Chat now with support
Chat mit Support

Foglight Agent Manager 5.9.4 - Foglight Agent Manager Guide

Configuring the embedded Agent Manager Installing external Agent Managers
Understanding how the Agent Manager communicates with the Management Server Deploying the Agent Manager cartridge Downloading the Agent Manager installer Installing the Agent Manager Starting or stopping the Agent Manager process Frequently asked questions
Configuring the Agent Manager Advanced system configuration and troubleshooting
Configuring Windows Management Instrumentation (WMI) Configuring Windows Remote Management (WinRM) UNIX- and Linux-specific configuration
Monitoring the Agent Manager performance Deploying the Agent Manager to large-scale environments

Disabling runtime resource negotiation

Disabling runtime resource negotiation causes the Agent Manager to revert to running under its default startup configuration.

./fglam --disable-overrides
2
Edit the <FGLAM_STATE>/config/client.config file to include the following block of code:
disable.overrides = true;

Disabling agent-specific changes to the upstream queue

The config/fglam-config.xml file contains an attribute that allows you to disable any agent-specific changes to the upstream queue settings at runtime. By default this attribute is set to true. You can use this feature, for example, to prevent individual agents to negotiate allocating large amounts of memory.

allow-runtime-change="false"/>

Configuring credentials

The Management Server includes a credential management system that enables you to create, store, and manage credentials through the Foglight® browser interface.

Different cartridges support different types of credentials. Some cartridges, for example, support the use of Windows® and UNIX® credentials, while others can only authenticate local users. The credential type determines which parts of the monitored system are used to connect to a resource, such as host names or IP addresses. For complete information about cartridge-specific credential types, see your cartridge documentation.

Credentials are encrypted and stored in lockboxes. Lockboxes are released to credential clients, such as the Agent Manager. Agents, in turn, request credentials from the Agent Manager.

For detailed information about managing credentials in Foglight, see “Controlling System Access with Credentials” in the Administration and Configuration Guide.

Foglight agents need access to credentials when monitoring systems that require credential verification. Credential information consists of a name, type, policies, and resource mappings. You can create and manage credentials through the Management Server browser interface.

Foglight supports the following commonly used credential types:

Challenge Response: Uses one or more challenge and response pairs to grant access without requiring any interaction in the browser interface. The answers are sent by the agent as part of the agent configuration.
Domain, User Name, and Password (Windows): Requires a user name and password to access a monitored resource. The domain name is optional.
DSA Key: Uses the Digital Signature Algorithm (DSA) Key for authentication.
RSA Key: Uses the RSA (Rivest, Shamir, and Adleman) Key for authentication.
Use Client’s Login At Connection Time: Uses the currently logged in user’s account to access secured resources. This is not the user currently logged into the Management Server, but the user under which the credential client is running. For example, a credential provided to an Agent Manager instance launched by a user on a remote machine, causes the connection to the secured resource to be made using this user’s identity.
User Name: Requires a user name to access a monitored resource.
User Name and Password: Requires a user name and password to access a monitored resource.

Each credential can have one or more authentication policies, based on the desired usage count, failure rate, the time range during which the credential can be used, and the amount of time during which the credential information is cached locally. Credentials can apply to specific parts of the monitored environment, such as hosts and ports. Resource mappings identify secured resources. The mappings typically contain a combination of literal expressions, regular expressions, or an IP address range.

For more information about creating and managing credentials, including detailed examples of configuring a credential, see “Exploring the Manage Credentials Dashboard” in the Foglight Administration and Configuration Guide.

Managing lockboxes

A lockbox can be password-protected, and contains a collection of credential keys used for encryption and decryption. A lockbox can encrypt one or more credentials. All lockboxes, except the System lockbox, are password-protected.

You can create, edit, and manage lockboxes, change their passwords, and release them to credential clients (such as the Agent Manager) using the Manage Lockboxes dashboard in the Management Server browser interface.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen