Administration

Total Page:16

File Type:pdf, Size:1020Kb

Administration KOMPAKT Mit DVD ADMINISTRATION Ein Sonderheft des Magazins für professionelle Informationstechnik, www.ix.de 3/2014 Auf der Heft-DVD Fertige VMs zum Open Source Ausprobieren: Debian mit Baculaˇ7, CentOS mit Icingaˇ2 und Icinga Webˇ2, UCS 3.2-2 (25 User) im Einsatz Software, Tools, Doku: FreeNAS 9.2.1.5, nützliche Administrations-Helferlein für Linux, MacˇOSˇX und Windows, Kerberos-Key- Systemkonfiguration: Management, Netz- Tools, RFCs u.ˇv.ˇa.ˇm. Backup mit Bacula 7 Do-it-yourself-NAS Sicherheit: Compliance-Management mit OpenSCAP SELinux und Grsecurity effektiv nutzen Netzwerk: Traffic-Analyse mit Wireshark WLAN mit RADIUS Monitoring: Nagios und Icinga 2 Logdatenanalyse Linux-AD-Integration: FreeIPA-Tutorial Kerberos – Tools und Tipps Cloud-Tutorial: Mit OpenStack zur eigenen Private Cloud EDITORIAL Cat-Content satt ach landläufiger Meinung soll beim sogenannten Cat- Ein aktuelles Beispiel hierfür ist OpenStack. Das ursprünglich N Content angeblich kein Sysadmin widerstehen können von der NASA und der amerikanischen Rackspace Inc. initiier- – egal ob Cat-5e oder lebende Miezekätzchen. Wäh- te Projekt hat sich mit mittlerweile rund 200 unterstützenden rend sich Letztere in diesem iX-Kompakt zu Administration Firmen zum Quasi-Standard für offene Cloud-Angebote ge- mit Open-Source-Tools als Aufmacherbilder tummeln, spie- mausert. Allein die Liste der Gold- und Platin-Mitglieder liest len Cat-x-Kabel als Transportmedium im Tagesgeschäft der sich wie das Who-is-Who der IT-Branche. Dabei setzen pro- IT eine tragende Rolle. Sie sind quasi die Nervenenden des duktseitig nicht nur die „üblichen Verdächtigen“ wie Red Hat, globalen Rückgrats Internet, über das Anwender und Anwen- SUSE oder Canonical auf OpenStack, auch HP und IBM haben dungen Daten austauschen. darauf basierende Cloud-Angebote im Portfolio. Apropos: Ein dreiteiliges Tutorial in diesem Heft zeigt Schritt für Schritt, Im Internet funktionierten von Anfang an große Teile der wie sich das aktuelle OpenStack „Icehouse“ im eigenen Um- In frastruktur mit Open-Source-Betriebssystemen und -Pro- feld einsetzen lässt. grammen – etwa Linux oder der Webserver Apache. In anderen Bereichen war freie Software zunächst überwiegend technik - Aber nicht nur bei den Infrastrukturkomponenten kann Open affinen und experimentierfreudigen Naturen vorbehalten. Source punkten, auch beim Administrieren und Steuern der zu- gehörigen Systeme existieren neben dem breiten Strauß kom- Doch inzwischen hat das dahinter stehende Entwicklungsmo- merzieller Pakete leistungsfähige freie Alternativen. Letztlich dell große Verbreitung und Akzeptanz gefunden. Selbst klas- kommen vor allem in komplexen Umgebungen die IT-Verant- sische IT-Unternehmen wie HP, IBM und Co. setzen für ihre wortlichen nicht ohne effiziente Werkzeuge für die Systemver- Angebote teilweise – Tendenz steigend – auf freie Kompo- waltung aus. Hier kann die Community ein vielfältiges Ange- nenten. Die wiederum müssen in vielen Bereichen den Leis- bot vorweisen. Gerade im Bereich Monitoring setzt man tungsvergleich mit ihren kommerziellen Gegenstücken nicht derzeit quasi die Standards dessen, was machbar ist. scheuen, laufen ihnen zum Teil sogar den Rang ab. Jedoch fordert die Komplexität der Anwendungen ihren Tribut: Die gängige Vorstellung, Open-Source-Software koste ja nichts, stimmt nur bedingt. Zwar fallen keine Lizenzkosten an, aber für einen wirkungsvollen Einsatz muss man entweder in das Know-how seiner Mitarbeiter investieren oder externes Wissen von Dienstleistern einkaufen. Der Gewinn, der in je- dem Fall bleibt, ist die Offenheit der eingesetzten Tools. ANDRÉ VON RAISON iX Kompakt 2014 – Open-Source-Administration 3 INHALT | IX KOMPAKT Eine Frage der richtigen Überwachung Wem seine IT am Herzen liegt, der kümmert sich nicht erst bei Fehlern um das Wohlbefinden der Systeme. Die Open-Source-Pakete Nagios und das daraus entstandene Icinga sind heute die verbreitetsten Anwendungen für das Monitoring. Wie man mit diesen und weiteren Tools seine Um - gebung automatisch erfasst sowie sie sicher im Auge behält ab Seite 81 Sicherheit Wiederverwendung Ältere Hardware mit FreeNAS weiternutzen 72 Betriebssystem-Security Softwareverteilung Grsecurity für das Härten von Linux-Systemen 8 Linux-Clients per m23 zentral verwalten 76 Compliance-Management Systemüberprüfungen mit OpenSCAP 16 Monitoring SELinux-Tutorial Mandatory Access Control auf Linux-Systemen 24, 28 Security Best Practises für sichere Monitoring-Systeme 82 Identitätsmanagement Inventarisierung Octopussy für die automatische Bestandserfassung 90 FreeIPA-Tutorial Werkzeuge Linux- und Windows-Welt mit dem freien Identity-Management-Framework verbinden 34, 40, 46 Systemüberwachung mit Icinga 2 96 Single Sign-on Linux-Tools Mehrfaktor-Authentifizierung durch Kerberos 52 Systemaktivität überwachen 105 Active-Directory-Tools Log-Management Kerberos-Keytab-Management mit msktutil 58 Ein integriertes Monitoring-System mit Logstash 106 Systemüberwachung Systemkonfiguration Mit Octopussy Logdateien zentral verwalten 112 AD-Integration Netzwerk Mit Linux via SSSD ins Active Directory 62 Backup DDoS-Abwehr Daten sichern mit Bacula 7 67 Offene DNS-Server als Waffe im DDoS-Angriff 118 4 iX Kompakt 2014 – Open-Source-Administration Wer ist wer Früher oder später stellt sich in gemischten Umgebungen die Frage, wie man die Benutzerverwaltung von unixoiden und Windows-Systemen unter einen Hut bekommt. Für das Themenfeld Identity- Management bietet die Open-Source-Community leistungsfähige Alternativen. ab Seite 33 Cloud und mehr Im Open-Source-Cloud-Umfeld hat sich das Projekt OpenStack mittlerweile zum De-facto-Standard ent - wickelt – die Zahl von über 200 unterstützenden Unter- nehmen spricht für sich. Ein Tutorial beschreibt Schritt für Schritt den Weg zur eigenen „Private Cloud“. Auf der Heft-DVD ab Seite 135 Software zum Heft: Bacula 7.0.3, FreeNAS 9.2.1.5, Kerberos-Tools (kstart 4.1, msktutil 0.5.1, realmd 0.14.5, SSSD 1.11.5.1), Logstash (Elasticsearch 1.1.1, Kibana 3.0.1, Redis 2.8.9), Octopussy 1.0.14, OpenSSL 1.0.1g (Windows), Administrations-Tools WinSCP 5.3.3, Wireshark 1.10.7, Netzproblemen per Wireshark Zenmap 6.46 auf die Spur kommen 120 Weitere Tools: 7-Zip, dd_rescue 1.40, Sicheres Linux dd_rhelp 0.1.2, EtherAPE 0.9.13, Iperf 2.0.5/3.0, Mandatory Access Control für IP-Pakete 124 liboping 1.6.2, Ncat 6.46, Ndisc6 0.7.1, Netperf 2.6.0, Nmap 6.46, Nping 0.6.46, OpenVPN 2.3.3, OpenVPN GUI 1.0.3, Zugriffskontrolle p7zip 9.20.1, Putty, tinc 1.0.24, Tunnelblick 3.1.7 