DOCSLIB.ORG

JMX for the Shibboleth Identity Provider

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
JMX for the Shibboleth Identity Provider MSE Project Thesis JMX for the Shibboleth Identity Provider Halm Reusser Advisor: Prof. Dr. Andreas Steffen July 12, 2010 Hochschule Rapperswil Oberseestrasse 10 CH-8640 Rapperswil Shibboleth is an open source software package for web single sign-on across or within organizational boundaries and is based on the Security Assertion Markup Language (SAML). It is well established and is an important building block of the successful SWITCHaai identity federation. Therefore the Shibboleth Identity Provider (IdP) is becoming one of the core services at the universities’ Information Technology (IT) departments. They require monitoring and management facilities in order to offer high availability, security and reliability. Because the Authentication and Authorization Infrastructure (AAI) is the solution to authenticating and authorizing users it is taking a major role in the field of accounting, which leads to a need of having access to usage data. The objective of this project thesis is to collect ideas of metrics and management tasks for the IdP, beneficial for the above-mentioned requirements. For structuring and sum- marizing those ideas, research papers and publications in the field of Federated Iden- tity Management (FIM) monitoring were consulted and helped to create a top-down overview. The study of the literature clarified that the implementation of Java Manage- ment Extensions (JMX) is a relatively new approach and will probably have an impact on monitoring enterprise applications in the future. As proof of concept, some of those ideas were implemented as Managed Beans (MBeans) in the Shibboleth IdP. To demonstrate the integration of the newly available status, us- age and performance information into a monitoring framework, a reference setup with the industry standard monitoring system Nagios was accomplished. The added JMX functionalities in the IdP provides a wide range of new possibilities, from fine grained metrics to management tasks for individual IdP components! This project thesis demonstrates that it is archivable. Contents 1. Introduction 6 1.1. Federated Identity Management, SWITCHaai and Shibboleth . .6 1.2. JMX . .6 2. Analysis 8 2.1. Research . .8 2.1.1. Federated Identity Management Metrics . .8 2.1.2. Information Assurance Metrics . .8 2.1.3. Shibboleth Metrics . .9 2.1.4. Authentication Metrics . .9 2.1.5. AMAAIS . .9 2.1.6. SLA Measurements . .9 2.2. Best Current Practices operating a SWITCHaai Identity Provider . 10 2.3. Conclusion: Collection of Metrics and Management Tasks . 11 3. Concepts 12 3.1. JMX Concepts . 12 3.1.1. JMX Architecture . 12 3.1.2. MBeans . 13 3.1.3. Standard Agent Services . 16 3.1.4. Registering . 18 3.2. Spring Framework JMX Support . 18 3.2.1. JMX Annotations . 18 3.2.2. Naming Strategy . 19 3.2.3. Exporting MBeans . 20 3.2.4. Notification Listener . 20 3.3. Perf4J . 21 3.3.1. Profiled Annotation . 21 4. Design 23 4.1. Map Metrics and Management Tasks to MBeans . 23 4.2. Integration Design . 24 4.2.1. Technology Decision . 24 5. Implementation 25 5.1. MBean Specification . 26 3 5.2. Spring JMX Configuration for the Shibboleth IdP . 27 5.2.1. Custom Property Editors . 29 5.3. Shibboleth Modules . 29 5.4. Perf4J Logback Extensions . 30 5.5. MBeans . 30 5.5.1. Status Information . 30 5.5.2. Session Management . 31 5.5.3. Metadata Management . 32 5.5.4. Authentication . 34 5.5.5. Attribute Processing . 37 6. Integration 39 6.1. JMX Monitors . 39 6.2. Perf4J and Logback SMTP Appenders . 40 6.3. Nagios . 42 6.3.1. JMX Plug-in . 42 6.3.2. Configuration . 42 6.3.3. PNP4Nagios . 45 7. Testing 46 7.1. Canoo Webtest . 46 8. Use Cases 49 8.1. Clients . 49 8.1.1. JConsole . 49 8.1.2. HTTP Adaptor . 50 8.1.3. Nagios Console . 50 8.2. Managed Components . 51 8.2.1. Status information . 51 8.2.2. Session Management . 52 8.2.3. Metadata Management . 54 8.2.4. Authentication . 55 8.2.5. Attribute Processing Performance . 57 9. Conclusion 60 9.1. Implementation . 60 9.2. Integration . 61 9.3. Outlook . 61 Glossary 62 Acronyms 63 Bibliography 63 4 A. Project proposal 67 B. Project Plan 69 C. Collected Ideas for MBeans 70 D. Reporting 71 E. Milestones 83 F. DVD 86 5 1. Introduction The objective of this project thesis is to collect ideas how the Shibboleth IdP could be enabled with JMX. The first step is to collect ideas of metrics and management tasks and compare respec- tively complement them with results from research papers concerning the topic of FIM metrics and management tasks as well as Service Level Agreement (SLA) measurements. After an overview of potential MBeans for the Shibboleth IdP a reference implementa- tion will be undertaken for each kind of MBean and different complexities. The last part of the project thesis provides a proof of concept which shows the possibil- ities provided by MBeans as well as a potential integration into an existing monitoring system like Nagios [13]. 1.1. Federated Identity Management, SWITCHaai and Shibboleth Federated Identity Management (FIM) is the management and use of identity informa- tion across security domains, e.g., between individual institutions. It deals with issues such as interoperability, liability, security, privacy and trust. The SWITCHaai federation [23] is a Shibboleth respectively SAML [19] based federation in Swiss higher education and research, coordinated and led by SWITCH. Shibboleth [4] is the name of an architecture and an open source software developed by Internet2/MACE (Middleware Architecture Committee for Education). Shibboleth is based on SAML and allows the implementation of a FIM. 1.2. JMX The JMX defines an architecture for supporting software and network management in the Java programming language. JMX is a unified framework to instrument the disparate pieces of Java code in a modern IT infrastructure. Before JMX, there was no standardized approach in the Java programming language to start, manage, monitor and stop different software components or applications [26]. 6 The Java Platform Enterprise Edition (J2EE) is a complex, distributed, service-based enterprise platform. It consists of many different kinds of resources that are dynamically created, distributed, moved across nodes, redeployed and destroyed. The management of such a platform calls for an isolation layer between the management applications and the managed resources. The management architecture must be generic enough to allow the management of a wide variety of different kinds of resources and components. The management architecture must be able to cope with the dynamics and distribution of the platform and provide a management model that allows increasingly long uptimes and 24x7 service. JMX can provide all this [26]. 7 2. Analysis In this chapter FIM metrics and management tasks are analyzed. The main objective of the situation analysis is to gain an overview of possible MBeans for the Shibboleth IdP. 2.1. Research The first step is to collect and compare ideas with research papers concerning similar fields such FIM, Single Sign On (SSO), Lightweight Directory Access Protocol (LDAP) authentication metrics or Management Information Base (MIB) as well as similar pro- tocols like Simple Network Management Protocol (SNMP). 2.1.1. Federated Identity Management Metrics The IEEE Computer Society published in its Security & Privacy Journal an article about “Identity management risk metrics” [29]. This article introduces the terms metrics, risk, identity management and their relation to each other. In the article various metrics are identified, which are grouped into three categories: Identity provider metrics Metrics like accounts, groups, authentication claims and authorization claims. Provisioning process metrics Metrics like requesters, approvers cycle time etc. Identity metrics Similar metrics to the Identity provider metrics but for specific roles. The IdP metrics are very useful for these studies and the ideas are added into the collection. As the Shibboleth IdP is neither a provisioning system nor has support for that, there is no gain from that aspect of the article. Furthermore, the article discusses the benefits of having well defined metrics in the context of risk management, service predictions and real time decision-making. 2.1.2. Information Assurance Metrics The paper Information Assurance in Federated Identity Management [24] investigated two well-known federated identity management solutions, Microsoft Passport and Liberty Alliance, attempting to identify Information Assurance requirements in FIM. One of the goals was to measure the performance focusing on authentication. The developed metrics are mostly in the context of performance like data access time, message processing time, authentication time, SSO time etc. 8 2.1.3. Shibboleth Metrics SWITCH logs all service accesses within the SWITCHaai federation, which pass through the central Discovery Service. For reporting purposes, the tool WAYFalyzer exists. The WAYFalyzer allows to aggregate accesses to IdPs or Service Providers (SPs) over arbi- trary time periods with different sampling rates. The functionalities of the WAYFalyzer are considered to be in the MBean collection. The University of Buffalo publishes some Shibboleth statistics [20] on a monthly basis. They measure authentication requests per service as well as aggregated by domains. Those metrics are covered by the MBean collection as well. 2.1.4. Authentication Metrics Under the term of authentication metrics a lot of research work was done in the field of trusted intermediate paths [30, 31]. This is not an issue within common Shibboleth federations due to trusted Metadata. LDAP Metrics There are published LDAP metrics of the North Carolina State University [9]. They measure indicators like binds, unbinds, successful and failed connections, searches and other typical LDAP operations. The level of granularity is on client addresses or total counts. Another document of the Bucharest academy of economics focused on identity manage- ment in a university system [33]. The outcome concerning metrics is divided into two aspects of the system.
Load more

Recommended publications
  • The World's First Enterprise-Grade Open Source Network Management
    The World’s First Enterprise-grade Open Source Network Management Platform OpenNMS is the world’s first enterprise-grade Event Management and Notifications network management application developed under the open-source model. It is a free OpenNMS is event driven, and the system has software alternative to commercial products such the ability to generate internal events, such as a as Hewlett-Packard’s OpenView, IBM’s Netcool loss of a service, as well as to receive external and Tivoli, and CA Unicenter. events, such as SNMP Traps. Each event can be fed into a robust notification system that can Because OpenNMS is open source software, there send e-mails, pages, text messages, pop-ups are no software license costs. Since the software and even instant messages via XMPP (Jabber). code can be freely modified, OpenNMS can also Notices can be acknowledged, automatically be changed to fit the way the organization works, resolved and escalated. instead of having to change processes and procedures to fit the software. OpenNMS was designed from Day One to be able to monitor tens of thousands of interfaces. The ultimate goal for the software is to become the de facto network management platform. OpenNMS is focused on four main areas: • Automated Discovery • Event Management and Notifications • Service Level Monitoring • Performance Data Collection In addition, OpenNMS includes an event translator that can take an event and turn it Automated Discovery into another event. Fields in the original event It would be very difcult to configure by hand can then be parsed and used to access external thousands of devices, thus OpenNMS was databases (such as a customer or inventory designed to automate the process of network system) and a new enriched event created.
    [Show full text]
  • Mysql Enterprise Monitor 2.0 Mysql Enterprise Monitor 2.0 Manual
    MySQL Enterprise Monitor 2.0 MySQL Enterprise Monitor 2.0 Manual Copyright © 2005, 2011, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this software or related documentation is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007). Oracle USA, Inc., 500 Oracle Parkway, Redwood City, CA 94065.
    [Show full text]
  • Whats New Opennms 2019
    www.opennms.co.uk Whats New OpenNMS 2019 Dr Craig Gallen, Director Entimoss Ltd (OpenNMS UK) Associate Lecturer Solent University Craig Gallen Email : [email protected] : [email protected] : [email protected] Mobile: +44 (0) 7789 938012 Craig © OpenNMS / Entimoss 2014 entimOSS limited Company registered in England and Wales No. 06402040 Contents www.opennms.co.uk OpenNMS Project Overview OpenNMS Functional Overview Future directions © OpenNMS / Entimoss 2012 slide - 1 Converged Virtualised Services www.opennms.co.uk End user Services (Apps) are a mash-up of web services accessed through standard and Application proprietary protocols; Access Network Cloud • HTTP, REST, SOAP, Space JSON, RSS, • Open Data / RDF etc. • ‘Internet of things’ URI URI URI Service 1 Services hosted in Virtualised Service 3 Service 2 VM ‘Cloud’ designed to VM scale through addition Infrastructure VM of VM resources And applications VM VM VM VM VM VM ‘cloud bursting’ VM VM VM ‘cloud brokering’ Underlying physical infrastructure Physical •Commodity hardware •Geographical Diversity Infrastructure •Rapid Churn •Network Connectivity Core Network Cloud © OpenNMS / Entimoss 2012 slide - 2 Moving to Virtualised Networks www.opennms.co.uk You May Have Heard Of • Software defined Networking • Research / Data Centre • Open Flow • Network Functions Virtualisation • Service providers – ETSI • TM Forum ZOOM • Zero-touch Orchestration, Operations and Management (ZOOM) • ETSI’s vision for Network Functions Virtualisation — http://www.telco2research.com/articles/WP_telco2-network-functions-virtualisation-NFV-vs-software-defined-networking- SDN_Summary © OpenNMS / Entimoss 2012 slide - 3 OSGi – facilitates integration into Open Daylight SDN/SFV controller www.opennms.co.uk © OpenNMS / Entimoss 2012 slide - 4 OpenNMS futures www.opennms.co.uk © OpenNMS / Entimoss 2012 slide - 5 The OpenNMS Project www.opennms.co.uk • OpenNMS — Open Network Management System — OpenNMS is the world's first Enterprise and Carrier grade network management platform developed under the open source model.
    [Show full text]
  • Opennms Provisioning
    OpenNMS Provisioning OpenNMS version 1.8.0 The OpenNMS Group, Inc. 220 Chatham Business Drive, Suite 220 Pittsboro, NC 27312 T +1 919 533-0160 F Work Fax Phone [email protected] http://www.opennms.com The OpenNMS Group, Inc. Provisioning 5 Summary 5 Concepts 5 OpenNMS Provisioning Terminology 5 Entity 6 Foreign Source and Foreign ID 6 Foreign Source Definition 6 Import Requisition 6 Auto Discovery 6 Directed Discovery 6 Enhanced Directed Discovery 7 Policy Based Discovery 7 Addressing Scalability 7 Parallelization and Non-Blocking I/O 7 Provisioning Policies 7 The Default Foreign Source Definition 8 Getting Started 8 Provisioning the SNMP Configuration 8 Automatic Discovery 9 Separation of Concerns 9 Enhanced Directed Discovery 10 Understanding the Process 10 Import Handlers 12 File Handler 12 HTTP Handler 12 DNS Handler 12 DNS Import Examples: 12 Simple 12 Using a Regular Expression Filter 12 DNS Setup 13 Configuration 13 OpenNMS Provisioning 1 The OpenNMS Group, Inc. Configuration Reload 13 Provisioning Examples 14 Basic Provisioning 14 Defining the Nodes via the Web-UI 14 Import the Nodes 16 Adding a Node 16 Changing a Node 17 Deleting a Node 17 Deleting all the Nodes 18 Advanced Provisioning Example 19 Service Detection 20 Applying a New Foreign Source Definition 20 Provisioning with Policies 21 New Import Capabilities 23 Provisiond Configuration 23 Provisioning Asset Data 24 External Requisition Sources 25 Provisioning Nodes from DNS 25 Adapters 27 DDNS Adapter 27 RANCID Adapter 27 Maps (soon to be moved to Mapd) 27 WiMax-Link (soon to be moved to Linkd) 27 Integrating with Provisiond 28 Provisioning Groups of Nodes 28 Example 28 Step 1 (Create a Foreign Source) 28 Step 2 (Update the SNMP configuration) 29 Step 3 (Create/Update the Requisition) 29 Adding a Node to a Current Requisition 29 Provisioning Single Nodes (Quick Add Node) 30 Fine Grained Provisioning Using “provision.pl” 31 First, Create a new Provisioning Group 31 OpenNMS Provisioning 2 The OpenNMS Group, Inc.
