// No claim of copyright is made with regard to to this code. YOU MUST UNDERSTAND, // AND APPROPRIATELY ADJUST, THIS MODULE BEFORE USING IN A PRODUCTION ENVIRONMENT. // // SimpleMonitor.cfg is the InfoHub Configuration File for the uptime and Log File Monitoring (ULFM) // Reference Implementation. // // The ULFM Reference Implementation monitors: // // * uptime: It captures up days and load averages after every 15 seconds from // /usr/bin/uptime output and files them in the InfoHub database. // It generates two notifications.when up days is less than 30 days and when // the 15 minutes load average is less than 1. Note that the notification for up // days is generated only once per day because up days gets updated only once per day. // The notification criteria were chosen specifically so that they generate alerts. // // * System log (/var/log/messages): It automatically generates a notification when it // detect a GT.M error in the system log. // // * Authentication log (/var/log/auth.log): It automatically generates a notification // when it detects a login failure in the authentication log. // // No claim of copyright is made with respect to this code. Please ensure that you have a correctly // configured Infohub, correctly configured environment variables, with // appropriate directories and files. // // SimpleMonitor.cfg is a part of ULFM_RI.zip which can be download from the InfoHub Manual available in // the User Documentation website. // // The structure of the ULFM_RI.zip is as follows: // // ULFM_RI.zip // |-- LogFileGleaner.m #FileLine Gleaner program for system log and authentication log). // |-- UptimeGleaner.m #PipeLine Gleaner program for monitoring the outpuf of uptime. // |-- configs // `-- SimpleMonitor.cfg #InfoHub Configuration File for ULFM Reference Implementation. // // ULFM files are also available as part of your InfoHub distribution. // // The ULFM Reference Implementation requires a correctly configured InfoHub. For InfoHub installation // instructions and prerequisites, refer to "Installing InfoHub" section in the InfoHub User Manual. // To install the ULFM Reference Implementation, execute the following commands: // // $gtm_dist/mumps -run InfoHub --action=configure --file configs/SimpleMonitor.cfg // $gtm_dist/mumps -run InfoHub --action=start // $gtm_dist/mumps -run InfoHub --action=status --full // // The expected result of the last command is as follows: // // InfoHub ID |InfoHub Name |State // 11 |SimpleMonitor |Running // Process listing // 30878 InfoHub /usr/lib/fis-gtm/V6.0-003_x86_64/mumps -direct InfoHub ^InfoHubMain 11 // 30880 Publishers /usr/lib/fis-gtm/V6.0-003_x86_64/mumps -direct InfoHub ^Publisher 11 112 1 /home/jdoe/InfoHub/mumps.gld // 30944 FileLine /usr/lib/fis-gtm/V6.0-003_x86_64/mumps -direct InfoHub ^FileLine 11 112 1 1137 /home/jdoe/InfoHub/mumps.gld // 30948 PipeLine /usr/lib/fis-gtm/V6.0-003_x86_64/mumps -direct InfoHub ^PipeLine 11 112 1 1141 /home/jdoe/InfoHub/mumps.gld /// // InfoHub Definition /////////////////////////// // InfoHub Descriptor Syntax:// // InfoHub:[InfoHubName]:[InfoHubID] InfoHub:SimpleMonitor:11 Env:InfoHubName=SimpleMonitor // Info Dict Heirarchy ////////////////////////// // InfoDict Domain and InfoDict Item Syntax:// // InfoDict:[InfoDictName]:[InfoDictID][:{ParentInfoDictID | ParentInfoDictName}] InfoDict:SystemDict InfoDictItem:SystemDict:System:112 // NOTE: the xLine IDs must be ODD unless its the stderr of a PipeLine // Generic //////////////////////// xLines InfoDict:GenericDict::SystemDict InfoDictItem:GenericDict:OpLog:1137 InfoDictItem:GenericDict:AuthLog:1139 // Generic Items // data items returned by the gleaner InfoDict:GenericAny::GenericDict InfoDictItem:GenericAny:msg:9999::String:all lines // Uptime ///////////////////////// xLines InfoDict:UpTimeDict::SystemDict InfoDictItem:UpTimeDict:Uptime:1141 // Uptime Items // data items returned by the gleaner // InfoDict Item Syntax:// // InfoDictItem:{InfoDictID | InfoDictName}:[ItemName]:[InfoDictItemID]:[Label]:[Type][;ItemDescription] InfoDict:UpTime::UpTimeDict InfoDictItem:UpTime:Days:3030400::Integer:Days since last reboot InfoDictItem:UpTime:Load01:3030401::Float:One minute load average InfoDictItem:UpTime:Load05:3030405::Float:Five minute load average InfoDictItem:UpTime:Load15:3030415::Float:Fifteen minute load average // Reporters ////////////////////// InfoDict:Reporters // Subscriptions ////////////////// InfoDict:SysSubscriptions::SystemDict // Publisher Definition ///////////////////////// // System monitor // Publisher Descriptor Syntax: // // Publisher:{InfoDictID|InfoDictName}:PublisherName:PublisherID:[APIDir]:TempPWD:[TempDBAlloc]:[TempDBExtend] Publisher:SystemDict:System:::publishers/ihsyslog:1000:1000 // Check the permissions of the below paths before using with the InfoHub // FileLine Desctiptor Syntax: // // FileLine:{InfoDictID | InfoDictName}:FileLineName:FileLineID:{PublisherID | PublisherName}:Filename:[CheckCycle]:[Timeout]:[PieceSeparator]:[PreExpr]:[InfoExpr]:[PostExpr] FileLine:GenericDict:OpLog::System:/var/log/messages:2:1:$char(30):PreExpr^LogFileGleaner:InfoExpr^LogFileGleaner:PostExpr^LogFileGleaner FileLine:GenericDict:AuthLog::System:/var/log/auth.log:2:1:$char(30):PreExpr^LogFileGleaner:InfoExpr^LogFileGleaner:PostExpr^LogFileGleaner // Check the uptime every 15 minutes. // PipeLine Descriptior Syntax: // PipeLine:{InfoDictID | InfoDictName}:[PipeLineName]:[PipeLineID]:{PublisherID | PublisherName}:PipeCmd:[PipeCycle]:[Timeout]:[PieceSeparator]:[PreExpr]:[InfoExpr]:[PostExpr]:// PipeLine:UpTimeDict:Uptime::System:/usr/bin/uptime:15:2:$char(30):PreExpr^UptimeGleaner:InfoExpr^UptimeGleaner:PostExpr^UptimeGleaner // Subscribers ////////////////////////////////// // Subscriber Descriptor Syntax: // Subscriber:{InfoDictID | InfoDictName}:[SubscriberName]:[SubscriberID] Subscriber:Reporters:SNMP:404 Subscriber:Reporters:NAGIOS:503 // Subscriptions //////////////////////////////// // Subscription Descriptor Syntax: // Subscription:{InfoDictID | InfoDictName}:[SubscriptionName]: [SubscriptionID]:{InfoDictID | InfoDictName}:{InfoDictItemID | InfoDictItemName}:Condition:[Value]:[Period]:[entryref]:[SubscriberID[,...]]:[PublisherID[,...]]// // A condition check subscription Subscription:SysSubscriptions:PatchMe:1000:UpTime:Days:>:30:::404: Subscription:SysSubscriptions:AuthFail:2000:GenericAny:msg:[:"Fail":::503: Subscription:SysSubscriptions:GTMError:3000:GenericAny:msg:[:"%GTM-E":::: // A rate check subscription Subscription:SysSubscriptions:DontBeLazy:4000:UpTime:Load15:<:1:60::404: // A Noinfo check subscription