On Mon, Oct 10, 2011 at 2:58 PM, T.J. Yang <tjyang2001 at gmail.com> wrote:
Hi, Henrik
Passing message without encryption among xymon client and server will cause concerns in corporate IT. I know you did some work at previous branches, can you activate this message encryption work or put it on roadmap ?
I was taking another crack at this today and found some interesting things. The xymon command, which delivers messages to the server, can take a URL for a parameter. Also, lurking in xymon-4.3.5/xymonproxy there is a little program called xymoncgimsg, which takes an HTTP-delivered Xymon message and hands it directly to Xymon. I went a step further and poked around in the code to see what was being sent, and came up with this:
Discover the state of some service, including the color. Assemble the report:
MESSAGE="status $MACHINE.$TEST $COLOR
datesome message(s) relating to the test we're reporting"instead of doing: $XYMON $XYMSRV "$MESSAGE" to deliver, do this:
curl -s -S -L --cacert /path/to/secure/xymon-server/cert.pem
-H "Content-Ty[e: application/octet-stream"
-H "MIME-version: 1.0"
-d "$MESSAGE"
https://secure-xymon.server.com/xymon-cgi/xymoncgimsg.cgi
Curl validates the server certificate and manages the encrypted connection. $MESSAGE is shoved down the pipe to the cgi script and directly to xymon.
Ralph Mitchell