    [Show full text]
  • Opennms Release Notes
    OpenNMS Release Notes Cumulative Release History Copyright © 2004-2012 Tarus Balog, Matt Brozowski, David Hustace, Benjamin Reed Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts and with no Back-Cover Texts. A copy of the license is available at http://www.gnu.org/copyleft/fdl.html Preface ................................................................................................................................... vi 1. Introduction ......................................................................................................................... 1 1.1. Release 1.12.9 ........................................................................................................... 1 1.2. Release 1.12.8 ........................................................................................................... 1 1.3. Release 1.12.7 ........................................................................................................... 1 1.4. Release 1.12.6 ........................................................................................................... 1 1.5. Release 1.12.5 ........................................................................................................... 1 1.6. Release 1.12.4 ........................................................................................................... 1 1.7. Release
    [Show full text]
  • W.Chinthaka Prasanna Senanayaka 15/1A, Perera Mw
    GSoC 2011 – OpenNMS project proposal Create a maven archetype for creating GWT based XML configuration management and implement three of them W.Chinthaka Prasanna Senanayaka 15/1A, Perera Mw, Meethotamulla, Wellampitiya, Colombo, Sri Lanka. Tel. No. +94718443972 E-mail: [email protected] / [email protected] Personal Details Name: Wahalatantrige Chinthaka Prasanna Senanayaka (W.C.P. Senanayaka) University: University of Kelaniya, Sri Lanka. Course: B.Sc. in Management and Information Technology (3rd year, Special) Email address: [email protected] Physical address: 15/1 A, Perera Mw, Meethotamulla, Wellampitiya, Colombo, Sri Lanka. Phone numbers: +94718443972 Web page: http://chinthakarobotikka.blogspot.com/ IM contacts: Skype: chinthakas87 IRC nick: chinthakas Availability: 1. I can spend on GSoC OpenNMS project, 5–7 hours per day practically. 2. As GSoC time plan I can start and end the project, and I will continue the contact with OpenNMS projects. 3. Other factors affects my availability are university examinations (I have examinations on 2011/04/23, 2011/04/30, 2011/05/02. And before the next semester exams come, GSoC will be finished). 1 GSoC 2011 – OpenNMS project proposal Starting date delays: no delays. Background Information Education background: Did Mathematics, Physics for Advance Level examination. Then I entered to University and now I am in 3rd year special batch. Software development background: I have worked at H’Senid Software International Pvt Ltd (mobile software development, as an undergraduate trainee software engineer). Computer languages: C, JAVA, VB (VB.NET and VB script), PHP (HTML, Javascript), ASP.NET (average), and Scala (average) Other Java compliant tools: Spring, Hibernate, Vaardin Software: Linux – Ubuntu, MySQL, Flash, SQL SERVER Software design using UML (just started learning BPMN) Other: Maven, special interest in open source Why I am interested in OpenNMS: 1.
    [Show full text]
  • Opennms Meridian Release Notes
    OpenNMS Meridian Release Notes Copyright (c) 2016-2019 The OpenNMS Group, Inc. OpenNMS Meridian v2017.1.26, Last updated 2020-09-01 19:13:44 UTC Table of Contents OpenNMS Meridian Development Team . 1 OpenNMS Meridian 2017 . 1 System Requirements. 1 What’s New in Meridian 2017 . 1 Release Meridian-2017.1.26 . 6 Release Meridian-2017.1.25 . 7 Release Meridian-2017.1.24 . 7 Release Meridian-2017.1.23 . 7 Release Meridian-2017.1.22 . 8 Release Meridian-2017.1.21 . 8 Release Meridian-2017.1.20 . 8 Release Meridian-2017.1.19 . 8 Release Meridian-2017.1.18 . 9 Release Meridian-2017.1.17 . 9 Release Meridian-2017.1.16 . 9 Release Meridian-2017.1.15 . 10 Release Meridian-2017.1.14 . 10 Release Meridian-2017.1.13 . 10 Release Meridian-2017.1.12 . 11 Release Meridian-2017.1.11 . 11 Release Meridian-2017.1.10 . 11 Release Meridian-2017.1.9 . 14 Release Meridian-2017.1.8 . 14 Release Meridian-2017.1.7 . 15 Release Meridian-2017.1.6 . 16 Release Meridian-2017.1.5 . 16 Release Meridian-2017.1.4 . 16 Release Meridian-2017.1.3 . 17 Release Meridian-2017.1.2 . 17 Release Meridian-2017.1.1 . 18 Release Meridian-2017.1.0 . 19 OpenNMS Meridian Development Team Tarus Balog <[email protected]> David Hustace <[email protected]> Benjamin Reed <[email protected]> Copyright © 2004-2020 The OpenNMS Group, Inc. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts and with no Back-Cover Texts.
