Pandora: Documentation en: Managing and Administration

From Pandora FMS Wiki
Jump to: navigation, search

Go back to Pandora FMS documentation index

Contents

1 The Management of Pandora FMS

1.1 Introduction

Several topics regarding the daily management of Pandora FMS such as group administration, user creation, etc. are discussed in this chapter.

1.2 Profiles, Users, Groups and ACLs

Pandora FMS is a network-management tool which allows multiple users to work with different permissions in multiple defined agent groups. Before adding new users, groups and profiles (as well as the data visibility we intend for each user) are required to be well defined.

1.2.1 Profiles in Pandora FMS

The permissions a user can have are defined within profiles. You're able to manage any profile by clicking on 'Profiles' -> 'Profiles Management'.



Gest1.png



The following list defines what ACL control allows in each feature on the console:

Feature ACL Control
View the agent's data (all tabs)AR
Tactical ViewAR
Group ViewAR
Visual console editingRW
Creating reportsRW
Creating user-defined graphsRW
Viewing reports, visual maps and custom graphsRR
Applying report templatesRR
Creating report templatesRM
Creating incidentsIW
Reading incidentsIR
Deleting incidentsIW
Becoming the owner of another user's incidentsIM
Deleting another user's incidentsIM
Viewing eventsER
Validating and commenting eventsEW
Deleting eventsEM
Executing responsesEW
Creating incidents from events (response)EW&IW
Managing responsesPM
Managing filtersEW
Customizing event columnsPM
Changing owners / reopen eventEM
Viewing usersAR
SNMP Console viewingAR
Validating trapsIW
MessagesIW
Cron jobs PM
Tree view AR
Update Manager (operation and administration) PM
Extension Module GroupAR
Agent ManagementAW
Remote Agent Configuration Management AW
Assigning alerts to agentsLW
Defining, altering and deleting alert templates, actions and commandsLM
Group ManagementPM
Creating inventory modulesPM
Module Management (includes all suboptions)PM
Massive Management Operations AW
Creating agentsAW
Duplicating remote configurationsAW
Downtime ManagementAD
Alert ManagementLW
User ManagementUM
SNMP Console Management (alerts and MIB loading)PM
Profile ManagementPM
Server ManagementPM
System AuditPM
SetupPM
Database MaintenanceDM
Administrator Extension MenuPM
Search BarAR
Policy ManagementAW
Disabling agents / modules / alertsAD
Alerts validationLM&AR or AW&LW
Network-map viewMR
Network-map editionMW
Deletion of owned network-mapMW
Deletion of any network-mapMM
Visual console viewVR
Visual console editionVW
Deletion of owned visual consoleVW
Deletion of any visual consoleVM

1.2.1.1 Adding a Profile

In order to add a profile, please click on 'Profiles' -> 'Profile management' and click on the 'Create' button.




Gest2.png



In order to create a profile, please assign a name to it, pick the permissions it's supposed to have and click on the 'Create' button.

1.2.1.2 Editing a Profile

In order to edit a profile, please click on 'Profiles' -> 'Profiles Management' and click on the profile's name you intend to edit.



Gest3.png



1.2.1.3 Deleting a Profile

In order to delete a profile, please click on 'Profiles' -> 'Profile Management' and click on the trash icon on the right side of the profile's name you intend to delete.



Gest4.png



1.2.2 Pandora FMS Groups

The accesses are related to the groups which are used to group agents. An user could have different permissions in each of the groups to which it has access. The agents are only allowed to belong to one group.

Template warning.png

The group 'All' is a special group that cannot be deleted. All the groups are defined as subgroups of the group 'All'. Any element (e.g. reports, graphs or events) which is associated to the group 'All' can be viewed and managed by a user which has permissions for any group.

 


In order to define any group, please click on 'Administration' -> 'Monitoring' and 'Manage Groups'.



Gest5.png



1.2.2.1 Adding a Group

In order to add a group, please click on 'Profiles' -> 'Manage agent groups' and click on 'Create Group'.



Gest6.png



The fields pertaining to this particular form are the following:

  • Name: The group's name
  • Icon: The combo box to pick the icon the group is going to have.
  • Parent: The combo box to assign another group as parent of the group under creation.
  • Alerts: If enabled, the agents belonging to the group will be able to send alerts. If not, they won't be able to do so.
  • Propagate ACL: If enabled, the child groups are going to have the same ACL as this group.
  • Custom ID: The groups have an ID in the database. In this field, you're able to input another customized ID to be used by an external program in an integration, e.g. CMDBs.
  • Description: A free-text field for a description.
  • Contact: A field intended for contact information which is accessible by the '_groupcontact_' macro.
  • Other: A field for other information, accessible by the '_group_other_' macro.
  • Skin: A field in which you're able to assign a skin for the group.

Once the fields have been filled out, please click on the 'Create' button.

1.2.2.2 Editing a Group

In order to edit a group, please click on 'Profiles' -> 'Manage Agents Groups' and click on the group's name you intend to edit or on the key-shaped icon.



Gest7.png



1.2.2.3 Deleting a Group

In order to delete a group, please click on 'Profiles' -> 'Manage Agents Groups' and click on the trash icon on the right side of the group's name you intend to delete.



Gest8.png



1.2.3 Tags under Pandora FMS (>=5.0)

From Pandora FMS versions 5 and above, the access to modules can be configured by a tags system. Tags are configured on the system and be assigned to the chosen modules. The user's access can be limited to modules with certain tags in this way.

Info.png

The access tags are not meant to replace the group access, they're just meant to complement it.

 


In order to manage the tags, please click on 'Profiles' -> 'Module Tags'.



Gesttags5.png



1.2.3.1 Adding a Tag

In order to add a tag, please click on 'Profiles' -> 'Module Tags' and click on the 'Create Tag' button.



Gesttags6.png



The fields pertaining to this particular form are the following:

  • Name: The tag's name.
  • Description: The tag's description.
  • URL: The field intended to insert an external link in order to add extra information to the tag.
  • Email: The field intended to insert an email address to be used in case of alerts associated to the tag.
  • Phone:The field intended for a phone number used in alerts associated to the tag.

Once the form is filled out properly, please click on the 'Create' button.

1.2.3.2 Editing Tag

In order to edit a tag, please click on 'Profiles' -> 'Module Tags' and click on the tag's name to edit or on the editing icon in the actions column.



Gesttag7.png



1.2.3.3 Deleting a Tag

In order to delete a tag, please click on 'Profiles' -> 'Module Tags' and click on the trash icon in the actions column.



Gestag8.png



1.2.4 Users in Pandora FMS

Once the profiles and groups in Pandora FMS have been defined, we suggest to define the users.

In order to manage the users, please click on 'Profiles' and 'Users Management', in which the list of the defined users is displayed.



Gest9.png



1.2.4.1 Adding a User

In order to add a user, please click on 'Administration' -> 'Manage Users' and click on the 'Create User' button.



Gest11.png



The fields pertaining to this particular tab are the following:

  • User ID: The ID Identifier the user is going to utilize for login.
  • Full Display Name: The field to store the full name.
  • First Name: The field to store the person's name.
  • Last Name: The field to store the family name.
  • Password: The field to insert the password.
  • Password Confirmation: The field to insert the password again for confirmation.
  • Global Profile: The field to choose between 'Administrator' or 'Standard User'. An administrator is going to have absolute permissions for the assigned groups within the application. A standard user is going to have the permissions defined in its assigned profile.
  • E-mail: The field to store the user's e-mail.
  • Phone Number: The field to store the user's phone number.
  • Comments: The field to store comments on the user.
  • Skin: The field to pick a skin.
  • Interactive Charts: The field intended to decide whether to use JavaScript or static PNG graphs.
  • Block size for pagination: The field to determine the block size for pagination.
  • Not login: The user for which the 'not login' flag is set is only allowed to access the API.

If the form has been filled out appropriately, please click on the 'Create' button. The newly created user, an applicable profile and a new section appears in order to define the groups the user is supposed to have access to.



Gest12.png



A user can be granted access to as much groups as you want. Please select a profile and a group and click on the green '+' symbol.

From Pandora FMS versions 5 and above, it's possible add tags to each user-profile-group association in order to limit access to the modules containing these tags. If no tags are assigned at all, the user is going to have access to all modules of these group's agents.



Gest13.png



In case you intend to remove access to a group, please click on the trash icon on the right side of the access window to remove it.



Gest14.png



1.2.4.2 Editing your own User Settings

If the user has administrator permissions, it's able to modify certain parameters of its configuration by clicking on 'Operation' -> 'Workspace' and 'Edit my User'.

If the user creation form is displayed, everything is editable, except group permissions.



Gest16.png



1.2.4.3 User Editing by the Administrator

In order to completely edit a user (including the permissions and groups part), please click on 'Administration' -> 'Manage Users' and click on the user's name or on the key-shaped icon.



Gest18.png



1.2.4.4 Removing a User

In order to completely remove a user, please click on 'Administration' and 'Manage Users' and click on the trash icon on the right side of the user's name.



Gest19.png



1.3 The 'All' Group

Pandora FMS has a system of groups that are entities in which the agents will be categorized and used to disperse privileges. It provides some permissions for the users, framed into one or several groups in that way. They possess the capability of seeing and interacting with agents and other objects from their environment.

To render the assignation and filtering of the groups a little easier, we've designed a tool named the 'All' group. The 'All' group means: All groups or any of them, depending on the context. It's just about the same in version 3.1, but its implementation has changed.

Within version 3, the 'All' group is a special group which is contained in the database with identifier '1'. This one was attached to this group in this way, so the group with ID '1' was managed as an exception throughout the console's code, along with the necessity of the subsequent control if the groups were listed, and where it was necessary to sometimes omit this group.

In version 3.1, the 'All' group has disappeared entirely from the database. The identifier '1' has been released for use to any normal group. Now, the identifier reserved for the "All" group is '0', bearing the difference that it's completely controlled by code. Now it's controlled in such a way that the objects associated with the '0' group are going to be associated to all groups, without the need to define whether a group, taken out from the database is special or not.

If we take out agents from a group or vice versa, there isn't any problem, because an agent belongs to only one group. If we're e.g. extracting the groups to which a user belongs to (or the users which belong to one particular group) it's important to keep in mind that we should display the ones which are members of all groups (group '0') if we're going to list the users which belong to one group. If we're displaying the groups of a user, it's recommended to display all of them in case this user belongs to the 'All' group ('0').

1.4 The Enterprise ACL System

The Open Source ACL model is based on a 'unix style' type of role/action/group/user procedure.

The Enterprise ACL system (which was implemented in version 3.1) allows to define to which pages the user has access to for any profile (defined individually or by groups). This feature e.g. only allows to let a user see the 'Group' and 'Detailed Agent' views, but skipping over pages like the 'Alert' or 'Monitor' views. Those are already grouped within the classic ACL system of Pandora FMS as 'ARs' (the agent's read privileges).

This feature even allows you to restrict the administration for each page. This is also very useful to allow specific low-level operations.

Both models are implemented side by side and compatible, but the enhanced ACL system is an Enterprise feature only. The regular ACL system will continue to exist, because it provides a very easy to handle ACL system for Pandora FMS.

An activation is required within the setup in order to use the new enhanced ACL system. The option to activate it is only visible if you're running the Enterprise Version of Pandora FMS.




Acl setup2.png



In order to utilize the Enterprise ACL system, please click on the specific option for Enterprise ACL on 'Administration' and 'Setup'. Within this window, you're also able to add new items to the ACL System and see the items defined by its profile. You're also able to delete items from the Enterprise ACL system there.



