Chat now with support
Chat with Support

Foglight for SNMP 5.9.5 - User and Reference Guide

Multiple Foglight Agent Manager instances

Having multiple Foglight Agent Manager instances is supported for Foglight for SNMP.

When you run an SNMP discovery, a specific Foglight Agent Manager is selected to monitor the discovered devices. Each set of devices that you discover can be monitored by a specific Agent Manager. A device can be monitored by one Foglight Agent Manager instance only.

SNMP discovery

Foglight for SNMP uses SNMP to discover devices in a network and then to provide a complete set of attributes for each discovered device. This type of network discovery gathers data relating to hardware, software, and processes for each device, and identifies devices by responding status, protocols, type, and operating system.

Running an SNMP discovery completes the following activities:

Creates SNMP monitoring agent instances based on the OS types of the devices selected for discovery. For example, if you choose discovered devices that have Linux® and Windows® operating systems, a GenericSNMPWindowsAgent instance and a GenericSNMPLinuxAgent instance is created in that Foglight Agent Manager to monitor those devices respectively.

SNMP discovery on Linux requirements

Foglight for SNMP running on Linux requires that you allow Foglight Agent Manager root or administrator access to start the Agent Manager’s ICMPService. Perform one of the following in this order of preference.

Edit the sudoers file for your system to allow <fglam_home>/client/*/bin/udp2icmp to be run as root by the Foglight user. For detailed steps, see Using sudo to configure Secure Launcher permissions.

Using sudo to configure Secure Launcher permissions

This section contains instructions for using sudo to give agents elevated permissions. Use one of the following two methods: the configuration interface or the fglam.config.xml file.

2
Navigate to the Configure Secure Launcher or Secure Launcher step.
3
Set the path to point to the sudo executable. This executable is typically located in /usr/bin/sudo (the default path provided by the Agent Manager installer).
5
Edit the sudoers file for your system to allow <fglam_home>/client/<fglam_version>/bin/fog4_launcher to be run as root by a specific user, without requiring a password, and only for the agents that require root privileges.
For example, to allow the user foglight to run fog4_launcher for two specific agents without being prompted for a password:
6
Edit the sudoers file for your system to allow <fglam_home>/client/*/bin/udp2icmp to be run as root by a specific user, without requiring a password. This is required for ICMP ping service.
See the Foglight for Infrastructure User and Reference Guide for detailed examples of how to edit the sudoers file to restrict the granted permissions to a specific set of agents.
TIP: For sudo configuration, it is a best practice to use a wildcard for the version-specific Agent Manager and cartridge directories, as shown in the example above. Using a wildcard in a path is described in the Sudoers Manual at:

http://www.gratisoft.us/sudo/man/sudoers.html#wildcards

Using a wildcard for the version-specific directories allows you to avoid updating each sudoers file that references these directories when you upgrade the Agent Manager or the agents.

If these permissions are no longer needed, remove the lines that you added to run fog4_launcher or udp2icmp with root permissions.

1
Navigate to <fglam_home>/state/default/config.
2
Open the fglam.config.xml file for editing.
3
Edit the <config:path> element under <config:secure-launcher> to point to the sudo executable. This executable is typically located in /usr/bin/sudo (the default path provided by the Agent Manager installer).
4
Edit the sudoers file for your system to allow <fglam_home>/client/<fglam_version>/bin/fog4_launcher to run as root by a specific user, without requiring a password, and only for the agents that require root privileges.
For example, to allow the user foglight to run fog4_launcher for two specific agents without being prompted for a password:
5
Edit the sudoers file for your system to allow <fglam_home>/client/*/bin/udp2icmp to be run as root by a specific user, without requiring a password. This is required for ICMP ping service.
See the Foglight for Infrastructure User and Reference Guide for detailed examples of how to edit the sudoers file to restrict the granted permissions to a specific set of agents.
TIP: For sudo configuration, it is a best practice to use a wildcard for the version-specific Agent Manager and cartridge directories, as shown in the example above. Using a wildcard in a path is described in the Sudoers Manual at:

http://www.gratisoft.us/sudo/man/sudoers.html#wildcards

Using a wildcard for the version-specific directories allows you to avoid updating each sudoers file that references these directories when you upgrade the Agent Manager or the agents.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating