On 2/10/2014 5:56 AM, user-ce4a2c883f75@xymon.invalid wrote:
Den 2014-02-08 3:49, John Thurston skrev:
I've been using my Solaris BB clients with my Xymon server, but am
hoping the xymon client will be more zfs-aware than the ancient BB
client. To that end, I'm trying to compile a xymon client.
I've spent most of the day fighting with the 'make' process.
[snip]
- snip -
The "xymond_client" binary is the only difference between a client- and
server-side configured client. "xymond_client" is the program that
analyses the client data and generates the status updates, so when you
configure the client for "client-side" configuration, then you get this
extra binary. However, it also uses a lot of external libraries that you
can avoid installing on all of the servers you monitor by using
server-side configuration.
It appeared to me to only require the pcre libraries. Were there others I missed?
Client-side really is a hack, and it will probably be removed in v5. So
I really do recommend that you use server-side configuration, to keep
the client installation as dumb as possible.
I can see the case for server-side, but do not think it meets our business needs. I'm willing to be corrected if I've misunderstood how server-side configuration behaves:
+ In server-side configuration, our log, process, user, etc data is passed across the network on clear TCP connections. In the client-side configuration, our host-specific data never leaves our host. The client can be rigged to leak very little host-data.
+ If a server-side configuration for log-watching is doing the pattern matching on the Xymon server, how do I avoid sending (resending) my entire log file to the server for analysis?
+ Dumb client configurations are not always possible. We have many servers for which the Xymon-server admins do not understand the business requirements. In the client-side configuration, once the host is defined/authorized (in hosts.cfg) the server and application administrators can configure their alarm levels to meet their needs. In the server-side configuration, the Xymon-server admins are going to have to define the alarm levels for every defined/authorized host.
+ If my testing is correct, the client-local.cfg permits the Xymon server to instruct the client to execute commands on its behalf. The 'file:' option accepts `back-ticked` strings which are used to generate dynamic names. This is very useful, but can also be used to do other things... maybe `rm -rf ~/*`.
The short version is, server-side client configuration can work for hosts on which I am the sysadmin and business owner. Since that represents only about 20 of the 300+ hosts we monitor with Xymon, it isn't a very good fit. I hope you don't drop client-side configuration, but I will understand if you do.
- snip -
Building only the client with "configure --client" should work, but I'll
readily admit that testing on Solaris is not at the top of my priority
list.
I can understand that. We Solaris users are decreasing in number (thanks Oracle!).
--
Do things because you should, not just because you can.
John Thurston XXX-XXX-XXXX
user-ce4d79d99bab@xymon.invalid
Enterprise Technology Services
Department of Administration
State of Alaska