perfparse-asnmtap-all"
Drop_File = "/opt/asnmtap/log/perfparse-asnmtap-drop"
...
# Database managment :
# ====================
Storage_Modules_Load = "mysql"
Use_Storage_Mysql = "yes"
No_Raw_Data = "no"
No_Bin_Data = "no"
# Database Authentication
DB_User = "asnmtap"
DB_Name = "perfparse_asnmtap_v20"
DB_Pass = "passwd"
DB_Host = "localhost"
DB_Socket = "/tmp/mysql.sock"
# PHPGui
PHP_Lang = "en"
PHP_Style = "" # "flo"
http_image_path = "/asnmtap/perfparse20/img/"
=item Testing configuration
http://asnmtap.citap.be/asnmtap/cgi-bin/perfparse.cgi
> An error occured with the SQL:
> "Could not connect to MySQL using: Database = 'asnmtap', Host = '127.0.0.1', Username = 'asnmtap', Password = 'asnmtap'"
>
> Failure Message:
> "Access denied for user: 'asnmtap@localhost.localdomain' (Using password: YES)"
You need to verify your access right for the database
Host & Service string from Nagios:
"$TIMET$"\t"$HOSTNAME$"\t"$SERVICEDESC$"\t"$OUTPUT$"\t"$SERVICESTATE$"\t"$PERFDATA$"\n
$TIMET$ $HOSTNAME$ $SERVICEDESC$ $OUTPUT$ $SERVICESTATE$ $PERFDATA$
1107692805 chablis.dvkhosting.com process ColdFusion OK - 40 processes running with command name cfusion OK label=1;2;3;4;5
Test ASNMTAP Perfparse integration:
/usr/bin/printf "%b" "1107692900\tDUMMY-T1\tDUMMY-T1\tCRITICAL - Check Dummy: +DUMMY-T2+\tCRITICAL\ttperfdata=1;1;;;\n" | /opt/asnmtap/perfparse/bin/perfparse-log2mysql -c /opt/asnmtap/perfparse/etc/perfparse.cfg
Look for results into the database and the logfile located at /opt/asnmtap/log/perfparse-asnmtap-all.yyyymmdd.log
more /opt/asnmtap/log/perfparse-asmtap-all.yyyymmdd.log
yyyy/mm/dd hh:mmss1 [ storage.c:95 nnnn ] storage_mysql module successfully loaded
=item Database Maintenance
Deletion policies are defined at various places with default and user-defined policies available. A policy defines the time at which data is permanently deleted from the DB. The data is deleted by running the provided program 'perfparse-db-purge'. It...
To purge the Database daily using 'perfparse-db-purge' from crontab, you might use something like this:
# Purge PerfParse Database daily at 3 AM.
0 3 * * * /opt/asnmtap/perfparse/bin/perfparse-db-purge > /dev/null
=back
=item SNMPTT integration
... TODO ... NO PART OF NORMAL SETUP ...
=over 4
=item Install SNMPTT
Install net-snmp 5.4.x
... TODO ... NO PART OF NORMAL SETUP ...
MySQL 5.0.x
SQLyog -> Db -> Import from SQL Statements ... -> \opt\asnmtap-3.001.xxx\plugins\templates\snmptt\snmptt-3.002.003-v5.0.x.sql
SQLyog -> Db -> Import from SQL Statements ... -> \opt\asnmtap-3.001.xxx\plugins\templates\snmptt\create_weblogic_configuration_database_with_SNMP-3.002.003_mysql-v5.0.x.SQL
or
mysql -u root -p < /opt/asnmtap/plugins/templates/snmptt/snmptt-3.002.003-v5.0.x.sql
mysql -u root -p < /opt/asnmtap/plugins/templates/snmptt/create_weblogic_configuration_database_with_SNMP-3.002.003_mysql-v5.0.x.SQL
... TODO ... NO PART OF NORMAL SETUP ...
=item Configuration of SNMPTT for ASNMTAP
... TODO ... NO PART OF NORMAL SETUP ...
=over 4
=item 1
plugins/templates/snmptt/snmptt-bea-weblogic.conf
... TODO ... NO PART OF NORMAL SETUP ...
plugins/templates/snmptt/snmptt-oracle.conf
... TODO ... NO PART OF NORMAL SETUP ...
plugins/templates/snmptt/snmptt.ini
... TODO ... NO PART OF NORMAL SETUP ...
=item 2
plugins/snmptt/create_weblogic_configuration_database_with_SNMP.pl
... TODO ... NO PART OF NORMAL SETUP ...
