Foglight for Databases 6.1.0 - Administration and Configuration Guide

Understanding subscription licenses

Foglight Flex subscription licenses calculate usage differently for Foglight Evolve and Foglight for Databases. Review the content below to ensure you understand license consumption.

Foglight Evolve users who are subscribed to use a Foglight Evolve Flex subscription will be billed at the end of the billing period following your actual usage.

Your usage will be calculated based on the number of hosts you are monitoring. 

NOTE: If you are monitoring a Container Host which is running as a Hyper-V or Google Cloud virtual machine, the container host and Hyper-V VM or Google Cloud virtual machine will each be counted as one usage unit.

NOTE: If you are monitoring a Google Cloud VM without Stackdriver, and if it will also be monitored via an Infrastructure Cartridge or AD/Exchange agent, each one of them will be counted as one usage unit.

Foglight for Databases users who are subscribed to use a Foglight for Databases Flex subscription will be billed at the end of the billing period following your actual usage.

Your usage will be calculated based on the number of instances you are monitoring.

NOTE: When using Foglight for Azure SQL Database , each database will be counted as a monitored instance.

Allowing URLs for subscription license management

In order to ensure that subscription licenses function properly, ensure that the URLs listed below are not blocked by your firewall.

For more information, see the following topics:

Configuring email notifications

Foglight® uses email notifications to send reports or alarm-related messages to email recipients when certain thresholds are reached. This notification can happen, for example, when a rule enters a particular state. Foglight can also send reports to email recipients.

Email settings are stored in the Foglight registry. To ensure delivery of email messages to selected recipients, configure Foglight to use your email server along with an existing email account. Use the Email Configuration dashboard to configure your email. To access this dashboard, from the navigation panel, click Dashboards > Administration > Setup > Email Configuration.

For more information, see the following topics:

Managing Users and Security

Foglight® controls user access using the concept of users, groups, and roles. Each user can belong to one or more groups. The roles assigned to those groups determine the set of actions that the user can access. For example, if your user account belongs to a group that includes the Administration role, you can access the administrative dashboards in the browser interface.

Each Foglight user has a user name and a password and can belong to one or more groups. Foglight can store user passwords on the Management Server, or in an external directory.

The Users & Security dashboard allows you to manage user access. To access this dashboard, your user account must belong to a group with the Security Administration role.

NOTE: The Administration dashboard has been updated for this release. If you prefer to continue working with the previous version of the dashboard, click Use 5.6 Administration view. This link is located in the lower right corner of the dashboard.

For more information, see the following topics:

Password settings define the restrictions that apply to passwords for Foglight users. Foglight allows you to specify similar policies for its passwords and users that are likely in place in your corporate environment, including:

To view and edit Password settings, on the main Users & Security Management dashboard, click Password Policy Settings.

For more information, see Edit password settings.

Foglight supports the Lightweight Directory Access Protocol (LDAP version 3). This security feature allows Foglight to access user account information that is stored in an external directory. The following directory services are supported:

To configure directory services, you must be familiar with the details of your LDAP directory service. After configuring the LDAP directory service, Foglight creates a user account each time an LDAP user successfully logs in to Foglight for the first time. Any password changes in the LDAP directory service are transparent to Foglight. After a user’s password changes in the directory service, that user can log in to Foglight with the new password while any attempts to use the old password fail. If a user account is removed from the directory service, any login requests with those credentials result in a failure. Similarly, if the LDAP Authentication Service is down, Foglight cannot authenticate any of the users whose accounts are defined in the LDAP directory service. Any internal Foglight users, such as the default foglight account, or any accounts that you create, are unaffected during LDAP authentication interruptions.

IMPORTANT: After configuring the LDAP directory service, import LDAP groups into Foglight and grant them access permissions to enable their users to access the browser interface. Failure to do so prevents them from using the browser interface. For complete information, see “Importing and configuring LDAP groups” in the Online help.

The following considerations are important when planning to integrate an external directory service with the Management Server:

You can track user login credentials using the Users tab, accessible from the User Management view. This tab lists the users who have logged in to Foglight using their external account credentials.

To view and edit external directory settings, on the main Users & Security Management dashboard, click Directory Services Settings.

For more information, see the following topics:

A user session takes place during the time a user is logged in to the Management Server. Depending on your needs, you can configure Foglight to log out any users that are inactive after a specific length of time, or have user sessions that never time out.

An administrator is now able to assign an ID to the Foglight Server. This shows up on the login page and in the masthead. This allows users with multiple Foglight Management Servers to distinguish between them.

It can be set at the bottom of the Administration screen. Click the pencil icon, enter the server identifier and save. A page reload or logout/login is needed to refresh the masthead.