Chat now with support
Chat with Support

Foglight 5.9.5 - Command-Line Reference Guide

About the Command-Line Interface Managing the Foglight Management Server Managing the Foglight Agent Manager Managing Agents, Cartridges, and Metrics

foglight_db_upgrade

The foglight_db_upgrade command verifies the database version and upgrades it to a higher version if necessary. This command is useful when you need to migrate data from a Foglight environment that is running a lower version of the embedded database. This typically happens when the database upgrade that is initiated through the installer fails to complete.

foglight_db_upgrade [-config path_to_server.config] [-debug]

config

path_to_server.config

Provides the location to the server.config file.

debug

None

Prints debugging information.

C:\Quest\Foglight\bin>foglight_db_upgrade -debug
C:\Quest\Foglight\mysql\bin\mysqld.exe: ready for connections.
C:\Quest\Foglight\mysql\bin\mysqld.exe: ready for connections.

Managing Encryption Keys

Foglight stores encrypted passwords and uses application tokens to look up encryption keys. In a default installation, keystore and database passwords are encrypted using the foglight.defaultkey, stored in the <foglight_home>/config/mstkey.properties file.

In some cases, you may need to change the database password or the default keystore password, for extra security. A newly changed password must be encrypted using the keyman command, and updated in the appropriate configuration file:

Foglight database password is stored encrypted in the <foglight_home>/config/server.config file, in one of the following configuration parameters:
server.database.password sets the password used by the Management Server to establish the connection with the database.
server.database.embedded.password sets the password of the embedded database. The Management Server uses this value to start the embedded database. This is usually the root password that can be changed and encrypted.
The <foglight_home>/config/tomcat.keystore password is stored encrypted in the <foglight_home>/server/tomcat/server.xml file. The default keystore password is nitrogen.
keyman encpwd <password> foglight.defaultkey
Where password is the newly changed database password.
c
Record the output of the keyman command. For example:
3
Update the server.config file with the newly encrypted database password.
a
On the Management Server machine, open the <foglight_home>/config/server.config file for editing.
b
In the server.config file, replace the value of the appropriate entry (server.database.password for external database or server.database.embedded.password for embedded database) with the encrypted password, as recorded in Step c.
c
Save the changes to the server.config file and restart the Management Server.
d
Change the password for the Management Server user in the database (the default user name is foglight). For more information, see your database documentation.
2
On the Management Server machine, navigate to the <foglight_home> directory and issue the following command:
<keytool_path>/tomcat.keystore
Where keytool_path is the directory path to the tomcat.keystore file.
<keytool_path>/tomcat.keystore
key_name is the name of the key in the keystore whose password you want to change.
keytool_path is the directory path to the tomcat.keystore file.

jre/bin/keytool -J-server -keystore <keytool_path>/tomcat.keystore -storepass <password> --list -v

Where:

keytool_path is the directory path to the tomcat.keystore file.

password is the keystore password.

For more information about the keytool command, see your Oracle® JavaTM documentation
keyman encpwd <password> foglight.defaultkey
Where password is the newly changed tomcat.keystore password.
c
Record the output of the keyman command. For example:
4
Update the server.xml file with the newly encrypted tomcat.keystore password.
a
On the Management Server machine, open the <foglight_home>/server/tomcat/server.xml file for editing.
b
In the server.xml file, locate the keystorePass attribute, and update its value with the newly encrypted password, as recorded in Step c.
c
Save the changes to the server.xml file and restart the Management Sever.

keyman

The keyman command allows you to encrypt passwords, to change, add, or delete encryption keys, or to generate application tokens.

keyman [chmstkey old_key new_key] [addappkey key_name key_text key_pwd]
[delappkey key_name] [encpwd "pwd_str" key_name] [getapptkn key_name key_pwd]
Table 5. Options

addappkey

Adds an application key.

chmstkey

Changes the master key

delappkey

Deletes an application key.

encpwd

Encrypts a password string using an encryption key.

getapptkn

Generates an application token.

Table 6. Arguments

key_name

Specifies the name of the application key.

key_pwd

Specifies the password that protects the key.

key_text

Specifies the key value.

new_key

Specifies the new key value.

old_key

Specifies the old key value.

pwd_str

Specifies the password value that is to be encrypted.

keyman encpwd "my_new_password" foglight.defaultkey

C:\Quest\Foglight\bin>keyman addappkey my_key my_key_text my_key_pwd

Managing the Foglight Agent Manager

The Foglight Agent Manager is an application that manages Foglight agents on monitored hosts and allows them to communicate with the Foglight Management Server.

Foglight offers a set of commands that allow you to perform Foglight Agent Manager operations through the command-line interface. You can use these commands to perform a variety of tasks, such as start or stop the Foglight Agent Manager, display the version information, manage JVM options, or create a Foglight Agent Manager support bundle.

The Foglight Agent Manager component manages agent instances and their communication with the Foglight Management Server. Foglight Management Server installs include an embedded Foglight Agent Manager. The embedded Foglight Agent Manager on the Foglight Management Server starts up and stops with the server. This agent manager instance can be used to deploy agents and monitor the host on which the Foglight Management Server is installed, if required. To monitor additional hosts in your environment, you must install an agent manager component separately on each host computer. For more information about installing agent managers on monitored hosts, see the Agent Manager Guide.

Related Documents