PSclient sending from intranet

Thanks anyway.  I'm working on a how-to right now.  The documentation on 
this feature is practically nonexistent, but I think I'm about to get it 
figured out.

Kris Springer


On 11/6/18 2:22 PM, Timothy Williams wrote:

Alas, I am unable to help further, as my InfoSec allows port 1984, and 
not 80 or 443 to Xymon, so I don't have http running.

Tim

On Tue, Nov 6, 2018 at 3:29 PM Kris Springer 
<user-c2caa0a7a8d5@xymon.invalid <mailto:user-c2caa0a7a8d5@xymon.invalid>> wrote:

    I've configured one of my PSclients to test this HTTPS
    functionality, and it indeed does try to send data over port 443. 
    But the client logs say that my Xymon server is timing out.  Is
    there a specific server url path that I need to be using?  The
    documentation doesn't give any example.

    Kris Springer


    On 11/6/18 7:54 AM, Timothy Williams wrote:

    The Powershell client can connect to the Xymon server using TCP
    port 1984 as default, but can also connect using HTTP or HTTPS
    with/without user/password. You likely have port 80 or 443 open.
    Here are Word doc details:

    HTTP is an alternate method. It can be used if you have
    xymoncgimsg.cgi running on the web server on your Xymon server –
    see
    https://www.xymon.com/help/manpages/man8/xymoncgimsg.cgi.8.html.
    The web server running the CGI can be configured for SSL (i.e.
    HTTPS) and / or authentication – XymonPSClient supports basic
    authentication and SSL. If you require authentication, the
    <serverHttpUsername> and <serverHttpPassword> elements should be
    configured.
    If you are using HTTP and transmitting over unsecure networks
    (e.g.  the internet), it is strongly recommended to enable SSL,
    authentication and disallow HTTP connections.

    ServerHttpPassword encryption
    If <serverHttpPassword> is set, the Xymon client will encrypt the
    password if it is not encrypted and remove the plain text
    password from the configuration file, overwriting with the
    encrypted password. The Xymon client will prefix the encrypted
    password with ‘{SecureString}’, so it is easy to tell if the
    client has attempted to encrypt the password or not.
    This is done using the .NET SecureString functions, which means
    that the encryption is unique to the server and user. This means
    that once the password has been encrypted, you cannot use the
    same xymonclient_config.xml on another server. It also means that
    if you have been testing by running XymonPSClient from a command
    prompt, and this encrypts the password, when you run
    XymonPSClient as a service it will not be able to decrypt the
    password unless the service is running as the same user.
    In both scenarios, replacing the encrypted password with the
    plain text password and re-starting Xymon will cause the password
    to be re-encypted.


    Tim Williams

    On Tue, Nov 6, 2018 at 9:37 AM Rolf Schrittenlocher
    <user-4b3b4051a09b@xymon.invalid
    <mailto:user-4b3b4051a09b@xymon.invalid>> wrote:

        any possibility to send something from intranet to the world
        outside?
        creating webpage, send by sftp or scp? This could be done by
        cron and
        xymon could analyze this data then.

Anyone have an idea about how to collect client server
        stats using the
Powershell client on machines that are on an intranet that
        blocks port
1984, and send it out to our external xymon server located
        in a
different part of the country?  The intranet network
        doesn't want to
open any additional ports to allow the traffic out.

        -- 
        Mit freundlichen Grüßen
        Rolf Schrittenlocher

        Lokales Bibliothekssystem Frankfurt
        Bockenheimer Landstr. 134-138, 60325 Frankfurt
        Tel LBS: (49) 69 - 798 28830
        Tel persönlich: (49) 69 - 798 28908
        LBS: user-7d592aff76ba@xymon.invalid <mailto:user-7d592aff76ba@xymon.invalid>
        Persönlich: user-4b3b4051a09b@xymon.invalid