Port-based 802.1x-Authentifizierung mit RADIUS 128 Dokumentation: M23-Handbuch, OpenLDAP Admin Guide, Wireshark User Guide, über 350 RFCs Virtualisierung und Cloud Fertige VMs zum Ausprobieren: •ˇDebian-Wheezy mit Baculaˇ7 OpenStack-Tutorial •ˇCentOS 6.5 mit Icingaˇ2 und Icinga Webˇ2 Grundstein für die eigene „Private Cloud“ 136, 142, 148 •ˇUnivention Corporate Server 3.2-2 (25 User) Linux-Container Hinweis für Käufer der digitalen Ausgaben Mit Docker Anwendungen virtualisieren 155 • PDF- und iPad-Version: In der iX-App finden Sie einen Button zum Open-Source-Tools Download des DVD-Images. MCollective und Rundeck für das zentrale • PDF-E-Book: Folgen Sie im Browser der unter „Alle Links“ angegebenen Administrieren virtueller Maschinen 159 URL zum DVD-Image. Alle Links: www.ix.de/ix1416004 Sonstiges Artikel mit Verweisen ins Web Editorial 3 Alle Links: www.ix.de/ix1416SSS enthalten am Ende einen Hinweis iX Impressum 6 darauf, dass diese Webadressen auf dem Server der abrufbar sind. Dazu gibt man den iX-Link in der URL-Zeile des Browsers ein. Dann Inserentenverzeichnis 6 kann man auch die längsten Links bequem mit einem Klick ansteuern. Alternativ steht oben rechts auf der iX-Homepage ein Eingabefeld Informationen zur UCS-Demo-Appliance 6 zur Verfügung. iX Kompakt 2014 – Open-Source-Administration 5 SERVICE | IMPRESSUM/INSERENTEN MAGAZIN FÜR PROFESSIONELLE INFORMATIONSTECHNIK Demo-Appliance mit iX Kompakt 3/2014 – Administration Univention Corporate Server Postfach 61 04 07, 30604 Hannover; Karl-Wiechert-Allee 10, 30625 Hannover Die Heft-DVD enthält eine vorinstallierte und -konfigurierte virtuelle Redaktion: Telefon: 05 11/53 52-387, Fax: 05 11/53 52-361, E-Mail: [email protected] Appliance mit dem Univention Corporate Server (UCS) in der Version 3.2-2. Sie umfasst eine bis 30.6.2015 gültige Lizenz für bis zu 25 Be- Chefredakteur: Jürgen Seeger (js) -386 nutzer für Testzwecke und den Einsatz im privaten, nicht kommer- Konzeption und redaktionelle Leitung: André von Raison (avr) -377, E-Mail: [email protected] ziellen Bereich. Mit der Appliance lassen sich komplexe Serverstruk- turen mit Master-, Slave- und Backup-Servern aufsetzen, Nutzer und Ständige Mitarbeiterin: Barbara Lange Gruppenberechtigungen anlegen sowie zusätzliche Enterprise-Apps Autoren dieser Ausgabe: Christoph Arnold, Christian Berendt, Peter Fetzer, installieren und verwalten. Oliver B. Fischer, Alexandros Gougousoudis, Safuat Hamdy, Peer Heinlein, Patrick Preuß, Mark Pröhl, André von Raison, Michael Riepe, Thorsten Scherf, Andreas Schmidt, Norbert Tretkowski, Tilman Wittenhorst, Erkan Yanar Die virtuelle Appliance ist auf „Bridge Mode“ eingestellt, sodass das Abbildungen © Can Stock Photo Inc.: Siberia (Titel, DVD, DVD-Hülle), fikmik (S.ˇ4, 33), UCS-System über das lokale Netzwerk erreichbar ist. Nach dem Ent- Kirill (S.ˇ4, 81), myrainjom01 (S.ˇ4), taden (S.ˇ4, 135), vladstar (S.ˇ7), cfoto (S.ˇ8), cynoclub packen des VMware-Images, Laden der vmx-Datei in den VMware (S.ˇ16, 72), ESIGHT (S.ˇ24), jgroup (S.ˇ28), andreykuzmin (S.ˇ34, 40, 46) 2002Lubava1981 (S.ˇ52), Player
Recommended publications
  • Linux and Open Source for (Almost) Zero Cost PCI Compliance
    Linux and Open Source for (Almost) Zero Cost PCI Compliance Rafeeq Rehman 2 Some Introductory Notes ¡ Payment Card Industry (PCI) standard is not a government regulaon. ¡ Who needs to comply with PCI? ¡ Twelve major requirements covering policy, processes, and technology to protect Credit Card Data. ¡ What is Credit Card Data? ¡ Few Clarificaons ¡ Payment Card Industry (PCI) requires some tasks to be performed by external vendors depending upon merchant level. There is no other way around, unfortunately. ¡ Open Source soluCons do need people. That is why it is almost free but not totally free. 9/10/11 3 What the Auditors Look For? ¡ Is PCI just a checklist? ¡ Are auditors genuinely interested in securing the PCI data? ¡ Does it maer if you use an open source or commercial product to meet PCI requirements? ¡ What if you meet PCI requirements while improving security and spending less money? 9/10/11 4 Is it viable to use Open Source for PCI Compliance? ¡ Is there a real company who uses Open Source soQware to achieve PCI compliance? Is it even possible? ¡ PCI 2.0 focuses more on Risk based approach. ¡ PCI (or any compliance) is boring! Make it interesCng by using Open Source. 9/10/11 5 PCI Biggest Expenses 1. Log Management (Storage and archiving, Monitoring and Alerng) 2. Vulnerability Scanning 3. Network Firewalls and Network Segmentaon 4. Intrusion DetecCon System 5. EncrypCon for data-at-rest 6. File Integrity Monitoring 7. IdenCty Management (Password controls, Two factor for remote access, Role based access) 9/10/11 6 AddiConal PCI
    [Show full text]
  • The Migration Process of Mobile Agents Implementation, Classification, and Optimization
    The Migration Process of Mobile Agents Implementation, Classification, and Optimization Dissertation zur Erlangung des akademischen Grades Doktor-Ingenieur (Dr.-Ing.), vorgelegt dem Rat der Fakult¨atf¨ur Mathematik und Informatik der Friedrich-Schiller-Universit¨atJena von Diplom-Informatiker Peter Braun, geboren am 22. Juni 1970 in Neuss. Gutachter 1. Prof. Dr. Wilhelm R. Rossak, Friedrich-Schiller-Universit¨atJena 2. Dr. Bill Buchanan, Napier University, Edinburgh, Scotland Tag der letzten Pr¨ufung des Rigorosums: 30. April 2003 Tag der ¨offentlichen Verteidigung: 13. Mai 2003 Abstract Mobile agents provide a new and fascinating design paradigm for the architecture and programming of distributed systems. A mobile agent is a software entity that is launched by its owner with a user-given task at a specific network node. It can decide to migrate to other nodes in the network during runtime. For a migration the agent carries its current data, its program code, and its execution state with it. Therefore, it is possible to continue agent execution at the destination platform exactly where it was interrupted before. The reason for a migration is mainly to use resources that are only available at remote servers in the network. This thesis focuses on the migration process of mobile agents, which is to our knowl- edge not considered in literature so far, although the performance of a mobile agent based application strongly depends on the performance of the migration process. We propose a general framework an an innovative set of notions to describe and specify the migration process. By introducing the concept of a migration model, we offer a classification scheme to describe migration issues in existing mobile agent systems.