Acl setup1.png



If activated, the Enterprise ACL system restricts all pages to all groups (even administrators) to defined (allowed) pages in the Enterprise ACL system. If a user with an 'Administrator' profile has no defined pages within the Enterprise ACL system, it can't see anything.


Template warning.png

Please exercise extreme caution in handling this feature, because you're running the risk of entirely losing your console's access if you're accidentally setting up incorrect Enterprise ACL configuration values for your user account.

 


In order to disable the Enterprise version's ACL System from the command line, please execute the following command:

/usr/share/pandora_server/util/pandora_manage.pl /etc/pandora_server.conf --disable_eacl

You're also able to define the rules page by page', by whole sections, to setup a 'any' rule or to add 'custom pages' which aren't going to be accessible from the menu.

There are two methods to add pages to a profile: By the wizard (default setting) or by custom edition. There is a button on top of the 'Add Rules' button to change this mode.

1.4.1 The Wizard

The default method is to pick the sections and pages for a combo control by the wizard.


Template warning.png

The pages of these combos are exactly the ones accessible from the menu. In order to grant access to pages which are accessible in other ways (e.g. the main view of the agents), you're required to use the Custom Editor to do so.

 


In order to include a particular Pandora FMS page into the 'allowed pages list', you're required to select the profile to which the ACL is going to apply to and to pick the allowed section by the 'Section' control. In this moment, you're also able to select any desired section of the page by the 'Page' control.



Acl setup4.png



Another available option is to select a section and to assign the 'All' value for 'Page'. This is going to allow the selected profile to see 'everything', just as it would be without the Enterprise version's ACL system related to that profile. If you e.g. select 'All' within both controls, this profile could see all sections in their entirety, as if it would be without the Enterprise version's ACL system within these sections.


Template warning.png

In order to render a section visible within the menu, the user is required to have been granted access to this particular section's first page. In order to e.g. display the 'Monitoring' section, the user is required to have been granted access to the 'Tactical View' page prior to that.

 


1.4.2 Custom Editing

In order to add single pages which aren't accessible from the menu, you're also able to introduce their 'sec2' parameter manually. To do so, you're just accessing the page you intend to add and copy the 'sec2' parameter.

If we e.g. intend to add the agent's main view, we're just going to any agent's main view in which the URL looks like the one shown below:

http://localhost/pandora/index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente=7702

Now we're going to insert the 'sec2' parameter ('operation/agentes/ver_agente') into the text box as shown below.



Acl setup5.png



1.4.3 Security

Any page which is defined as 'not allowed' is not going to be displayed within the menu. Those pages are also not allowed to be used, even if the user e.g. inserts their URLs manually in order to gain access to them. Any page defined as 'not allowed' by the regular Pandora FMS ACL System is not going to be allowed by the Enterprise ACL, because these pages are still handled by the regular ACL.

This is an example which contains several filters:



Acl example.png



There is also a control which was designed to check whether a page belongs to a section or not, thereby improving the security against manually conducted URL modifications. This check can be avoided by pages added by the custom editor, providing this particular user has been granted access to all pages of a section e.g. in order to optimize their performances prior to that.

1.5 Strict ACL

From version 6.0 of Pandora FMS, it has added a new way to manage users, we call Strict ACL.

The Strict ACL is a mode in which a user has restricted the display to view only what is permitted, both labels and groups that can only save or view the agents or modules. That is, it’s lowered until the lower level, the module. This affects the count of all views (tree, groups, tactics, etc).

With this mode, you lose the inheritance propagation of groups and ACLs will only see the groups assigned to it.

For example, we have a user "Strict ACL", which is assigned a group and a label. When accessing see monitoring, we will see a view like this:


ACL.jpg


1.5.1 Count and colors with Strict ACL

With the Strict ACL, counting modules and agents change. Only modules and agents will be counted to which you have access, like the colors.

For example, suppose we have a "GroupA" group, and in it, we have an agent with five modules, which the user only has access to three. In this mode only these three modules are counted. Also, when changing the agent status, only takes into account the criticality of these three modules to which we have access (although the other two modules that do not have access are in Critical and modules which we have access are in Normal, the agent would look like Normal).

Let's look at the comparison of the two views, Strict ACL and Standard ACL:

Standard ACL
SinACL.jpg


Strict ACL
ACL-estricto.jpg

1.5.2 Strict ACL filters

1.5.2.1 Groups filter

Strict ACL filters also change completely. For example, suppose a user "UserA" has access to "GroupA". Well, when it comes to making filters in the View Monitors, Event View, Alerts View, Reports ... etc, only those groups that have access, and notice that parents group will not be visible (if any). Only the group that will have access.

GroupFilter.jpg

1.5.2.2 Tag Filter

If the same user is assigned a label within a group, only will access to the label assigned to it and will not see any of the rest of the group. If the group to which access is not assigned a label, you can see the entire group. Not able to see all labels, such as Standard ACL, but on the filter, you can only see the labels to which you have access.

We can see in these two comparative:

Standard ACL


TagFilter.jpg


Strict ACL

TagFilterACL.jpg

From version 6.0 of Pandora FMS, has added a new tag filter on Network maps. This filter is discussed later in the section on Reports and Network maps with Strict ACL.

1.5.2.3 Users Filter (Events)

This type of filter influences the event details. In an event you can only change owner and validate user himself. A user with Strict ACL can not see other users. We can see this functionality in the following screen:

UserFilter.jpg

1.5.2.4 Agent Filter

In Strict ACL, as in groups, tags and users can only filter by agents to which the user has access. You will not see server agents to which the user has no access. As you can see in the screenshot of the event view:


Agent.jpg

1.5.3 Tree View with Strict ACL

From version 6.0 of Pandora FMS, the tree view has been changed completely. With the Strict ACL enabled, as has been discussed in previous sections, we can only access, view counts and changing status of agents and modules to which we have access.

Also, in this view, have added two types of filters:

Agent status

Module status

As we can see in the following screen, just leave us the count of those agents and modules to which we have access. You can’t see the parent / child relationship groups.


This is a snapshot of the tree view with a Strict ACL user :

ACL.jpg


To see the difference with the standard ACL, we can see the following screen:

SinACL2.jpg

Here is how we have access to the parent group and subgroups with their agents.

1.5.4 Tactical View and Group View with Strict ACL

From version 6.0 of Pandora FMS, the tactical and group views have been updated completely. With the Strict ACL on, we can only access, view counts and changing status of agents and modules to which we have access.


TACTICAL VIEW

TacticView.jpg


GROUP VIEW

GroupView.jpg

1.5.5 Reports with Strict ACL

The Strict ACL mode also affects the reports. In this section, we can only view and save reports created in the groups to which you have access. Also remember that Group filters only see those who have permission. We see this in the following subsections.

1.5.5.1 Filter save reports in groups

With the Strict ACL on, we can only save reports created in the group or groups to which the user has access. Parent groups can not see if you have them. As we can see in the following screenshot:


SaveReport.jpg

1.5.5.2 Tag Filter in Wizard Templates

From version 6.0 pandora, we have included a tag filter in the Wizard Templates. With this, we can see the agents that apply the templates easier if you know the tag are assigned their modules.

Only, you can see the tags that the user has assigned, as you can see in the following screenshot:

TemplateWizadFilter.jpg

1.5.5.3 Group Filter in Wizard Templates

As in the Tag Filter in Wizard Templates, we can only see the group or groups that have assigned to them completely (no tags). Neither the father/son relationship in groups will be. We show in the following screenshot:


TemplateWizadFilterGroup.jpg

1.5.6 Network maps with Strict ACL

From version 6.0, this section has also added a filter by tags. With this new feature, what we get is to create a network map filtering by tag. Thus, succeed in creating a network map only agents whose modules have these labels defined.

With the Strict ACL mode, only see the tags and groups that have access (as in the other views).

To save the network map, we can only save in the group to which we have access, as in the other views. (All Strict ACL mode works the same in this respect).

We can see an example in the following screenshot:

Networkmap.jpg

Here we can see, as we have filtered by the tag "configuration", and then only shows the agents and modules that have that tag.

1.5.7 Strict ACL in the metaconsole Wizard

The ACL Strict in the Wizard works just like the rest of the views (we can only see the groups and tag to which the user has access, no matter who has parent / child relationship with ACL propagation).

In the Wizard, you can only edit Modules, Alerts and Agents that were created in the same, they can not be edited or deleted ones already predefined.

In the following screen, we can see how it affects the Strict ACL to the Wizard to manage agents from the metaconsole:

ModuleManage.jpg

AlertManage.jpg

We see we can only select a group to which you have access, and we can also see that by not created any module from the Wizard, you can not select.

1.6 The Workspace

1.6.1 Chat

This tool was designed to interact with other Pandora FMS users connected to the console in real time. This tool might come in handy if you e.g. intend to share comments or issues about the service with other operators or administrators.

1.6.2 Connected Users

This extension displays other users which are connected to the Pandora FMS console, different from our own. This functionality is quite important, because the Pandora FMS Console allows connections from different users.

In order to display the connected users, please click on 'Operation' -> 'Workspace' and 'Users Connected'.



Ex4b.png



1.6.3 Messages

Pandora FMS has a tool which allows the users to send messages to each other. Pending messages have a blinking icon within the header.

1.6.3.1 Viewing Messages

If a user receives a message, an envelope-shaped icon is going to appear on the console's top right.



Gest20.png



In order to view the user's messages, please click on 'Operation' -> 'Workspace' and 'Messages'.



Gest21.png





Gest22.png



You may read the message on top of the messages list by clicking on the envelope-shaped icon and answer it by clicking on the black 'Reply' button you see below.



Gest23.png



Once your answer is complete, please click on 'Send Message'.

1.6.3.1.1 Sending Messages

In order to send a message, please click on 'Operation' -> 'Workspace' -> 'Messages' and 'New Message'.



Gest25.png



Once your message is complete, please send it by clicking on the 'Send Message' button.

1.6.3.1.2 Deleting Messages

In order to delete user related messages, please click on 'Operation' -> 'Workspace' -> 'Messages' and click on the trash icon on the message's right side.



Gest24.png



1.7 Incidents

Besides receiving and processing data to monitor systems or applications, you're also required to monitor possible incidents which might take place on these systems within the system monitoring process.

For it, the Pandora FMS team has designed an incident manager within which any user is able to open incidents, explaining what's happened on the network and to update them with comments and files any time in case there is a need to do so.

This system allows the users to work as a team, along with different roles and work-flow systems which allows an incident to be moved from one group to another, and that members from different groups and different people could work on the same incident, sharing information and files.


1.7.1 Viewing all Incidents

Please click on 'Operation' and 'Manage Incidents' in order to view all incidents created so far.



Gest26.png



There is a list containing all incidents, arranged by update order.

Within the list of incidents, each incident comes with detailed information, distributed in the following columns:

ID: The incident's identifier.

State: The incident's state, containing the icons shown below.



Gest27.png



Incident Name: The incident's name.

Priority Displays the priority the incident has assigned by the priority icons.



Gest28.png



Group: It defines the group the incident has been assigned to. An incident can only belong to one group.

Updated: The last time an incident update was received.

Origin: The tab which is applied to assign the incident's origin. It could be selected from a list that is stored on the database. It's fixed and predefined by the origin list and could be modified by the database's administrator.

Owner: The user which has presently been assigned to the incident. Please don't confuse it with the incident's creator - the incident's owner could have been changed, because the owner can always assign it to another user. Any other user is also able to do the same thing, as long as it has incident management privileges within the group the incident belongs to.

1.7.2 Incident Tracking

In order to see a specific incident, please click on the incident's ID or on its name.



Gest29.png



The incident is displayed within a window which is split into three sections:

  • Incident Data


Gest30.png



The incident's basic data is going to be displayed in this section.

You may update the fields named 'incident', 'owner', 'state', 'origin', 'group', 'priority' and the description.

Once they have been properly updated, please click on the 'Update Manager' button.

  • Notes created by users


Gest31.png



This section contains the notes from different users which have participated in the incident.

In order to add notes to the incident, please click on the 'Insert Note' button. It's going to display a page which contains a text area. Please create your note and click on the 'Add' button.



Gest32.png



Any user that has been granted permission for reading an incident is able to add a note, but only the incident's or the note's owners are able to delete them.


  • Attached Files


Gest33.png



The attached files of the different users who have taken part in the incident, are contained in this field.

Please click on the 'Add file' button to add a file.



Gest34.png



Two insertion fields are going to be displayed here. Please take a look for the file on the local system and feel free to create a description. Once you've completed your search, please click on the 'Upload' button to start uploading the file onto the server.

In order to see the file, please click on the file's name.

Any user that has been granted permission for reading an incident is able to add a file, but only the incident's or the file's owners are able to delete them.

1.7.3 Searching for Incidents

There are some fields designed to ease the search for incidents which are able to be combined.



Gest35.png



It's possible to filter the information by using the following fields:

  • Filter by incident state.

The field in which you're able to filter by the incident's state by using the following values:

    • All incidents
    • Active incidents
    • Closed incidents
    • Rejected incidents
    • Expired incidents
  • Filter by priority.

The field in which you're able to filter by incident priority by using the following values:

    • By all Priority
    • By informative priority
    • By low priority
    • By medium priority
    • By serious priority
    • By very serious priority
    • By maintenance
  • Filter by user: It's possible to filter by the user of the incident.
  • Free text: The field in which it's possible to filter by a matching text.
  • Filter by groups: The field in which it's possible to filter by incidents, associated to each of the existing groups.

1.7.4 Opening a New Incident

In order to open a new incident, please click on 'Operation' -> 'Manage Incidents' and click on 'Create Incident' button.



Gest36.png



This is the page to create it.



Gest37.png



1.7.5 Changing the Owner of an Incident

In order to change the owner of an incident, please click on 'Operation' -> 'Workspace' -> 'Incidents', select the proper incident in the last column and click on the 'Become Owner' button.



Gest38.png



In this way, the user which conducts the operation is going to become the incident's owner.

1.7.6 Deleting an Incident

In order to delete an incident, please click on 'Operation' and 'Manage Incidents'. Please select the proper incident in the last column and click on the 'Delete Incident' button.

1.7.7 Incident Statistics

By clicking on 'Operation' -> 'Manage Incidents' and 'Statistics', you're able to access the following five types of incident statistical graphs:

  • Incidents state
  • Priorities assigned to the incidents.
  • Users that have an incident opened.
  • Incidents by groups.
  • Incidents Origin.

1.7.8 Self-generated Incidents (Recon Server)

By the integration of the Recon Server we've also added the self-generated incidents from the events processed by the recon server, such as the detection of new systems within the network we're working in. These incidents are exactly the same as the rest. They're also listed in the 'Operation' -> 'Managing Incidents' section.

1.8 Managing Incidents (Integria IMS Integration into Pandora FMS)

The integration of Integria IMS into Pandora FMS allows to share all information these applications possess and to work with them in a syncronized way.

First, it's necessary to enable the integration of Integria IMS into Pandora FMS. In order to obtain information about its configuration and parameters, please click on SetupIntegria URL, API password and Integria IMS Inventory).

In order to call up Integria IMS incidents, please click on 'Operation' and 'Manage Incidents'.



Incidents1.png



The incidents search under Integria IMS is quite similar to the way Pandora FMS searches for incidents. As you can see below, you're also able to review all incidents related to Pandora FMS under Integria IMS.



Incidents2.png



You're also able to see details about values like 'group', 'severity', 'source', 'resolution', 'state', 'description', etc.



Incidents3.png



Furthermore, you're also able to add work units which were designed to sustain communication between the incident's source and the person who solved it. You're also able to see the time it took to create the incident, whether it's public or not and if it has generated any cost.



Incidents4.png



You're also able to upload files which are associated to the incidents.



Incidents5.png



Additionally, you're able to keep track of all interactions between users for each incident.



Incidents6.png



1.9 The Servers

The server's detailed view is considered common knowledge, besides the Pandora FMS server's general state, its load level and its delay. Below, we're going to show one picture which contains the server's state. Please click on 'Operation' and 'Pandora Servers' in order to obtain it.



Server info.png



We're looking at several important pieces of data within this window:

  • The server's name.

Usually it's the system's hostname.

  • The server's state

('green' = right, 'red' = not fired, stopped or down).

  • The server's type

data servers, network servers, etc.

  • The progress bar

It's going to display the load percentage of all modules, pertaining to this type of server. In this example, all servers are at a 100% strain, except the Recon Server which has no tasks to perform, so its strain is at 0%.

  • The number of modules

Displays the number of modules of this type executed by the server in relation to the total number of modules of this type.

  • Server Lag:

The highest amount of time the oldest module has been waiting for data and the number of modules which have exceeded their life time. In this example, there are nearly 3,000 modules considered out of their life time, bearing a lag time of 10 minutes and 13 seconds. This indicator is quite useful in case we have a lot of modules to execute and like to know whether the server is on the limit of its load capacity or not, as it is in this case. It's not an excessive delay (10 minutes and 13 seconds) for modules that have a lower average life time, being only 19 modules with a lag (of 10 minutes) from a total of almost 1,500 modules.

  • The total number of modules in queue waiting to be attended to.

These parameters display a state of excessive load. Modules aren't supposed to be held in queue at all. Such a state always indicates the server's disability to process data fast enough.

  • Number of seconds since the server has updated its data.

Each server contains a 'Keep alive' that updates its state in order to make sure that it's active. It's also updating its statistics.

1.10 The Backup

An extension which was designed to conduct database backups and to restore them. Please click on 'Administration' -> 'Extensions' and 'Backup'. to call it up. In order to complete the procedure, we suggest to create a distinct backup description and click on the 'Create' button as shown below.



Ex12.png



After the backup is completed, it's going to appear in the backup list, bearing the running icon under 'Status'.



Ex13.png



Once the Backup has been created, it's possible to:

  • Download it clicking on the image icon shown below.


Ex14.png



  • Conduct a rollback by clicking on the image icon shown below.


Ex15.png



The rollback feature applies to any backups which have been created before. This will destroy all existing data in the console and will apply data that already exist in the backup where the rollback is done.

  • Delete it by clicking on the image icon shown below.


Ex16.png



1.11 Cron Jobs

This is a feature of the Enterprise Versions of Pandora FMS.

It's an extension which allows to schedule the completion of tasks assigned to Pandora FMS Servers.

Please click on 'Operation' -> 'Extensions' and 'Cron Jobs' to execute this feature.



Cron jobs.jpg



In order to add a task, you're required to fill out the following fields:

  • Task: The combo to pick the task that is going to be performed, e.g.:
    • Sending a custom report by e-mail.
    • Executing a custom script.
    • Conducting a Pandora database backup.
    • Saving a custom report to the disk.
  • Scheduled: The field to determine how often the task is going to be executed.
    • Not Scheduled: These tasks are only going to be executed once and at a specified time, e.g.:
    • Hourly
    • Daily
    • Weekly
    • Monthly
    • Yearly
  • First Execution: The field to choose the date and hour for the task's first execution. It's going to be executed periodically by utilizing taking the predefined date and hour as reference.
  • Parameter: The field which allows to introduce parameters into the task to perform. It's options diversify and depend on the task which are going to be conducted.
    • Backup Pandora database: The field intended to provide a database description.
    • Send custom report by e-mail: The report to send and the destination e-mail address.
    • Execute custom script: The custom script to execute.
    • Save custom report to disk: The report to save and the destination folder.

Once you have inserted all data, please click on the 'Create' button and the task is going to be displayed within the scheduled tasks list.



Cron jobs list.jpg



Once you have created the scheduled task, it's possible to force its execution by clicking on the green circle located on the task's right or deleting it by clicking on the red 'X' on the left (It's only visible if the task is active. It replaces the green circle-shaped icon).

1.12 Planned Downtime

Pandora FMS contains a scheduled downtime management system. This system was designed to deactivate the alerts in the intervals whenever there is down time by deactivating the agent. If an agent is deactivated, it doesn't collect information. In a down time, the down-time intervals aren't taken into account for most of the metrics or types of reports, because the agents don't contain any data within those intervals.

In order to create a downtime, please click on 'Operation' -> 'Monitoring' -> 'Scheduled Downtime' and click on the 'Add' button as shown below.



Downtime1.png

The configurable parameters pertaining to this particular form are the following:

  • Name: The name of the scheduled downtime.
  • Group: The group we intend it to belong to.
  • Description: A field for a description.
  • Type: The downtime type. We're able to configure the following types of downtimes:
    • Quiet: It marks as "quiet" the selected modules, so they won't generate events, alerts, and won't store historic data.
    • Disable Agents: It disables the selected agents. It is important to know that if an agent was manually disabled before the task started, it will get enabled once the task ends.
    • Disable Alerts: It disables the alerts for the selected agents.
  • Execution: It allows us to determine whether we intend it to run it once or periodically.
  • Configure the time: A field to define date and time within which it's going to start and stop, the planned end, either once or periodically, depending on what has been defined under the 'Running' option before.

Info.png

If the Pandora FMS administrator enables the option in the visual setup section, it will be possible to create planned downtimes on a past date. This planned downtimes will never be executed, but its existence will be reflected on many reports.

 


Downtime2.png



Now we're going to specify the agents we intend to include into this downtime.



Downtime5.png


If a scheduled service stop is defined as 'active', it usually cannot be modified or deleted. From Pandora FMS versions 5 and above, there is a new option with which we're able to stop the execution of the scheduled shutdown. It's called 'Stop Downtime' and re-enables all agents, modules and alarms the planned stop is temporarily disabling. This option is not compatible to the regular scheduled downtimes. From PandoraFMS version 6 and above, you're able to postpone non-periodic downtimes even when they are 'active'.



Downtime10.png

In the moment the scheduled downtime ends, you're able to edit or delete it.

1.12.1 Alternatives to the Service Downtime Management in the Console

There are often some re-emerging situations we're required to keep in mind in which the service downtime management method is too specific. We e.g. quickly and precisely intend to deactivate all agents or to schedule a general downtime each week within a specific hour range. For these types of operations, there are the following command-line ways to accomplish that:

There are two faster ways of putting all agents into service mode:

1. By using the Pandora management tool named 'pandora_manage.pl' on the command line by executing the following command:

./pandora_manage.pl /etc/pandora/pandora_server.conf --enable_group 1

Pandora FMS Manage tool 3.1 PS100519 Copyright (c) 2010 Artica ST
This program is Free Software, licensed under the terms of GPL License v2
You can download latest versions and documentation at http://www.pandorafms.org

[*] Pandora FMS Enterprise module loaded.

