Foglight™ requires administrative privileges to configure the server to run as a service (a Windows® service or a UNIX®/Linux® init.d script). Once it is configured, the service can be launched with a regular user account.
Certain cartridges (for example, Foglight™ for Java EE Technologies) include one or more executable agent installers. The Components for Download dashboard, accessible from the Administration Console, can be used to download agent installers from the Management Server to a remote machine.
When installing the Foglight™ Management Server for use with an external database, the database can be set up later (that is, after the Management Server installation is complete). In this case, the database must be manually configured prior to starting the Management Server. This configuration requires executing the scripts in the <foglight_home>/scripts/sql directory as described in the Installation and Setup Guide applicable to the system and database. Some scripts must be run using an account with administrative privileges.
Foglight™ can control access to specific elements of a monitored system through a built-in credential management system. If an organization has specific policies in place regarding system access, such policies can be implemented using credentials managed by the Management Server.
Each credential can have one or more authentication policies associated with it, based on the desired usage count, failure rate, the time range during which the credential can be used, and the amount of time during which the credential information is cached locally. Credentials can apply to specific parts of the monitored environment, such as hosts and ports.
Foglight agents need access to this information when monitoring systems that require credential verification. Credentials are stored encrypted in lockboxes. Lockboxes are released to credential clients, such as agent managers.