Configuring the embedded Agent Manager
Installing external Agent Managers
Understanding how the Agent Manager communicates with the Management Server
Deploying the Agent Manager cartridge
Downloading the Agent Manager installer
Installing the Agent Manager
Configuring the Agent Manager
Installing the Agent Manager using the installer interface
Installing the Agent Manager from the command line
Using the Agent Manager silent installer
Installing the Agent Manager as a Windows service
Starting or stopping the Agent Manager process
Frequently asked questions
How do I upgrade the Agent Manager?
How do I uninstall the Agent Manager?
Where can I find the Agent Manager installation log files?
Why does the message "Created system preferences directory in java.home" appear after I finish installing the Agent Manager on AIX?
Are the passwords that are stored in the configuration file, fglam.config.xml, encrypted?
How can I see what parameters are available for the silent installers?
Why are two URLs displayed for localhost when I search for HA peers?
I tested the connection between the Agent Manager and a Management Server, but the Management Server URL failed the connectivity test. Why did this happen?
When I try to install the Agent Manager using the installer interface on Solaris x86 VMware, it fails and a warning message related to fonts appears. Why does this occur?
Why does an AIX compatibility warning appear when I run the Agent Manager installer?
Operating system patches
Launching the Agent Manager installation interface
Configuring the Agent Manager from the command line
Configuring the Agent Manager to use SSL certificates
Configuring an Agent Manager instance as a Concentrator
Advanced system configuration and troubleshooting
Configuring the concentrator
Configuring downstream Instances
Creating a secure connection with downstream instances
Excluding SSL ciphers from upstream or downstream Connections
Excluding Specific SSL Protocols from Downstream Connections
Configuring the Agent Manager to accept connections from the Management Server
Configuring the Agent Manager to execute commands on remote hosts
Configuring multiple Agent Manager instances
Controlling the polling rate
Configuring the Agent Manager to work in HA mode
Assigning Agent Managers to HA partitions
Adding cartridges to the HA deployment whitelist
About agent fail-over
About non-HA deployments
Negotiating Agent Manager resources at runtime
Configuring credentials
Troubleshooting
Configuring Windows Management Instrumentation (WMI)
Monitoring the Agent Manager performance
WMI IPv6 connection support
Windows Firewall interference
Minimum requirements for Windows Management Instrumentation
Configuring Windows Remote Management (WinRM)
Promoting remote users to administrators on local machines through the Domain Controller
Granting required permissions to individual remote users
WMI access violation and OS connectivity verification failure
WMI and Quota Violation error
Known WMI issues in Windows Server 2008
Tuning WMI connections
Modifying registry key ownership on Windows Server 2008 R2
Configuring registry settings for Windows Server 2008 R2 and Windows 7
Resolving Access Denied errors when connecting to Windows XP Professional
OS collection fails with a Local_Limit_Exceeded error
Access to DCOM objects and registry is denied
Configuring registry settings for WinShell access through DCOM
Enabling agents to connect from UNIX machines
Enabling agents to connect locally on Windows
Releasing a locked MySQL process
WinRM IPv6 connection support
About WinRM authentication and the Agent Manager
Configuring the target (monitored) system
Configuring the Agent Manager (monitoring) system
Generating a configuration file required for WinRM Negotiate authentication
Configuring command-shell connection settings
About WinRM connection ports
Troubleshooting
UNIX- and Linux-specific configuration
SSH IPv6 connection support
About supported remote monitoring protocols
Configuring the Agent Manager to run as a daemon
Configuring Agent Manager agent privileges
Using sudo to configure secure launcher permissions
Using setuid_launcher to configure secure launcher permissions
Using the HP patch checking tool
About Agent Manager installations on AIX
Preventing Agent Manager core dumps on Linux
Investigating Agent Manager diagnostics
Deploying the Agent Manager to large-scale environments
Using Agent Manager silent installer Parameters
Example: Deploying the Agent Manager to multiple UNIX hosts
Example: Deploying the Agent Manager to multiple Windows hosts
Next steps
Disabling runtime resource negotiation
./fglam --disable-overrides
|
2 |
Disabling agent-specific changes to the upstream queue
The config/fglam-config.xml file contains an attribute that allows you to disable any agent-specific changes to the upstream queue settings at runtime. By default this attribute is set to true. You can use this feature, for example, to prevent individual agents to negotiate allocating large amounts of memory.
Configuring credentials
The Management Server includes a credential management system that enables you to create, store, and manage credentials through the Foglight® browser interface.
Different cartridges support different types of credentials. Some cartridges, for example, support the use of Windows® and UNIX® credentials, while others can only authenticate local users. The credential type determines which parts of the monitored system are used to connect to a resource, such as host names or IP addresses. For complete information about cartridge-specific credential types, see your cartridge documentation.
For detailed information about managing credentials in Foglight, see “Controlling System Access with Credentials” in the Administration and Configuration Guide.
Foglight supports the following commonly used credential types:
|
• |
Challenge Response: Uses one or more challenge and response pairs to grant access without requiring any interaction in the browser interface. The answers are sent by the agent as part of the agent configuration. |
|
• |
Domain, User Name, and Password (Windows): Requires a user name and password to access a monitored resource. The domain name is optional. |
|
IMPORTANT: When specifying a domain name in this credential type, a fully qualified domain name is required. Failing to use a fully qualified domain name may prevent the Agent Manager from establishing a connection to a remote monitored resource. For example, if the full domain name is prod.example.com, use prod.example.com as the domain name instead of just prod, when configuring the credential. |
|
• |
DSA Key: Uses the Digital Signature Algorithm (DSA) Key for authentication. |
|
• |
RSA Key: Uses the RSA (Rivest, Shamir, and Adleman) Key for authentication. |
|
• |
Use Client’s Login At Connection Time: Uses the currently logged in user’s account to access secured resources. This is not the user currently logged into the Management Server, but the user under which the credential client is running. For example, a credential provided to an Agent Manager instance launched by a user on a remote machine, causes the connection to the secured resource to be made using this user’s identity. |
|
• |
User Name: Requires a user name to access a monitored resource. |
|
• |
User Name and Password: Requires a user name and password to access a monitored resource. |
For more information about creating and managing credentials, including detailed examples of configuring a credential, see “Exploring the Manage Credentials Dashboard” in the Foglight Administration and Configuration Guide.