    [Show full text]
  • Developers Guide
    Developers Guide Copyright (c) 2015-2019 The OpenNMS Group, Inc. OpenNMS Meridian 2019.1.23, Last updated 2021-09-07 21:58:30 UTC Table of Contents 1. Setup a development system . 1 1.1. Operating System / Environment . 1 1.2. Installation . 1 1.3. Tooling. 3 1.4. Useful links. 3 1.4.1. General . 3 1.4.2. Installation / Setup . 3 2. Topology . 4 2.1. Info Panel Items . 4 2.1.1. Programmatic . 4 2.1.2. Scriptable . 5 2.2. GraphML . 9 2.2.1. Create/Update/Delete GraphML Topology. 10 2.2.2. Supported Attributes . 11 2.2.3. Focus Strategies . 12 2.2.4. Icons . 12 2.2.5. Vertex Status Provider . 13 2.2.6. Edge Status Provider . 13 2.2.7. Layers . 14 2.2.8. Breadcrumbs . 16 2.3. Topologies Updates. 20 2.3.1. OnmsTopologyUpdater . 20 2.3.2. OnmsTopologyRef. 20 2.3.3. OnmsTopologyMessage . 21 2.3.4. OnmsTopologyProtocol . 21 2.3.5. TopologyMessageStatus. 21 2.3.6. OnmsTopology. 21 2.3.7. OnmsTopologyVertex. 21 2.3.8. OnmsTopologyEdge . 21 2.3.9. OnmsTopologyPort . 22 2.3.10. OnmsTopologyConsumer . 22 3. CORS Support . 23 3.1. Why do I need CORS support?. 23 3.2. How can I enable CORS support? . 23 3.3. How can I configure CORS support? . 23 4. ReST API . 24 4.1. ReST URL. 24 4.2. Authentication. 24 4.3. Data format . 24 4.4. Standard Parameters . 24 4.5. Standard filter examples . 25 4.6. HTTP Return Codes . 26 4.7. Identifying Resources .
    [Show full text]
  • Systems Monitoring Shootout Finding Your Way in the Maze of Monitoring Tools
    Systems Monitoring Shootout Finding your way in the Maze of Monitoring tools Kris Buytaert Tom De Cooman Inuits Inuits [email protected] [email protected] Frederic Descamps Bart Verwilst Inuits Inuits [email protected] [email protected] Abstract serving, do you want to know about the internal state of your JBoss, or be triggered if the OOM killer will start The open source market is getting overcrowded with working soon? . As you see, there are several ways of different Network Monitoring solutions, and not with- monitoring depending on the level of detail. out reason: monitoring your infrastructure is becoming more important each day. You have to know what’s go- In our monitoring tool, we add hosts. This host can be ing on for your boss, your customers, and for yourself. any device we would like to monitor. Next we need to define what parameter on the host we would like to Nagios started the evolution, but today OpenNMS, check, how we are going to get the data, and at which Zabix, Zenoss, GroundWorks, Hyperic, and different point we’d consider the values not within normal lim- others are showing up in the market. its anymore. The result is called a check. There are several ways to ‘get’ the required data. Most monitor- Do you want light-weight, or feature-full? How far do ing tools can use SNMP as a way to gather the required you want to go with your monitoring, just on an OS data. Either the tool itself performs an SNMP-get, or it level, or do you want to dig into your applications, do receives data via an SNMP-trap.
    [Show full text]
  • Developers Guide
    Developers Guide Copyright (c) 2015-2019 The OpenNMS Group, Inc. OpenNMS Meridian 2017.1.26, Last updated 2020-09-01 19:13:44 UTC Table of Contents 1. Setup a development system . 1 1.1. Operating System / Environment . 1 1.2. Installation . 1 1.3. Tooling . 3 1.4. Useful links . 3 1.4.1. General . 3 1.4.2. Installation / Setup . 3 2. Topology . 4 2.1. Info Panel Items . 4 2.1.1. Programmatic . 4 2.1.2. Scriptable . 5 2.2. GraphML . 9 2.2.1. Create/Update/Delete GraphML Topology . 10 2.2.2. Supported Attributes . 11 2.2.3. Focus Strategies . 12 2.2.4. Icons. 12 2.2.5. Vertex Status Provider . 13 2.2.6. Edge Status Provider . 13 2.2.7. Layers . 14 2.2.8. Breadcrumbs . 16 3. CORS Support . 20 3.1. Why do I need CORS support? . 20 3.2. How can I enable CORS support? . 20 3.3. How can I configure CORS support? . 20 4. ReST API . 21 4.1. ReST URL . 21 4.2. Authentication . 21 4.3. Data format . 21 4.4. Standard Parameters . 21 4.5. Standard filter examples . 22 4.6. HTTP Return Codes . 23 4.7. Identifying Resources . 23 4.8. Currently Implemented Interfaces . 24 4.8.1. Acknowledgements . 24 4.8.2. Alarm Statistics . 25 4.8.3. Alarms . 25 4.8.4. Events . 26 4.8.5. Categories . 27 4.8.6. Foreign Sources . 28 4.8.7. Groups . 29 4.8.8. Heatmap . 30 4.8.9. Categories . 31 4.8.10.
