[XYMON] agents with pulldata - xymonfetch and ssh tunelling
Hello,
I am trying to set up xymonfetch/msgcache with ssh tunnelling (because security does not want to open flows on port 1984).
I have enabled xymonfetch (in tasks.cfg) and added pulldata (in hosts.cfg) on server side and also msgcache (in clientlaunch.cfg) and XYMSRV=127.0.0.1 (in xymonclient.cfg).
I have done a ssh tunnel (ssh -L 1234:127.0.0.1:1984 IP_of_the_client) from the xymon server. My tunnel is ok but xymon logs still show that nothing happens, no pulldata.
Is there something else I should do to enable this function?
Any help would be appreciated. Thank you!
Pierre
Pierre,
does a xymon 127.0.0.1 “ping” on the client return the version-number of your xymon server? If it does your client should simply report to 127.0.0.1 and you should be ready to go.
pulldata is for situations where the _server_ can reach the client (on port 1984) — “normal” communication is the other way around: the client contacts the server on tcp/1984. The “daemon" for pulldata from the server on the client is msgcache: That has to be enabled in clientlaunch.cg. If the security-policy applies to the client as well.
This does not seem to be the case in your setup.
If you are not already using it: have a look at the excellent ssh-tunnel-extension <https://wiki.xymonton.org/doku.php/addons:ssh_tunnel <https://wiki.xymonton.org/doku.php/addons:ssh_tunnel>> for automatic establishing (and monitoring) the ssh-tunnel.
I have an article on ssh-tunnel <http://www.it-eckert.com/blog/2014/remote-site-monitoring-with-ssh-tunnel/ <http://www.it-eckert.com/blog/2014/remote-site-monitoring-with-ssh-tunnel/>> and also provide an improved/patched version <http://www.it-eckert.com/software/patches/ssh-tunnel/ <http://www.it-eckert.com/software/patches/ssh-tunnel/>>.
If you have more than one client that has to be monitored in a remote location have a look at xymonproxy too, more details here <http://www.it-eckert.com/blog/2014/combine-ssh-tunnel-with-xymonproxy/ <http://www.it-eckert.com/blog/2014/combine-ssh-tunnel-with-xymonproxy/>>.
Cheers Thomas
On 31 Oct 2017, at 17:37, Pierre L <pierre.lapha at gmail.com> wrote:
Hello,
I am trying to set up xymonfetch/msgcache with ssh tunnelling (because security does not want to open flows on port 1984).
I have enabled xymonfetch (in tasks.cfg) and added pulldata (in hosts.cfg) on server side and also msgcache (in clientlaunch.cfg) and XYMSRV=127.0.0.1 (in xymonclient.cfg).
I have done a ssh tunnel (ssh -L 1234:127.0.0.1:1984 <http://127.0.0.1:1984/> IP_of_the_client) from the xymon server. My tunnel is ok but xymon logs still show that nothing happens, no pulldata.
Is there something else I should do to enable this function?
Any help would be appreciated. Thank you!
Pierre
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
On 10/31/2017 8:37 AM, Pierre L wrote:
Hello,
I am trying to set up xymonfetch/msgcache with ssh tunnelling (because security does not want to open flows on port 1984).
I have enabled xymonfetch (in tasks.cfg) and added pulldata (in hosts.cfg) on server side and also msgcache (in clientlaunch.cfg) and XYMSRV=127.0.0.1 (in xymonclient.cfg).
I have done a ssh tunnel (ssh -L 1234:127.0.0.1:1984 IP_of_the_client) from the xymon server. My tunnel is ok but xymon logs still show that nothing happens, no pulldata.
Is there something else I should do to enable this function?
I spent some time making xymonfetch/msgcache for for us. Some questions for you:
Have you confirmed msgcache is listening on your remote host?
Have you looked in the xymonfetch logfile? This is an option which can be defined in tasks.cfg
Have you tried running your xymonfetch manually to see what happens? This is how I was eventually able to figure out my problems.
~/server/bin/xymoncmd ~/server/bin/xymonfetch --id=19 --debugThat will go through your hosts.cfg looking for pulldata tags. Those hosts will then be asked for data. You may find that xymonfetch is not querying the server:port combination you expect. You may find xymonfetch is asking for data, and your client has not put anything into the msgcache.
What version of xymon are you running? Prior to [something pretty recent], xymonfetch did not honor the "port" portion of the pulldata tag. It would only query on port 1984. Look in the list archives, and you will find my posts on this subject.
-- Do things because you should, not just because you can.
John Thurston 907-465-8591 John.Thurston at alaska.gov Department of Administration State of Alaska
participants (3)
-
john.thurston@alaska.gov
-
pierre.lapha@gmail.com
-
thomas.eckert@it-eckert.de