[INFO] Enabling group 1

This command activates all agents. In order to deactivate 'Group 1', please execute the following command:

./pandora_manage.pl /etc/pandora/pandora_server.conf --disable_group 1

2. You're also able to achieve this by using the MYSQL interface by modifying the data directly:

echo "UPDATE tagente SET disabled = 1" | mysql -u pandora -ppassword pandora

Within the 'password' passage of the above mentioned command, you're obviously required to enter the access password for the database. You also have the option of conducting a more granular operation by using the SQL method, e.g. to specify it by the agent's name:

echo "UPDATE tagente SET disabled = 1 WHERE nombre LIKE '%_XXXX%'" | mysql -u pandora -ppassword pandora

1.13 The Audit Log

Pandora FMS generates a log, containing all important changes and actions which have taken place within the Pandora FMS console. This log can be invoked by clicking on 'Administration' and 'System Audit Log'.



Gest67.png



1.13.1 Reviewing the System Logs

You're able to invoke the system logs by clicking on 'Administration' and 'System Audit Log'.



Gest68.png



1.14 Managing the Database from the Console

The core of Pandora FMS is its Database. All data collected from the monitored systems, the agents configuration, the alarms, the events, the audit data, the different users and their data are stored within it. It's all considered system data.

The efficiency and reliability of this module is vital to the correct functionality of Pandora FMS. An appropriate maintenance of the Pandora FMS Database is of course crucial for its proper operation.

In order to perform a regular maintenance of the database, the administrators are able to either use MySQL standard commands from the command line or to manage the database from the console without having to be an expert on MySQL.

The database management is carried out by clicking on 'Administration' and 'DB Maintenance'. The options pertaining to this particular feature are shown on the picture below.



Gest71.png



1.14.1 Obtaining Information from the Database

In order to manage the database correctly, it's essential to exactly know the data contained in it and the amount of time this data has been in the database. It's possible to obtain information of different types from the database:

1.14.1.1 Obtaining General Information

You're able to open a page which contains general data of the database by clicking on 'Administration' and 'DB Maintenance'. This page displays the time the system requires to compact the data and the time the information was stored within the system.

Packing is defined in reducing the amount of stored data without losing important information. As time progresses, not all data will be stored, but statistic interpolations which allow to generate graphs by the processed data.



Gest71.png



1.14.1.2 Obtaining Information about Agents and Modules

In order to obtain information about the number of modules and the data from each Pandora FMS agent, please click on 'Administration' -> 'DB Maintenance' and 'DB Information'.

This window is going to display two bar charts: One which displays the modules sorted by agent and another one which displays the packets sorted by agent as shown below.



750



Any general information is going to be displayed within the graphs. If you like to learn more specific information in text mode, please click on 'Press here to get database information as text' like on the picture above.



Gest74.png



You're going to obtain the information by text along with the agent's name, the number of assigned modules and this agent's amount of data. The list is assorted by agent data and contains a list of all agents installed under Pandora FMS.

1.14.1.3 Obtaining Information about Data by Date

By clicking on 'Administration' -> 'DB Maintenance' and 'Database Purge' you're able to obtain the number of packets from the past three months, one month, two weeks, one week, three days or one day.



Gest75.png



You're able to obtain data from all or one specific agent.

In order to obtain data from a specific agent, please pick the agent you intend to show up in the combo and you're going to obtain the agent's data automatically.



Gest76.png



1.14.1.4 Obtaining Data from the Audit Log

By clicking on 'Administration' -> 'DB Maintenance' and 'Database Audit', you're able to learn the total number of audit logs and the data from the first and last log.



Gest77.png



1.14.1.5 Obtaining Data about Events

By clicking on 'Administration' -> 'DB Maintenance' and 'Database Event', you're able to obtain the total number of events and the first log and last log data.



Gest78.png



1.14.2 Purging the Database

Pandora FMS also provides advanced tools for data purging. It's generally conducted by the data's dates, if a system's insufficient speed is getting detected or specifically, if inappropriate data is detected and you intend to delete it from a module.

1.14.2.1 Agent Data Purge by Date

Please click on 'Administration' -> 'DB Maintenance' and 'Database Purge' in order to purge the agent's data by date in the database. Please select the data you intend to delete within the combo and click on the 'Do it !' button.



Gest79.png



It's also possible to purge the data from more than three months, one month, two weeks, one week, three days or one day. The time the system requires for purging the selected data will depend heavily on its amount.

1.14.2.2 Purging Specific Data from a Module

If you're e.g. discovering modules which contain inappropriate data, it's possible to standardize their content by clicking on 'Administration' -> 'DB Maintenance' and 'Database Debug'.

Please select the agent and the module, define the maximum and minimum limits and click on the 'Delete' button on the bottom left.



Gest80.png



All data that is outside the defined minimum and maximum intervals are going to be deleted.

1.14.2.3 Purging Audit Data

In order to purge any audit data within the Database, please click on 'Administration' -> 'DB Maintenance' and 'Database Audit'. Please select the data you intend to delete in the combo and click on the 'Do it !' button as shown on the picture below.



Gest81.png



It's also possible to purge the data from more than ninety days, thirty days, fourteen days, seven days, three days or all data. The time the system requires for purging the selected data will depend heavily on its amount.

1.14.2.4 Purging Event Data

In order to purge any event data within the Database, please click on 'Administration' -> 'DB Maintenance' and 'Database Event'.

Please select the data you intend to delete in the combo and click on the 'Do it !' button as shown on the picture below.



Gest82.png



It's also possible to purge data of more than ninety days, thirty days, fourteen days, seven days, three days or all data. The time the system requires for purging the selected data will depend heavily on its amount.

1.14.3 Database Maintenance

The Pandora FMS infrastructure doesn't require external maintenance, but it's very important to purge the old data, to keep the database in a compacted shape and to delete modules which have never been started. These modules are located in the agents and have never received any data. In order to accomplish proper database maintenance, we recommend to execute an internal Pandora FMS script which conducts the database's regular (daily) maintenance. Please read the chapter named Server Management in order to obtain more information.