=item 3
plugins/snmptt/create_weblogic_configuration_for_SNMPTT.pl
lib/ASNMTAP/Asnmtap/Applications.pod view on Meta::CPAN
# MyConfig.pm -->
su - asnmtap
perl -c MyConfig.pm
perl -MCPAN -e 'reload index'
vi ~/.bash_profile
...
export PATH=/usr/local/bin:/usr/local/sbin:/usr/sbin:/etc:/usr/ccs/bin:/usr/bin:/opt/csw/bin:/usr/ucb:/usr/local/mysql/bin:${PATH}
if [ -d /opt/asnmtap/cpan-shared/lib/perl5 ]; then
PERL5LIB=${PERL5LIB:+$PERL5LIB:}/opt/asnmtap/cpan-shared/lib/perl5
MANPATH=${MANPATH:+$MANPATH:}/opt/asnmtap/cpan-shared/share/man
export MANPATH PERL5LIB
fi
export LD_LIBRARY_PATH=/opt/asnmtap/ssl/lib:/usr/local/lib/mysql:/usr/local/lib:/usr/lib:${LD_LIBRARY_PATH}
...
vi /etc/init.d/httpd
...
if [ -d /opt/asnmtap/cpan-shared/lib/perl5 ]; then
PERL5LIB=${PERL5LIB:+$PERL5LIB:}/opt/asnmtap/cpan-shared/lib/perl5
MANPATH=${MANPATH:+$MANPATH:}/opt/asnmtap/cpan-shared/share/man
export MANPATH PERL5LIB
fi
...
start() {
echo -n $"Starting $prog: "
check13 || exit 1
PATH=$PATH MANPATH=$MANPATH PERL5LIB=$PERL5LIB LANG=$HTTPD_LANG daemon $httpd $OPTIONS
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch ${lockfile}
return $RETVAL
}
...
sudo /etc/init.d/httpd restart
more /etc/httpd/conf.d/asnmtap.conf
...
<VirtualHost *:80>
...
SetEnv PERL5LIB /opt/asnmtap/cpan-shared/lib/perl5
...
</VirtualHost>
# Module section - - - - - - - - - - - - - - - - - - - - - - - - - - - -
vi Makefile.pl
...
use lib qw(/opt/asnmtap/cpan-shared/lib/perl5/.);
...
# Configuration section - - - - - - - - - - - - - - - - - - - - - - - - -
If you're not the Perl administrator you probably don't have permission to install a module to its default location.
Then you should install it for your own use into your home directory or other directory like so:
perl Makefile.PL PREFIX=/opt/asnmtap/cpan-shared SITELIBEXP=/opt/asnmtap/cpan-shared/lib/perl5 LIB=/opt/asnmtap/cpan-shared/lib/perl5 INSTALLMAN1DIR=/opt/asnmtap/cpan-shared/share/man/man1 INSTALLMAN3DIR=/opt/asnmtap/cpan-shared/share/man/man3 INSTA...
or
perl Makefile.PL INSTALL_BASE=/opt/asnmtap/cpan-shared
This will put modules into /opt/asnmtap/cpan-shared/lib/perl5, man pages into /opt/asnmtap/cpan-shared/man and programs into /opt/asnmtap/cpan-shared/bin.
INSTALLARCHLIB INSTALL_BASE/lib/perl5/$Config{archname}
INSTALLPRIVLIB INSTALL_BASE/lib/perl5
INSTALLBIN INSTALL_BASE/bin
INSTALLSCRIPT INSTALL_BASE/bin
INSTALLMAN1DIR INSTALL_BASE/man/man1
INSTALLMAN3DIR INSTALL_BASE/man/man3
make
make install
=back
=item Apache
=over 4
=item How create simple test certificates with openssl?
http://www.vanemery.com/Linux/Apache/apache-SSL.html
=over 4
=item Step 1: Setup your own CA (Certificate Authority)
openssl genrsa -des3 -out server-ca.key 2048
openssl req -new -x509 -days 3650 -key server-ca.key -out server-ca.crt
# To remove the pass phrase from the key file, execute this:
openssl rsa -in server-ca.key -out server-ca-nopass.key
openssl x509 -in server-ca.crt -text -noout
=item Step 2: Make a key and a certificate for the web server:
openssl genrsa -des3 -out citap-server.key 1024
openssl req -new -key citap-server.key -out citap-server.csr
...
Common Name (eg, your name or your server's hostname) []:secure.citap.com <=== This must be the real FQDN of your server!!!
openssl rsa -in citap-server.key -out citap-server-nopass.key
openssl x509 -req -in citap-server.csr -out citap-server.crt -sha1 -CA server-ca.crt -CAkey server-ca.key -CAcreateserial -days 3650
openssl x509 -in citap-server.crt -text -noout
=item Step 3: Creating Client Certificates for Authentication
openssl genrsa -des3 -out alex-peeters.key 1024
openssl req -new -key alex-peeters.key -out alex-peeters.csr
openssl x509 -req -in alex-peeters.csr -out alex-peeters.crt -sha1 -CA server-ca.crt -CAkey server-ca.key -CAcreateserial -days 3650
openssl pkcs12 -export -in alex-peeters.crt -inkey alex-peeters.key -name "Alex Peeters" -out alex-peeters.p12
openssl pkcs12 -in alex-peeters.p12 -clcerts -nokeys -info
when:
[error] Re-negotiation handshake failed: Not accepted by client!?
[error] Certificate Verification: Error (20): unable to get local issuer certificate
( run in 0.546 second using v1.01-cache-2.11-cpan-39bf76dae61 )