    [Show full text]
  • Bluetooth Networking for Smartcards
    Departement Elektrotechnik Professur für Technische Informatik Professor Dr. Albert Kündig Alain Pellmont Andreas Petralia Bluetooth Networking for Smartcards Diploma Thesis WS-2001.05 Winter 2000=2001 Supervisors: Prof. Dr. Albert Kundig¨ Dr. George Fankhauser Bernard Stauffer Public Release Institut für Technische Informatik und Kommunikationsnetze Computer Engineering and Networks Laboratory ii Supervisors: Prof. Dr. Albert Kundig,¨ [email protected] Dr. George Fankhauser, [email protected] Bernard Stauffer, stauff[email protected] Students: Alain Pellmont, [email protected] Andreas Petralia, [email protected] Acknowledgments Our special appreciation goes to our supervisors Prof. Dr. Albert Kundig,¨ Bernard Stauffer and Dr. George Fankhauser for entrusting us with this project. Prof. Dr. Albert Kundig¨ and Bernard Stauffer work for the Com- puter Engineering and Networks Laboratory [49] at the Swiss Federal Insti- tute of Technology Zurich [48]. Dr. George Fankhauser works for acter ag [3] where the authors were enabled to work in a stimulating atmosphere and wonderful environment. Furthermore, we thank acter ag [3] and their staff for their support, AXIS [11] for the Bluetooth stack and Lesley Brack, Emmanuelle Graf, Kathy Grolimund and Ian Maloney for their proof-reading and comments. Remaining mistakes are ours. Zurich, 17th March 2001 Alain Pellmont Andreas Petralia iii iv Aufgabenstellung Bluetooth Networking for Smartcards Alain Pellmont und Andreas Petralia Diplomarbeit TIK-DA-2001.05 Winter 2000/2001 Betreuer: Bernard Stauffer Betreuer (extern): George Fankhauser Verantwortlich: Prof. Dr. Albert Kundig¨ Einfuhrung¨ Die Firma acter ag entwickelt eine neuartige Smartcard, die im Gegensatz zur traditionellen Kontaktschnittstelle via Bluetooth drahtlos kommuniziert. Bei dieser neuen Form der Kommunikation ergeben sich v¨ollig neue Proble- me: die Ubertragung¨ ist weder zuverl¨assig noch sicher.
    [Show full text]
  • Centralized and Structured Log File Analysis with Open Source and Free Software Tools
    Bachelor Thesis Summer Semester 2013 at Fachhochschule Frankfurt am Main University of Applied Sciences Department of Computer Science and Engineering towards Bachelor of Science Computer Science submitted by Jens Kühnel Centralized and structured log file analysis with Open Source and Free Software tools 1. Supervisor: Prof. Dr. Jörg Schäfer 2. Supervisor: Prof. Dr. Matthias Schubert topic received: 11. 07. 2013 thesis delivered: 30. 08. 2013 Abstract This thesis gives an overview on the Open Source and Free Software tools available for a centralized and structured log file analysis. This includes the tools to convert unstructured logs into structured log and different possibilities to transport this log to a central analyzing and storage station. The different storage and analyzing tools will be introduced, as well as the different web front ends to be used by the system administrator. At the end different tool chains will be introduced, that are well tested in this field. Revisions Rev. 269: Official Bachelor these sent to FH Rev. 273: Removal of Affidavit, fix of Pagenumber left/right II Table of Contents 1 Introduction.......................................................................................................................................1 1.1 Selection criteria........................................................................................................................1 1.2 Programs that are included in this thesis...................................................................................2 1.3 What
    [Show full text]
  • Gil André +33 (0)6 60 07 25 36
    ARCHITECT AND SYSTEM ADMINISTRATOR LINUX, UNIX, OPEN-SOURCE [email protected] GIL ANDRÉ +33 (0)6 60 07 25 36 PROFILE Architect and system administrator Linux, UNIX (Solaris, AIX, HP-UX), BSD and Mac OS X. More than 10 years of experience in demanding production environments. Excellent knowledge of the most common network protocols (SSH, SFTP, FTP, HTTP, etc), as well as CISCO hardware and virtualization technologies (VMWARE, VirtualBox, LXC). Programming in shell, Perl, Python. I am looking for a new position. Dynamic, bilingual in English, passionate about new technologies, I am able to bring perspective and energy to a new position. Result and service oriented, I am willing to relocate, looking for new challenges and new experiences. EXPERIENCE SENIOR LINUX ARCHITECT SAP Concur January 2019 – Today – Tasked with migrating internal services and applications to SAP products. – Task automation and infrastructure creation on Azure and AWS in an IaaS and PaaS mode. – DevOps team, applying Agile methodologies, with a Scrum Mas- ter certification obtained early 2019. – Creation of the main ELK platform in order to manage logs for several applications. – Management of the connections between internal applications and applications hosted on Azure. – Management of the application connections through internal certificate authorities. – Migration management from internal infrastructure to hyper scale suppliers such as AWS and Azure. – Technology environment: AWS, Azure, Ansible, Terraform, Docker, Linux, Python and Groovy. GIL ANDRE 166 RUE MONTMARTRE 75002 PARIS WWW.GILANDRE.NET ARCHITECT AND SYSTEM ADMINISTRATOR LINUX, UNIX, OPEN-SOURCE GIL ANDRÉ SENIOR LINUX SYSTEM ENGINEER SAP Concur Jan. 2016 – December 2018 – Responsible for part of the Production environment (EMEA/ US).
    [Show full text]
  • You've Seen the Movie, Now Play The
    “YOU’VE SEEN THE MOVIE, NOW PLAY THE VIDEO GAME”: RECODING THE CINEMATIC IN DIGITAL MEDIA AND VIRTUAL CULTURE Stefan Hall A Dissertation Submitted to the Graduate College of Bowling Green State University in partial fulfillment of the requirements for the degree of DOCTOR OF PHILOSOPHY May 2011 Committee: Ronald Shields, Advisor Margaret M. Yacobucci Graduate Faculty Representative Donald Callen Lisa Alexander © 2011 Stefan Hall All Rights Reserved iii ABSTRACT Ronald Shields, Advisor Although seen as an emergent area of study, the history of video games shows that the medium has had a longevity that speaks to its status as a major cultural force, not only within American society but also globally. Much of video game production has been influenced by cinema, and perhaps nowhere is this seen more directly than in the topic of games based on movies. Functioning as franchise expansion, spaces for play, and story development, film-to-game translations have been a significant component of video game titles since the early days of the medium. As the technological possibilities of hardware development continued in both the film and video game industries, issues of media convergence and divergence between film and video games have grown in importance. This dissertation looks at the ways that this connection was established and has changed by looking at the relationship between film and video games in terms of economics, aesthetics, and narrative. Beginning in the 1970s, or roughly at the time of the second generation of home gaming consoles, and continuing to the release of the most recent consoles in 2005, it traces major areas of intersection between films and video games by identifying key titles and companies to consider both how and why the prevalence of video games has happened and continues to grow in power.
    [Show full text]
  • Naive Bayesian Spam Filters for Log File Analysis
    Brigham Young University BYU ScholarsArchive Theses and Dissertations 2011-07-13 Naive Bayesian Spam Filters for Log File Analysis Russel William Havens Brigham Young University - Provo Follow this and additional works at: https://scholarsarchive.byu.edu/etd Part of the Computer Sciences Commons BYU ScholarsArchive Citation Havens, Russel William, "Naive Bayesian Spam Filters for Log File Analysis" (2011). Theses and Dissertations. 2814. https://scholarsarchive.byu.edu/etd/2814 This Thesis is brought to you for free and open access by BYU ScholarsArchive. It has been accepted for inclusion in Theses and Dissertations by an authorized administrator of BYU ScholarsArchive. For more information, please contact [email protected], [email protected]. Naïve Bayesian Spam Filters for Log File Analysis Russel W. Havens A thesis submitted to the faculty of Brigham Young University in partial fulfillment of the requirements for the degree of Master of Science Barry Lunt, Chair Joseph J. Ekstrom Chia-Chi Teng School of Technology Brigham Young University August 2011 Copyright © 2011 Russel W. Havens All Rights Reserved ABSTRACT Naïve Bayesian Spam Filters for Log File Analysis Russel W. Havens School of Technology, BYU Master of Science As computer system usage grows in our world, system administrators need better visibility into the workings of computer systems, especially when those systems have problems or go down. Most system components, from hardware, through OS, to application server and application, write log files of some sort, be it system-standardized logs such syslog or application specific logs. These logs very often contain valuable clues to the nature of system problems and outages, but their verbosity can make them difficult to utilize.