Nevertheless, you're able to perform some of the tasks, this script accomplishes from the console, as we're going to see in the following subsection.



Gest83.png



Please click on 'Administration' -> 'DB Maintenance' and 'Database Sanity' in order to execute these tasks.

1.14.3.1 Sanitizing Modules and Structures

This tool was designed to 'sanitize' the modules (e.g. by a pending deletion) and to delete some unfinished or badly applied structures which could lead Pandora FMS to perform more slowly than usual in some cases.



Gest84.png



1.14.3.2 Purging Non-Initialized Modules

Again and again, modules are created and assigned to agents which have never been initialized, due to the fact they've never received any data. It's recommended to delete the non-initialized modules every now and then.

Please click on 'Administration' -> 'DB Maintenance' -> 'Database Sanity' and 'Delete non-initialized modules now' in order to execute this task from the console.



Gest85.png



Please keep in mind that these two operations are conducted automatically by the Pandora FMS Database Maintenance Tool which is thoroughly described in the Server Management and Administration chapter.

1.14.4 The Database Interface

It's an extension which was designed to execute commands in the database and to observe the results. It's a very advanced tool that is recommended only to be used by people who have a serious knowledge of the SQL language and the Pandora FMS Database Structure in detail.


Template warning.png

If this tool gets used in any inappropriate way, it's very likely to result in a permanent destruction of Pandora FMS, its database or its data !

 



Please click on 'Administration' -> 'DB Maintenance' and 'DB Interface' in order to invoke the database's interface.



Ex10.png



Please click on 'Administration' -> 'DB Maintenance' and 'DB interface', insert your SQL command into the text field and click on the 'Execute SQL' button.

1.15 The Plug-In Registration

The plug-in registration was designed to render the logging of server plug ins an easy task. Please click on 'Administration' -> 'Manage Servers' -> 'Register Plug In' in order to invoke this plug in.



Ex9.png



In order to log a plug in, please pick the file by clicking on 'Examine' and click on the 'Upload' button.

You may obtain more information about the '.pspz' server plug ins in the Server Plug-In Development Section.

1.16 Inserting Data

This extension was designed to import data by means of a comma-separated file (CSV) to an agent's module. Please click on 'Administration' -> 'Manage Monitoring' and 'Insert Data' in order to invoke this extension.



Insert data1.png



The syntax in the CSV file format is required to be 'date;value' in each and every line. The date's syntax format is required to be 'Y/m/d H:i:s', e.g.:

2011/08/06 12:20:00;77.0
2011/08/06 12:20:50;66.8

1.17 CSV Import

This is a feature of the Pandora FMS Enterprise Version.

This extension was designed to import a file, separated by any divider on the Pandora FMS server.

Please click on 'Administration' -> 'Extensions' and 'CSV Import' in order to invoke this extension.



Ex17.png



Please pick the field to import by clicking on the 'Examine' button, choose the server on which the export is supposed to be conducted on and select the divider from a combo. Once the before mentioned combos are served appropriately, please click on the 'Go' button.

The CSV file is required to contain the following fields in the below mentioned sequence:

  • The agent's name
  • IP address
  • The operating system's ID
  • The interval and group ID the agent belongs to.

1.18 Resources Registration

This extension was designed to import '.prt' files which contain the definition of local, network, SNMP and WMI components. Except for the local components, you're allowed to add these components to a template.



Resource registration screenshot.png



1.18.1 File Definition for the PRT Format

This is an appropriate definition for '.prt' files.

<?xml version="1.0"?>
<pandora_export version="1.0" date="yyyy-mm-dd" time="hh:mm">
	<component>
		<name></name>
		<description></description>
		<module_source></module_source>
		<id_os></id_os>
		<os_version></os_version>
		<data></data>
		<type></type>
		<max></max>
		<min></min>
		<max_cri></max_cri>
		<min_cri></min_cri>
		<max_war></max_war>
		<min_war></min_war>
		<historical_data></historical_data>
		<ff_treshold></ff_treshold>
		<module_interval></module_interval>
		<id_module_group></id_module_group>
		<group></group>
		<tcp_port></tcp_port>
		<tcp_send></tcp_send>
		<tcp_rcv_text></tcp_rcv_text>
		<snmp_community></snmp_community>
		<snmp_oid></snmp_oid>
		<snmp_version></snmp_version>
		<auth_user></auth_user>
		<auth_password></auth_password>
		<privacy_method></privacy_method>
		<privacy_pass></privacy_pass>
		<auth_method></auth_method>
		<security_level></security_level>
		<plugin></plugin>
		<plugin_username></plugin_username>
		<plugin_password></plugin_password>
		<plugin_parameters></plugin_parameters>
		<wmi_query></wmi_query>
		<key_string></key_string>
		<field_number></field_number>
		<namespace></namespace>
		<wmi_user></wmi_user>
		<wmi_password></wmi_password>
		<max_timeout></max_timeout>
		<post_process></post_process>
	</component>
	<component>...</component>
	<component>...</component>
	<template>
		<name></name>
		<description></description>
	</template>
</pandora_export>

1.19 Translation of Strings

This extension can be found in the god-mode menu under 'Administration' -> 'Setup' and 'Translate String' and was designed to translate strings on the Pandora FMS interface for the purpose of personalizing it.



Translate string.png



The fields pertaining to this particular extension are the following:

  • Language: It allows to filter the strings by language.
  • Free text for search: The field to insert the string content you intend to personalize.

Three columns are going to be displayed in this window: The first one is going to display the original string, the second one displays the current translated string and the third one contains the custom translation you intend to add.


Go back to Pandora FMS Documentation Index