Xymon Mailing List Archive search

Database Monitoring

list Larry Barber
Wed, 31 Oct 2012 09:00:25 -0500
Message-Id: <user-6cefb4bcb30b@xymon.invalid>

You're still going to need to have the account name and password stored
somewhere, even if it is local to the database machine. The real way to
provide good security in this case is to make sure the account that Xymon
uses only has the permissions it needs, only "select" permissions on the
DBA tables. This way nobody can use the account information to subvert your
database nor will they be able to use it to obtain sensitive information.
You can also make the file holding the passwords hard to access, zero out
the permissions using chmod and then use setfacl to add in read permissions
for the Xymon user.

I haven't used dbcheck.pl, but I strongly suspect that you could run on the
Xymon clients that are hosting your databases, there are certainly other
monitoring scripts, available at Xymonton and deadcat that do operate
locally, but you will still need passwords stored in a plain text file
somewhere.

Thanks,
Larry Barber


On Wed, Oct 31, 2012 at 7:41 AM, Venkatesh Subbaramu <
user-836ee4520eff@xymon.invalid> wrote:

 Hi All ,****

** **

We have implemented db monitoring using dbcheck.pl for our Oracle and SQL
Server databases which requires the database  user id and password to be
stored in dbcheck.ini (its config file) .However the security team has
raised concerns about this and proposed that we instead go for a agent
based model like say leverage the BBWIN agent for windows to perform the
database monitoring as well . Can you please let me know if this is
possible to implement .If yes ,please provide some  details /sample scripts
for implementation .****

** **

Thank You,****

** **

Regards,****

Venky****

**************** CAUTION - Disclaimer *****************
This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely
for the use of the addressee(s). If you are not the intended recipient, please
notify the sender by e-mail and delete the original message. Further, you are not
to copy, disclose, or distribute this e-mail or its contents to any other person and
any such actions are unlawful. This e-mail may contain viruses. Infosys has taken
every reasonable precaution to minimize this risk, but is not liable for any damage
you may sustain as a result of any virus in this e-mail. You should carry out your
own virus checks before opening the e-mail or attachment. Infosys reserves the
right to monitor and review the content of all messages sent to or from this e-mail
address. Messages sent to or from this e-mail address may be stored on the
Infosys e-mail system.
***INFOSYS******** End of Disclaimer ********INFOSYS***