    [Show full text]
  • Free Web Access Log Analyzer
    Free web access log analyzer click here to download Deep Log Analyzer is the best free Web analytics software I've found. It is a local log analysis tool that works on your site logs without requiring. WebLog Expert is a powerful log analyzer with a free day trial version available. Supports IIS, Apache and Nginx logs. Yes. Yes Built-in web server. Yes. WebLog Expert is a powerful access log analyzer. It can give you WebLog Expert can analyze logs of Apache, IIS and Nginx web servers. It can even read GZ. AWStats is a free powerful and featureful tool that generates advanced web, it can work with all web hosting providers which allow Perl, CGI and log access.​What is AWStats] · ​Features] · ​Downloads]. GoAccess is an open source real-time web log analyzer and interactive use your browser (great if you want to do a quick analysis of your access log via SSH. I am looking into using a free IIS log analyzer to get web metrics for our Although the name says apache it can even open IIS logs or W3C. Home of the Webalizer, a fast, free web server log analysis program. Handles standard Common logfile format (CLF) server logs, several. Apache Log Viewer (ALV) is a free tool which lets you monitor, view and analyze Apache or IIS logs with more ease. Open web server logs. With apache logs. Deep Log Analyzer is professional website statistics and web analytics software for analyzing IIS, Apache, Nginx and other web server logs. Reports on visitors, website and convert more visitors to satisfied customers.
    [Show full text]
  • Monitoring the Backend and Logging Improvements for Operations and Support
    Monitoring the Backend and Logging Improvements for operations and support 27 th EGOWS Helsinki 20 th – 22 nd Sep 2016, Marcus Werner, DWD Overview Stakeholders and a enhancement request from operations & support Goals, Ideas & Challenges Extract, transform, reduce, store and present support information Good (free) available technology stack Non-existing standards EGOWS 2016 - DWD 2 The meteorological workstation system - NinJo Developed by an international Consortium Primary tool for our operational forecasters …and they need a stable and well supported system (7 x 24h) EGOWS 2016 - DWD 3 … typically forecasters ask for meteorological improvements EGOWS 2016 - DWD 4 Technical Infrastructure staff (TI) operates NinJo … …now we have implemented some of their feature requests… … this is finally in the interest of the forecasters. EGOWS 2016 - DWD 5 Our stakeholders End Users: Forecasters (work with meteorological data) Support and operations (work with monitoring systems, log files, admin tools) Adopting from IT operations (7x24h) 1st level support (on call) 2nd level support (office hours) 3rd level support (office hours), might be external EGOWS 2016 - DWD 6 Challenges Different support levels need specific “tailored” support information DWD operates ~200 NinJo Servers ( Routine , Dev/Eval , QA +Special Systems ) Highly distributed environment over multiple DWD locations Up to ~75 server processes per NinJo Site Resource limitations for support and operations (split into multiple teams) EGOWS 2016 - DWD 7 Application Developers
    [Show full text]
  • Meet PCI DSS Requirements with FOSS
    2014 Meet PCI DSS Requirements with FOSS This document helps you to Identify the Free and Open Source Software which can be used to meet one or more PCI-DSS Requirements Rajagopalan S Blog: Http://securityncompliance.wordpress.com 12/07/2014 Meet PCI DSS Requirements with FOSS About this document: This document is created in order to utilize the Free & Open Source Software which helps us to meet one or more PCI-DSS Requirements. Document was created on my sole interest aimed at helping the PCI-DSS Professionals and entities who are required to be PCI-DSS Compliant. The FOSS is mapped to each PCI-DSS requirement. I have tried my best to search and gather all open source applications which could be used to meet / assess the PCI-DSS Compliance. If you find any useful free and open source software let me know we could add to this list. This document doesn’t recommend any entity to forcefully use only the FOSS to meet its PCI-DSS compliance and also it doesn’t replace the interest of any organization buying Commercial Products. Also Read Disclaimer Section of this document. Targeted Audience: PCI-QSA’s PCI Internal Assessors Organization that are required to comply with PCI-DSS Standard Compliance Professionals Abbreviations & Acronyms: PCI DSS – Payment Card Industry Data Security Standards FOSS – Free and Open Source Software Copyright: This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-nd/4.0/ or send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA.
    [Show full text]
  • Administration Documentation
    Administration Documentation Nuxeo Platform 5.8 LTS Version Table of Contents 1. Installation and Administration . 4 1.1 Hardware and Software Requirements . 4 1.1.1 Installing and Setting up Related Software . 7 1.1.1.1 Installing Live Edit Silently . 10 1.1.2 Supported Application Servers . 11 1.1.3 Supported Databases . 11 1.2 Installation . 12 1.2.1 Installing the Nuxeo Platform on Mac OS . 12 1.2.2 Installing the Nuxeo Platform on Windows . 14 1.2.2.1 Installing the Nuxeo Platform as a Windows Service . 17 1.2.2.2 Running Multiple Server Instances in Windows . 22 1.2.3 Installing the Nuxeo Platform on Linux . 23 1.2.3.1 Configuring the Nuxeo Platform as a Daemon on Debian . 26 1.2.4 Deploying Nuxeo on Amazon AWS . 28 1.2.5 Deploying Nuxeo on CloudFoundry . 30 1.2.6 How to Estimate Disk and Database Usage . 35 1.3 Setup . 35 1.3.1 Recommended Configurations . 42 1.3.2 Configuration Examples . 45 1.3.3 Configuration Templates . 45 1.3.4 Configuration Parameters Index (nuxeo.conf) . 46 1.3.5 Database . 56 1.3.5.1 Configuring PostgreSQL . 56 1.3.5.2 Configuring Oracle . 63 1.3.5.3 Configuring MS SQL Server . 67 1.3.5.4 Configuring MySQL . 71 1.3.5.5 Connecting Nuxeo to the Database . 71 1.3.6 Authentication, users and groups . 74 1.3.6.1 Using a LDAP Directory . 77 1.3.6.2 Using OAuth . 83 1.3.6.3 Using Shibboleth .
    [Show full text]
  • Administració Avançada Del Sistema Operatiu
    Clúster, Cloud i DevOps Remo Suppi Boldrito PID_00212468 GNUFDL • PID_00212468 Clúster, Cloud i DevOps Índex Introducción .......................................................... 5 Objectius ............................................................... 8 1. Clusterització ..................................................... 9 1.1. Virtualització ................................................. 9 1.1.1. Plataformes de virtualització ......................... 10 1.2. Beowulf ....................................................... 12 1.2.1. Com es configuren els nodes? ........................ 13 1.3. Beneficis del còmput distribuït ................................ 15 1.3.1. Com cal programar per a aprofitar la concurrència? .. 17 1.4. Memòria compartida. Models de fils (threading)............... 18 1.4.1. Multifils (multithreading) .............................. 19 1.5. OpenMP ...................................................... 22 1.6. MPI, Message Passing Interface ................................. 26 1.6.1. Configuració d’un conjunt de màquines per a fer un clúster adaptat a OpenMPI..................... 27 1.7. Rocks Cluster ................................................. 30 1.7.1. Guia ràpida d’instal·lació ............................. 31 1.8. FAI ............................................................ 32 1.8.1. Guia ràpida d’instal·lació ............................. 33 1.9. Logs ........................................................... 35 1.9.1. Octopussy ............................................ 37 1.9.2. Eines de monitoratge
    [Show full text]