    [Show full text]
  • SNMP and Opennms
    This watermark does not appear in the registered version - http://www.clicktoconvert.com SNMP and OpenNMS Part –2 OpenNMS Parts of this presentation were shamelessly copied from a presentation by the project's maintainer, Tarus Balog with the author's permission. Zeev Halevi This watermark does not appear in the registered version - http://www.clicktoconvert.com NMS - ISO Definition: FCAPS • Fault Management • Configuration Management • Accounting • Performance • Security This watermark does not appear in the registered version - http://www.clicktoconvert.com FCAPS and OpenNMS • Fault Management • Configuration Management • Accounting • Performance • Security This watermark does not appear in the registered version - http://www.clicktoconvert.com He-Who-Must-Not-Be-Named of the NMS world This watermark does not appear in the registered version - http://www.clicktoconvert.com The Three "Halves" of OpenNMS • Service Scanning: Is a given network service available? • SNMP Data Collection: Traditional network performance measurement via SNMP • Event Management and Notification This watermark does not appear in the registered version - http://www.clicktoconvert.com Services Available by Default - MSExchange This watermark does not appear in the registered version - http://www.clicktoconvert.com On-line demo • http://www.opennms.org/onmsdemo/onms_ ex0_main_view.htm • http://nms.nws.orst.edu:8080/publicnms/ind ex.jsp • (look at /performance/index.jsp for reports) This watermark does not appear in the registered version - http://www.clicktoconvert.com Concurrent management tasks Concurrent Task Name of Description daemon Action daemon actiond Auto-action execution facility, for automated action (workflow) based on incoming events. Collection daemon collectd Collects data from managed nodes. Capability daemon capsd Performs capability check on discovered nodes.
    [Show full text]
  • SNMP (Polling and Traps, Mibs, DELL Openmanage)
    OpenNMS Daniel Traynor, GRIDPP, QMUL HEPSYSMAN June 2014, RAL OpenNMS Monitoring Overview SNMP (polling and traps, mibs, DELL openmanage) (r)syslog OpenNMS Basics, Installation, automated and directed discovery. Examples Monitoring Choice Do a search for network monitoring and you can find lots.. http://en.wikipedia.org/wiki/Comparison_of_network_monitoring_systems e.g. cacti, ganglia, nagios, but lots of others …. Have setup and used Zenoss in the past, needed to upgrade hardware, found that new version of Zenoss required lots of extra packages not in SL6. Chose OpenNMS after recommendation from FOSSUK2013. Also used in Physics at QMUL. Requirements Open source. Network service checks (e.g. ssh, DNS, ntp, snmp, https:1311). SNMP polling and SNMP trap receiver (does not use agents on clients). syslog monitoring. Automated [directed] discovery. Performance measurements. SNMP On SL install net-snmp also snmpv3 for secure monitoring useful to install net-snmp-utils for (used by QMUL physics), gridpp testing with snmpwalk / snmpget. use v2 on private network. community name set to random string ro for reading not writing set IP address to limit access monitor disk space in usefull units set values for standard variables override default values setup dell openmanage to send snmp traps to our monitoring box make extra information available (fans, tempt,…) SNMP MIB Management information bases (MIBs) define the structure of the data of a system via object identifiers (OID). An OID identifies a variable that can be read or set via SNMP. MIBs exits for e.g. linux, switches (HP, Force10,…) also enterprise versions, e.g. DELL MIB provides fans speeds, server temperatures etc… OpenNMS already knows about a lot of these MIBS.
    [Show full text]