Context Navigation

index.html @ 1d9338a

0.4.00.4.10.4.2stable

Last change on this file since 1d9338a was 1d9338a, checked in by Michael Medin <michael@…>, 8 years ago

2005-05-23 MickeM

+ Added obfuscated password support
+ Added some more debug info on commands (returncode, and input args)
+ Added some more comments ot the NSC.ini
+ Added central password "override"
+ Added central "host override"
+ Fixed bug with external commands always getting WARNING state

2005-05-22 MickeM

+ Added debug outout for command
+ Added timestamps for log-to-file (date_mask to configure format)
+ Added support for "no password" with check_nt
+ Added log of bad password on NSClient requests.

Some threading issues fixed (I hate threading :)

Property mode set to 100644

File size: 9.9 KB

Line
1	<html>
2
3	<head>
4	<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
5	<meta http-equiv="Content-Language" content="en-us">
6	<title>Configuration</title>
7	<link rel="stylesheet" type="text/css" href="../nscplus.css">
8	</head>
9
10	<body>
11
12	<div id="content" class="documentContent">
13	<h1>Configuration</h1>
14	<p>Configuration is fairly simple and straight forward. Open the configuration
15	file in notepad (or you favorite editor) notepad <installation path>\NSC.ini
16	and edit it accordingly. A longer description of the Configuration file is included
17	in the following page.</p>
18	<p> </p>
19	<p>The file has sections (denoted with section name in brackets) and key/value
20	pairs (denoted by key=value). Thus it has the same syntax as pretty much any
21	other INI file in windows.</p>
22	<p> </p>
23	<p>The sections are described in short below. The default configuration file
24	has a lot of examples and comments so make sure you change this before you use
25	NSClient++ as some of the examples might be potential security issues.</p>
26	<h2>[Settings]</h2>
27	<p>This section has options for how logging is performed. First off notice that
28	for logging to make sense you need to enable the FileLogger.dll module that
29	logs all log data to a text file in the same directory as the NSClient++ binary
30	if you dont enable any logging module nothing will be logged.</p>
31	<p>The options you have available here are</p>
32	<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" id="table21">
33	<tr>
34	<td valign="top">Option</td>
35	<td valign="top">Default value</td>
36	<td valign="top">Description</td>
37	</tr>
38	<tr>
39	<td valign="top">obfuscated_password</td>
40	<td valign="top">...</td>
41	<td valign="top">An obfuscated version of password. For more details
42	refer to the password option below.</td>
43	</tr>
44	<tr>
45	<td valign="top">password</td>
46	<td valign="top">...</td>
47	<td valign="top">The password used by various (presently only
48	NSClient) daemons. If no password is set everyone will be able to
49	use this service remotely.</td>
50	</tr>
51	<tr>
52	<td valign="top">allowed_hosts</td>
53	<td valign="top">127.0.0.1</td>
54	<td valign="top">A list (comma separated) with hosts that are
55	allowed to connect and query data. If this is empty all hosts will
56	be allowed to query data.</td>
57	</tr>
58	</table>
59	<h2>[Log]</h2>
60	<p>This section has options for how logging is performed. First off notice that
61	for logging to make sense you need to enable the FileLogger.dll module that
62	logs all log data to a text file in the same directory as the NSClient++ binary
63	if you dont enable any logging module nothing will be logged.</p>
64	<p>The options you have available here are</p>
65	<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" id="table16">
66	<tr>
67	<td valign="top">Option</td>
68	<td valign="top">Default value</td>
69	<td valign="top">Description</td>
70	</tr>
71	<tr>
72	<td valign="top">debug</td>
73	<td valign="top">0</td>
74	<td valign="top">A Boolean value that toggles if debug information should
75	be logged or not. This can be either 1 or 0.</td>
76	</tr>
77	<tr>
78	<td valign="top">file</td>
79	<td valign="top">nsclient.log</td>
80	<td valign="top">The file to write log data to. If no directory is used
81	this is relative to the NSClient++ binary.</td>
82	</tr>
83	<tr>
84	<td valign="top">date_mask</td>
85	<td valign="top">%Y-%m-%d %H:%M:%S</td>
86	<td valign="top">The date format used when logging to a file</td>
87	</tr>
88	</table>
89	<h2>[Systray]</h2>
90	<p>This section configures the system tray module.</p>
91	<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" id="table17">
92	<tr>
93	<td valign="top">Option</td>
94	<td valign="top">Default value</td>
95	<td valign="top">Description</td>
96	</tr>
97	<tr>
98	<td valign="top">defaultCommand</td>
99	<td valign="top"></td>
100	<td valign="top">A string that will be the default in the inject command
101	dialog.</td>
102	</tr>
103	</table>
104	<h2>[NSClient]</h2>
105	<p>This is the NSClient module configuration options.</p>
106	<p><b><i>This is subject to change in the near future</i></b></p>
107	<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" id="table18">
108	<tr>
109	<td valign="top">Option</td>
110	<td valign="top">Default value</td>
111	<td valign="top">Description</td>
112	</tr>
113	<tr>
114	<td valign="top">port</td>
115	<td valign="top">12489</td>
116	<td valign="top">The port to listen to</td>
117	</tr>
118	<tr>
119	<td valign="top">obfuscated_password</td>
120	<td valign="top"> </td>
121	<td valign="top">An obfuscated version of password. For more details
122	refer to the password option below. </td>
123	</tr>
124	<tr>
125	<td valign="top">password</td>
126	<td valign="top"> </td>
127	<td valign="top">The password that incoming client needs to authorize
128	themselves by. This option will replace the one found under Settings
129	for NSClient. If this is blank the option found under Settings will
130	be used. If both are blank everyone will be granted access.</td>
131	</tr>
132	<tr>
133	<td valign="top">allowed_hosts</td>
134	<td valign="top"> </td>
135	<td valign="top">A list (coma separated) with hosts that are allowed
136	to poll information from NSClient++. This will replace the one found
137	under Setting for NSClient if present. If not present the same
138	option found under Settings will be used. If both are blank all
139	hosts will be allowed to access the system</td>
140	</tr>
141	</table>
142	<h2>[NRPE]</h2>
143	<p>This is configuration for the NRPE module that controls how the NRPE listener
144	operates. </p>
145	<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" id="table19">
146	<tr>
147	<td valign="top">Option</td>
148	<td valign="top">Default value</td>
149	<td valign="top">Description</td>
150	</tr>
151	<tr>
152	<td valign="top">port</td>
153	<td valign="top">5666</td>
154	<td valign="top">The port to listen to</td>
155	</tr>
156	<tr>
157	<td valign="top">allowed_hosts</td>
158	<td valign="top"> </td>
159	<td valign="top">A list (coma separated) with hosts that are allowed
160	to poll information from NRPE. This will replace the one found under
161	Setting for NRPE if present. If not present the same option found
162	under Settings will be used. If both are blank all hosts will be
163	allowed to access the system</td>
164	</tr>
165	<tr>
166	<td valign="top">use_ssl</td>
167	<td valign="top">1</td>
168	<td valign="top">Boolean value to toggle SSL encryption on the socket
169	connection</td>
170	</tr>
171	<tr>
172	<td valign="top">command_timeout</td>
173	<td valign="top">60</td>
174	<td valign="top">The maximum time in seconds that a command can execute.
175	(if more then this execution will be aborted).<b> NOTICE</b> this only
176	affects external commands not internal ones.</td>
177	</tr>
178	<tr>
179	<td valign="top">allow_arguments</td>
180	<td valign="top">0</td>
181	<td valign="top">A Boolean flag to determine if arguments are accepted
182	on the incoming socket. If arguments are not accepted you can still
183	use external commands that need arguments but you have to define them
184	in the NRPE handlers below. This is similar to the NRPE dont_blame_nrpe
185	option.</td>
186	</tr>
187	<tr>
188	<td valign="top">allow_nasty_meta_chars</td>
189	<td valign="top">0</td>
190	<td valign="top">Allow NRPE execution to have nasty meta characters
191	that might affect execution of external commands (things like > etc).</td>
192	</tr>
193	</table>
194	<h2>[NRPE Handlers]</h2>
195	<p>This is a list of handlers for NRPE execution this can of course be used
196	by any module (such as NSClient) but for historical reasons they are located
197	in this section especially as NRPE plug-in is the one that does the actual execution.</p>
198	<p>The handlers can have two different syntaxes:</p>
199	<p>Either command[my_command]=/some/executable or my_command=/some/executable
200	The latter is the preferred way as it is shorter.</p>
201	<h2>[Check System]</h2>
202	<p>Here you can set various options to configure the System Check module.</p>
203	<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" id="table20">
204	<tr>
205	<td valign="top">Option</td>
206	<td valign="top">Default value</td>
207	<td valign="top">Description</td>
208	</tr>
209	<tr>
210	<td valign="top">CPUBufferSize</td>
211	<td valign="top">1h</td>
212	<td valign="top">The time to store CPU load. This means you can get
213	averaged values this far back in time. The downside is the buffer might
214	use a lot of memory if the check resolution is high.</td>
215	</tr>
216	<tr>
217	<td valign="top">CheckResolution</td>
218	<td valign="top">10</td>
219	<td valign="top">Time between checks in 1/10 of seconds. That means
220	a value of 10 means check every second. A value of 100 means check every
221	10 seconds and so on.</td>
222	</tr>
223	<tr>
224	<td valign="top">CounterPageLimit</td>
225	<td valign="top">\Memory\Commit Limit</td>
226	<td valign="top">Counter to use to check upper memory limit.</td>
227	</tr>
228	<tr>
229	<td valign="top">CounterPage</td>
230	<td valign="top">\Memory\Committed Bytes</td>
231	<td valign="top">Counter to use to check current memory usage.</td>
232	</tr>
233	<tr>
234	<td valign="top">CounterUptime</td>
235	<td valign="top">\System\System Up Time</td>
236	<td valign="top">Counter to use to check the uptime of the system.</td>
237	</tr>
238	<tr>
239	<td valign="top">CounterCPU</td>
240	<td valign="top">\Processor(_total)\% Processor Time</td>
241	<td valign="top">Counter to use for CPU load. For NT4 this has to be
242	altered to "\System\% Total Processor Time" as PDH definitions have changed.</td>
243	</tr>
244	</table>
245	<h2>[modules]</h2>
246	<p>This is a list of modules to load at startup. All the modules included in
247	this list has to be NSClient++ modules and located in the modules subdirectory.
248	This is in effect the list of plug-ins that will be available as the service
249	is running.</p>
250	<p>A good idea here is to disable all modules you dont actually use for two
251	reasons. One less code equals less potential security holes and two less modules
252	means less resource drain.</p>
253	</div>
254
255	</body>
256
257	</html>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: nscp/docs/Configuration/index.html @ 1d9338a

Download in other formats: