Foglight for Databases 5.9.4 - Administration and Configuration Guide

Configuring email notifications

Foglight® uses email notifications to send reports or alarm-related messages to email recipients when certain thresholds are reached. This notification can happen, for example, when a rule enters a particular state. Foglight can also send reports to email recipients.

Email settings are stored in the Foglight registry. To ensure delivery of email messages to selected recipients, configure Foglight to use your email server along with an existing email account. Use the Email Configuration dashboard to configure your email. To access this dashboard, from the navigation panel, click Dashboards > Administration > Setup > Email Configuration.

For more information, see the following topics:

Managing Users and Security

Foglight® controls user access using the concept of users, groups, and roles. Each user can belong to one or more groups. The roles assigned to those groups determine the set of actions that the user can access. For example, if your user account belongs to a group that includes the Administration role, you can access the administrative dashboards in the browser interface.

Each Foglight user has a user name and a password and can belong to one or more groups. Foglight can store user passwords on the Management Server, or in an external directory.

The Users & Security dashboard allows you to manage user access. To access this dashboard, your user account must belong to a group with the Security Administration role.

NOTE: The Administration dashboard has been updated for this release. If you prefer to continue working with the previous version of the dashboard, click Use 5.6 Administration view. This link is located in the lower right corner of the dashboard.

For more information, see the following topics:

Password settings define the restrictions that apply to passwords for Foglight users. Foglight allows you to specify similar policies for its passwords and users that are likely in place in your corporate environment, including:

To view and edit Password settings, on the main Users & Security Management dashboard, click Password Policy Settings.

For more information, see Edit password settings.

Foglight supports the Lightweight Directory Access Protocol (LDAP version 3). This security feature allows Foglight to access user account information that is stored in an external directory. The following directory services are supported:

To configure directory services, you must be familiar with the details of your LDAP directory service. After configuring the LDAP directory service, Foglight creates a user account each time an LDAP user successfully logs in to Foglight for the first time. Any password changes in the LDAP directory service are transparent to Foglight. After a user’s password changes in the directory service, that user can log in to Foglight with the new password while any attempts to use the old password fail. If a user account is removed from the directory service, any login requests with those credentials result in a failure. Similarly, if the LDAP Authentication Service is down, Foglight cannot authenticate any of the users whose accounts are defined in the LDAP directory service. Any internal Foglight users, such as the default foglight account, or any accounts that you create, are unaffected during LDAP authentication interruptions.

IMPORTANT: After configuring the LDAP directory service, import LDAP groups into Foglight and grant them access permissions to enable their users to access the browser interface. Failure to do so prevents them from using the browser interface. For complete information, see “Importing and configuring LDAP groups” in the Online help.

The following considerations are important when planning to integrate an external directory service with the Management Server:

You can track user login credentials using the Users tab, accessible from the User Management view. This tab lists the users who have logged in to Foglight using their external account credentials.

To view and edit external directory settings, on the main Users & Security Management dashboard, click Directory Services Settings.

For more information, see the following topics:

A user session takes place during the time a user is logged in to the Management Server. Depending on your needs, you can configure Foglight to log out any users that are inactive after a specific length of time, or have user sessions that never time out.

An administrator is now able to assign an ID to the Foglight Server. This shows up on the login page and in the masthead. This allows users with multiple Foglight Management Servers to distinguish between them.

It can be set at the bottom of the Administration screen. Click the pencil icon, enter the server identifier and save. A page reload or logout/login is needed to refresh the masthead.

Suspending Alarms and Data Collection

A blackout is a period where normal monitoring activities are suspended due to some administrative preference. Blackouts are commonly created to prevent frequent alerts during scheduled maintenance periods.

Foglight® collects data about your system and dynamically builds topology models at run-time. A topology model consists of nodes, where each node is a topology object instance. A set of blackout management dashboards allow you to disable alarms and data collection for a specific period. Suspending alarms involves assigning blackout periods to topology objects. Suspending data collection is slightly different in that it involves assigning blackout periods to specific agent instances. An agent blackout is a scheduled event during which the agent does not collect data. Unlike agent blackouts, topology object blackouts do not interrupt the data collection for the object to which the blackout is assigned. Blacking out a topology object means that no rules analyze that object during the blackout. For more information about topology models, see the Data Model Guide.

Blackouts can be applied to dynamic managed components or services. If an object becomes part of a blacked out dynamic managed component or service, it is included in the blackout, even if the blackout is already in effect. Similarly, if an object is removed from a blacked out service or dynamic managed component during the blackout, it ceases to be blacked out.

IMPORTANT: In addition to the features available on the blackout management dashboards, topology and agent blackouts can also be configured using the command-line interface. However, the mechanism for creating blackouts from the command line is independent. It is not recommended to use both methods on the same Foglight Management Server. If you choose to use the command line for creating blackouts, delete all blackouts created with the command line before using the browser interface. If you want to switch from the command line to the blackout management dashboards, use the conversion script to convert the existing blackouts created with the command line. This way all blackouts can be managed in one location. To see a list of existing blackouts that were created using the command line, issue the topology:blackouts and agent:showschedule fglcmd commands. For more information about these commands, see the Command-Line Reference Guide. For more information about the conversion script, see the Foglight Upgrade Guide.

You can configure blackouts as recurring events, by associating them with an existing schedule, or as one-time events. Existing blackouts can be deleted or edited, as required.

To access the Blackouts dashboard, from the Administration dashboard, click Blackouts.

Managing Support Bundles

Foglight® allows you to gather diagnostic data and save it as a collection of files, called a support bundle. Support bundles can be forwarded to Quest Support, upon their request. There are two types of support bundles: server support bundles and Foglight Agent Manager support bundles.

Each server support bundle contains a diagnostic snapshot of the Management Server, log files, and a list of cartridges installed on the Management Server. The logs contain information specific to the operating environment like IP addresses, host names and user actions that have caused changes to the monitoring environment. The bundle is a simple zip file and can be expanded to view the contents which consist of plain text and PDF files. Foglight saves support bundles as ZIP files in the <foglight_home>/support/<user_name> directory on the machine hosting the Management Server.

The Support dashboard allows you to create server support bundles, and to download, or delete Foglight Agent Manager and server support bundles. You can also use this dashboard to generate and download host (Agent Manager) support bundles.

To access the Support dashboard, from the Administration dashboard, in the Support column, click Support Bundles.

For more information, see the following topics: