POM 5.

4 Admin Guide by POM Monitoring

POM 5.4

ADMIN GUIDE
 QUICK ACCESS MENU

USING POM WEB INTERFACE

EVENTS TAB INVENTORY TAB MAPS TAB

LOGS TAB 360° TAB REPORTS TAB

MONITORING ADMINISTRATION

SPREADSHEET FILE EVENT-HANDLER

READY-TO-USE TEMPLATES

HOST MONITORING SERVICE MONITORING

TEMPLATES TEMPLATES

Go to Name Index & Glossary

 POM 5.4

ADMIN GUIDE
Revision 1.8.4 – 23 December 2016
Download latest revision

POM FORUM:
[Link]

TECHNICAL SUPPORT:

+33(0)811 957 710

support@[Link]
 IMPORTANT NOTICE

Welcome to the POM Admin Guide !

This manual is intended to guide you through advanced functionalities of the POM platform.
To get the latest revision of this document, download it from our website

For interactive Q&A with our team,

Be sure to visit the new Forum on our website

KNOWN ISSUES

Internet Explorer is known to cause problems with POM html reports.

Current versions of Firefox built-in PDF viewer are known to alter lines of code copied from a pdf.

Therefore, we recommend you use Chrome or Opera web browsers to access the POM web interface

This manual, including all illustrations, is protected under international copyright laws, with all rights
reserved. It may not be reproduced without written consent of POM Monitoring TM.
POM MonitoringTM is a protected trademark.

© Copyright POM MonitoringTM 2016

 TABLE OF CONTENTS

1 RELEASE NOTES 13
1.1 WHAT’S NEW ? 15

2 USING POM WEB INTERFACE 17

2.1 EVENTS TAB 19
2.1.1 MONITORING POINTS 20
2.1.2 EVENT TRAY 21
2.1.3 THE VIEWING PANE 22
2.1.4 METRICS 25
2.1.5 ACTION BUTTONS 27
2.1.6 SETTINGS BUTTONS 29
2.1.7 FILTERING OBJECTS 30
2.1.8 COUNTERS 32
2.1.9 OPTIONS 33
2.2 INVENTORY TAB 35
2.2.1 OVERVIEW 36
2.2.2 RESULTS TABLE 37
2.2.3 FILTERS 40
2.3 MAPS TAB 41
2.3.1 STATUS SYMBOLS 42
2.3.2 OVERVIEW PAGE 43
2.3.3 DETAILED VIEW 44
2.3.4 CREATING AND MANAGING A MAP 45
2.3.5 WEATHERMAP 50
2.3.6 GEOGRAPHICAL MAPS 51
2.3.7 SHAPES 53
2.4 LOGS TAB 55
2.4.1 OVERVIEW AND COLOR CODE 56
2.4.2 INDEX 57
2.4.3 DOWNLOAD/ EXPORT LOGS 59
2.4.4 FILTERS 60
2.5 360° (DASHBOARDS) TAB 65
2.5.1 OVERVIEW 66
2.5.2 MANAGING DASHBOARDS 67
2.5.3 MANAGING WIDGETS 69
2.5.4 WIDGET TEMPLATES 70
2.6 REPORTS TAB 83
2.6.1 OVERVIEW 84
2.6.2 REPORT TEMPLATES 85
2.6.3 WIDGETS 86
2.6.4 REPORT TEMPLATE CREATION 87
2.6.5 REPORT GENERATION 88
2.7 CONFIGURATION 89
2.7.1 PERMISSIONS 90
2.7.2 SYSTEM 97
2.7.3 OBJECTS 106
2.7.4 CONFIGURATION STATE 111

3 POM SERVER ADMINISTRATION 113

3.1 POM SERVER INFO 115
3.1.1 SERVER DIRECTORY STRUCTURE 116
3.1.2 SERVER PORTS AND STREAMS 117
 3.2 QUICKSTART INSTALLATION PROCEDURE 119
3.2.1 REQUIREMENTS 120
3.2.2 SERVER INSTALLATION 122
3.2.3 INITIAL CONFIGURATION 126
3.3 HOW-TO: SERVER MAINTENANCE 133
3.3.1 LOGGING IN AS ROOT 134
3.3.2 REBOOTING AND SHUTTING DOWN THE SERVER 135
3.3.3 UPDATING & UPGRADING A POM PLATFORM 136
3.3.4 BACKING UP & RESTORING A POM PLATFORM 138
3.3.5 MIGRATING/DUPLICATING A POM PLATFORM 139
3.3.6 INCREASE /DATA PARTITION SIZE 141
3.3.7 RENEWING SSL CERTIFICATE 144
3.4 HOW-TO: SERVER ONEOFF OPERATIONS 145
3.4.1 SETTING UP LANGUAGE 146
3.4.2 ACTIVATING SNMP 147
3.4.3 SETTING UP A PERSISTENT ROUTE 151
3.4.4 MANAGING LARGE DRIVES 152
3.4.5 SETTING UP A BEAGLEBONE AS A POM CONSOLE 153
3.5 HOW-TO: WEB INTERFACE CUSTOMIZATION 155
3.5.1 EVENTS 156
3.5.2 INVENTORY 158
3.5.3 MAPS 159
3.5.4 LOGS 162
3.5.5 REPORTS 166
3.5.6 SETTING UP SCREEN ROLLOVER 170

4 POM INFRASTRUCTURE ADMINISTRATION 173

4.1 POM-AGENT 175
4.1.1 AGENT INSTALLATION ON THE WINDOWS SYSTEM 176
4.1.2 AGENT REGISTRATION IN POM 177
4.1.3 EXECUTION OF SCENARIOS 178
4.2 POM-HA (HIGH AVAILABILITY) 191
4.2.1 BASIC PROCEDURES 192
4.2.2 MAINTENANCE PROCEDURES 193
4.2.3 EVENTS CHECKLIST 195
4.3 POM HYPERVISION 199
4.3.1 POM HYPERVISOR AND POM SATELLITES 200
4.4 POM MULTISITE 201
4.4.1 REGISTERING IN THE SPREADSHEET FILE 202
4.4.2 ON-DEMAND SITE MAPS 206

5 INTEGRATION 209
5.1 SYSTEMS 211
5.1.1 MONITORING A WINDOWS SYSTEM 212
5.1.2 MONITORING A LINUX/UNIX SYSTEM 213
5.1.3 MONITORING A VIRTUALIZED INFRASTRUCTURE (VMWARE) 214
5.1.4 MONITORING A VIRTUALIZED INFRASTRUCTURE (AWS) 218
5.2 USERS & AUTHENTICATION 221
5.2.1 LDAP/LDAPS/LDAPTLS AUTHENTICATION 222
5.2.2 SSO VIA KERBEROS 227
5.2.3 SMTP AUTHENTICATION 232
5.2.4 ADDING WEB USERS 233
5.2.5 PASSWORDS 234
5.2.6 AUTOLOGIN 235
5.3 HOW-TO: INTEGRATION 237
5.3.1 SETTING UP WMI 238
5.3.2 CHANGING POM USER LANGUAGE ON AN IBM AS/400 244
6 MONITORING ADMINISTRATION 245
6.1 SPREADSHEET FILE 247
6.1.1 FORMATTING & PROCESSING RULES 248
6.1.2 STRUCTURE OF A SPREADSHEET FILE 249
6.1.3 GLOBAL SETTINGS IN A SECTION 251
6.1.4 OBJECT DEFINITION COMMANDS 252
6.1.5 HOSTS SECTION 253
6.1.6 SERVICES SECTION 256
6.1.7 SITES SECTION 257
6.1.8 META SECTION 258
6.1.9 APPLIPERF SECTION 266
6.1.10 LOGMATCH SECTION 268
6.1.11 RETENTION SECTION 272
6.1.12 RELOADING CONFIGURATION DATA MANUALLY 273
6.2 EVENT-HANDLER 275
6.2.1 OVERVIEW 276
6.2.2 SET UP 277
6.2.3 LIST OF MACROS AVAILABLE WITH AN EVENT-HANDLER 278
6.2.4 EXAMPLE – RESTART A WINDOWS SERVICE 282
6.3 HOW-TO: MONITORING ADMINISTRATION 283
6.3.1 MONITORING A DEVICE VIA SSH 284
6.3.2 MODIFYING ALERT PARAMETERS 287
6.3.3 SETTING UP NOTIFICATIONS 288
6.3.4 SETTING UP SCENARIOS 297
6.3.5 SETTING UP SERVER DOWNTIMES VIA HTTP REQUESTS 304

7 MONITORING TEMPLATES 307

7.1 HOST MONITORING TEMPLATES 308
7.1.1 FULL LIST OF HOST TEMPLATES 311
7.1.2 SYSTEMS & HARDWARE 314
7.1.3 NETWORK, INTERNET & REMOTE ACCESS 337
7.1.4 SECURITY 367
7.1.5 STORAGE 381
7.1.6 VIRTUALIZATION 389
7.2 SERVICE MONITORING TEMPLATES 393
7.2.1 FULL LIST OF SERVICE TEMPLATES 397
7.2.2 SYSTEM INDICATORS 399
7.2.3 TCP/IP & NETWORK SERVICES 421
7.2.4 DATABASES 462
7.2.5 APPLICATIONS & SOFTWARE 481

APPENDIX A: PLUGINS & CHECK COMMANDS 506

OVERVIEW 507
PLUGINS 509
CHECK COMMANDS 527

NAME INDEX / GLOSSARY 573

 1 RELEASE NOTES
1 RELEASE NOTES

13
 1 RELEASE NOTES
1.1 WHAT’S NEW ?

Below are the main new features included in POM 5.4

NEW .OVA INSTALLATION METHOD FOR VIRTUALIZED POM SERVERS

In addition to previous CD-ROM / USB stick installation methods, you can install a virtualized POM
server on a hypervisor directly from a pre-configured .OVA file.
 See POM SERVER ADMINISTRATION: Quickstart Installation Procedure

1.1 WHAT’S NEW ?

NEW ADVANCED CONFIGURATION IN WEB INTERFACE
You can now configure your server's parameters directly from the web interface, rather than using
the pomcfg tool in command line. This is done, depending on the parameters, in the Network or
Advanced configuration entries of the configuration menu
 See POM WEB INTERFACE: Configuration

RUN THE POMGEN TOOL FROM THE WEB INTERFACE

In previous POM versions, you had to run the pomgen tool via command line to manually update
your platform configuration from the spreadsheet files. In POM 5.4, you can now run pomgen by a
simple Ctrl + click on the Refresh button of the Events tab.
 See USING POM WEB INTERFACE: Events Tab
 See also SPREADSHEET FILE: Reloading Configuration Data Manually

DHCP BY DEFAULT
POM server now automatically fetches its IP address via DHCP when installed. It allows direct use
of the monitoring platform without further command line configuration. You can disable DHCP in
directly from the web interface, using the new Network entry of the configuration menu.
 See POM SERVER ADMINISTRATION: Quickstart Installation Procedure
 See POM WEB INTERFACE: Configuration

INTERFACE BONDING DISABLED BY DEFAULT

In previous versions, a networking bond was created by default. In POM 5.4, only the first interface
(eth0) is used by default. You can enable bonding in the Network entry of the web interface
configuration menu.
 See POM WEB INTERFACE: Configuration

AN AUTOMAP FOR EACH POM

An automap is now created for each POM server in your network.
 See WEB INTERFACE CUSTOMIZATION: Automaps

15
HTTP BY DEFAULT
To prevent self-signed certificate false alarms when connecting to POM's web interface from a
browser for the first time, connection is now done via HTTP instead of HTTPS as was previously
the case. You can enable/disable HTTPS from the new Network configuration tool in the web
interface.
Consequently, the X509 and ADM-HTTPS components of the automatically-generated POM META-
indicator are replaced by a simple ADM-POM component. This way:
 When HTTP is enabled, you receive no unwanted alert regarding login authentication
 When HTTPS is enabled, you receive an alert when your X509 certificate has expired
 See POM WEB INTERFACE: Configuration - Network

AUTOMATIC POMGEN DISABLED BY DEFAULT

In previous POM versions, the pomgen tool, which reloads the spreadsheet configuration files into
the platform, was set (by cron table) to run every minute. In POM 5.4, this feature is disabled by
default, to save on resources. You can re-enable automated pomgen in the new Advanced
configuration entry of the configuration menu
 See POM WEB INTERFACE: Configuration - Advanced

ENHANCED STATUS POP-UP IN THE EVENTS TAB

The status information pop-up for an event line in the events tab now includes multiple graphs
and metrics.
 See USING POM WEB INTERFACE: Events Tab

DOWNTIMES AND ACKNOWLEDGED EVENTS IN GEOGRAPHICAL MAPS

When a site has been put on downtime or a site's events have been acknowledged, the relevant
icons ( or ) now replace the colored chip for the site in a geographical map.
 See USING POM WEB INTERFACE: Maps Tab - Geographical Maps

NEW SATELLITE COLUMN IN THE HOSTS SECTION

You can now define your POM-Satellite architecture using a SATELLITE column in a HOSTS section.
Keep in mind the satellite must be defined before the poller.
 See MONITORING ADMINISTRATION: Spreadsheet File - HOSTS Section

IMPROVED VIRTUALIZED INFRASTRUCTURES MONITORING

In addition to new virtualization-specific columns, you can now monitor AWS (Amazon Web
Services) virtualized infrastructures.
 See INTEGRATION: Monitoring a Virtualized Infrastructure
 INTERFACE
2 USING POM WEB

2 USING POM WEB INTERFACE

 2 USING POM WEB INTERFACE
2.1 EVENTS TAB

2.1 EVENTS TAB

This section focuses on common usage of the Events tab.

 For more advanced features, see HOW-TO: WEB INTERFACE CUSTOMIZATION – Events

19
2.1.1 MONITORING POINTS

There are mainly two types of elements that are defined when configuring POM: hosts and
services. Hosts represent machines, and services represent the monitoring points associated with
them.
Services are checked by scripts that are run on the server. POM runs the scripts for the different
monitoring points at regular intervals to collect specific information.
The value returned by the monitoring point is converted by POM to an OK, WARNING, CRITICAL or
UNKNOWN state. An OK state is distinct from the others since it's the only one that indicates
everything is running properly.
When a check on a host or a service results in a state that is not OK, POM changes the monitoring
point's state type to SOFT (not confirmed), and will attempt to re-check its status multiple times at
shorter intervals.
After several checks, the monitoring point's status may return as OK, in which case there is no need
to send an alert since the problem resolved itself.
If, on the other hand, the alert status remains the same each time the monitoring point is checked
(5 checks by default, once every minute) while it is in a SOFT state, the state type switches to
HARD (confirmed) and an alert is triggered, accompanied by a notification (e-mail or sms) if
notifications are enabled for the monitoring point.
The following diagram summarizes how this behavior works.

Every check to determine what state a monitoring point is in is an event. These events, the status
of the monitoring point, and the status of the alert are all displayed in real time in the Event Tray.

20
 2 USING POM WEB INTERFACE
2.1.2 EVENT TRAY

An event tray is an irrefutably efficient tool. It must provide:

 Access to information as quickly as possible
 The ability to obtain more detailed information with the fewest number of actions
 An intuitive graphical user interface
 The ability to quickly carry out routine monitoring tasks from a workstation (e.g.,
acknowledge, disable, schedule downtimes)

The Events tab is based on the OpenPOM application, published under a GPL license and
maintained by POM MonitoringTM.

2.1 EVENTS TAB

Good practices:
 Aim at never having any persistent “red line” in your event tray. If you get used to leaving
unattended issues in your tray, you will have a hard time detecting a new alert when one
occurs.
 When the number of status lines is concerned, the less is the better. Try to always have one
third of your event tray screen left blank.

21
2.1.3 THE VIEWING PANE

The viewing pane is the most important part of the Events tab. Events are displayed in a way that
synthesizes information for quick analysis. The available columns include:
Column Description
Flags Service
Host
Show historical graph
Alert acknowledged
Element in sleep mode (downtime)
Alert disabled
Element contains a comment
Flapping (status is highly volatile)
Host is inactive
Host is a known POM-Agent
Host is a known POM-Satellite
Opens PROCEDURE wiki popin
Duration Amount of time since last status change; duration of alert
Equipment (h) Name of host
IP (i) IP address of device
Service (s) Name of service
Status information (o) Result of last check
Site (l) Geographical site
Type (t) Host type
Groups (g) Groups that the device belongs to; may be filtered
(column hidden by default)
Last check Amount of time since last check
 See OPTIONS to select which columns you want to display
Alerts may be identified quickly according to their color and font style:
Color/Style State
OK state (return value is below warning level threshold)
WARNING state (return value is between warning and
critical levels)
CRITICAL state (return value is above critical level)
UNKNOWN state (no return value)
TRACKING enabled on an entry not in an OK state
TRACKING enabled on an entry in an OK state
Information in italics SOFT state

Note: the color representing the monitoring point's original state remains in the flag column, even when
tracking is enabled, so that the error state (warning, critical or unknown) is easily identified.

Italics are used with levels 3 (SOFT) and below to indicate that an alert status is changing.

22
 2 USING POM WEB INTERFACE
STATUS POP-UP
You can see more information on the status history of an event by hovering over the line and
pressing the Ctrl key. This will display the status pop-up window containing detailed
information, and performance and/or availability graphs for that indicator.
If the status pop-up is enabled (see settings buttons), hovering your cursor over an alert for 2
seconds will display the pop-up window.
Click the upper right-hand corner to make the pop-up switch to a floating [Link] pop-up
automatically closes after a few seconds. You can force it to close by clicking on it, or prevent it
from closing by moving your mouse so that it stays inside the [Link] contents in the pop-up
automatically change when you hover over another alert.

Information contained in the pop-up on the Events tab is described below:

2.1 EVENTS TAB

Pop-up information Description
Equipment | Service Information about a monitored host and/or
service
Current status Current status and duration of this status
Status information Detailed information about the current state.
Depends on the type of check.
Check: attempt | Interval | Last Information about the check:
No. of check attempts | Interval between checks
| Amount of time since the last check attempt
Last OK state Date of the last OK state, and the duration
between the last OK state and the current state
Next check Date of the next check attempt
Check type | Check name Type of check (active or passive) | Check name
(check command)
Check latency | Duration Gap between check scheduled date and actual
check execution date | Execution time
Last state change | Last update Amount of time since last state change | Last
state update
Is this service flapping Is the service abnormally changing states too
frequently?
Groups: hosts | Contacts Groups of hosts | Groups of contacts
Notification: last (count) | Next Date (and number) of notifications last sent |
Next notification date
History | Logs Direct access to the logs for this host (logs sent
to the POM platform by the host itself) | Full
history of events

23
Example of pop-up window:

Note: a click on the graph opens the metrics graph display window.

A click on Full history gives you an extensive history of states and actions (including
acknowlodgements):

24
 2 USING POM WEB INTERFACE
2.1.4 METRICS

Clicking on an event's Graph icon opens a window displaying a graph for the indicator for
preselected time periods.

Note: another way to access to this display is to click on the graph shown in the dynamic pop-up.

Dynamic and technical display modes are available. In either mode, it is possible to choose the
displayed curves.

DYNAMIC DISPLAY FEATURES

2.1 EVENTS TAB

 graph size depends on the size of the containing window
 zoom along the abscissa axis with the mouse wheel
 display of precise curve values by moving the mouse cursor

Example:

25
TECHNICAL DISPLAY FEATURES
 display trends
 display predictions
 static curves only

Example:

26
 2 USING POM WEB INTERFACE
2.1.5 ACTION BUTTONS

ACKNOWLEDGE
This allows you to acknowledge one or more alerts. Future notifications will be disabled, and the
acknowledged alert will be removed when the state changes.

Note: do not perform this action unless the alert is being investigated.

When this action is selected, a pop-up window appears:

2.1 EVENTS TAB

You can then enter a description for the alert. POM will automatically choose whether the cache of
the plugin involved in the alert should be reset or not.
 For more info on plugins, see FROM PLUGINS TO TEMPLATES: Plugins
If you need to force the reset, simply click the RECHECK button (see next page) while holding the
CTRL key.
You can also choose to track the alert instead of just acknowledging it. Tracked events will
continue to be displayed in the UI, and will be highlighted in a different color (blue) in view levels
1 through 3.

DOWNTIME
This allows you to schedule a period of planned downtime for one or more alerts. Notifications are
disabled during this period, even if a state changes.

Note: this action is only to be used on an alert indicating that a host/service is down for maintenance or
is scheduled for maintenance.

You can specify the downtime period or date to place in sleep mode in the pop-up confirmation
window:

27
 DISABLE NOTIFICATIONS
This allows you to disable notifications for a service and prevent them from being displayed
(unless tracking is enabled) in view levels 1, 2 and 3.
No confirmation is required.

ADD COMMENT
This lets you add a comment to an alert. The comment will appear in the alert's pop-up window.

RESET
This removes all actions performed on an alert.

RECHECK
This lets you force the selected service(s) to be checked again.
No confirmation is required.
If you hold the CTRL key while clicking the RECHECK button, POM will also reset the plugin's
cache.

28
 2 USING POM WEB INTERFACE
2.1.6 SETTINGS BUTTONS

These buttons allow you to apply settings across all information displayed in the viewing pane.

REFRESH/RELOAD
Lets you refresh the view. Even if you do not click this button, the view will still be refreshed
periodically. The refresh timer is displayed to the right of the icon.
Simple click on this button refreshes the view and reloads POM's configuration from the
spreadsheet files (only if they have been modified).
Ctrl+click on this button forces the reload of POM's configuration from the spreadsheet files,
whether they have been modified or not.

2.1 EVENTS TAB

 See SPREADSHEET FILE: Reloading Configuration Data Manually

DISABLE STATUS POP-UP

Disables the pop-up window that appears when you mouse over an alert.

ENABLE STATUS POP-UP

Enables the pop-up window that appears when you mouse over an alert.

DISABLE NOTIFICATIONS
Disablesnotifications for all alerts. This button is indispensable when a major problem occurs and
you need to investigate it without being bombarded by endless alerts.

ENABLE NOTIFICATIONS
Enables notifications for all alerts.

POM LOG
This is a quick link to the Logs view, which displays logs collected by the POM platform.

MONITOR MODE
Changes the display to a “dashboard” view, removing all action buttons and selectors. This is a
useful feature when viewing POM on a large monitor.

OPTIONS
Used to set other visual preferences.
 See OPTIONS

29
2.1.7 FILTERING OBJECTS

VIEW LEVELS
The view level selector restricts the information displayed on the screen based on the various alert
levels.
# View level Displayed information
1 Critical Only unacknowledged events in a critical state
are displayed. Critical alerts with tracking
enabled are also displayed.
2 Hard alert Unacknowledged events in a critical or
warning state are displayed. Critical and
warning alerts with tracking enabled are also
displayed.
3 Critical/warning/soft Soft states are included with the previous
view. Soft states are events in a critical or
warning state that have not yet been
confirmed.
4 Critical/warning/ack All events in a critical or warning state are
displayed, including those that have been
acknowledged (known problem).
5 Critical/warning/outage Events whose critical or warning state are tied
to an alert already in a critical or warning state
are added to the previous view. The state of
these events depend on the state of another
alert.
6 Critical/warning/outage/svc When a host is unreachable, the interface
hides all services associated with this device.
This option lets you display the events related
to the host anyway.
7 All Displays the status of all monitoring points.

FILTER
The filter allows you to restrict the information displayed in the current view. The next two buttons
are to confirm your selection, and to reset the filter, respectively.
There are two different search methods available:
 General search: a filter is applied to the Equipment, Service, Status information, and Groups
columns based on the character string entered in the search field.
 Narrow search: Clicking a word's link in the Equipment (h), Service (s), IP (i), Site (l), Type
(t) or Groups (g) column inserts this word into the search field, preceded by the column
letter.

30
 2 USING POM WEB INTERFACE
Example: clicking the word EVENT in the Service(s) column enters the string s:EVENT* in the
search field.
The Quick search setting in the options pop-up offers two different ways to use the narrow search
function:
 Quick search ENABLED: clicking a new “clickable” word overwrites the contents in the search
field
 Quick search DISABLED: clicking a new “clickable” word adds it to what is already in the
search field and joining these two elements by the & operator. You can modify the contents
of the search fields, for example, by changing the operator.

The different operators you can use appear when you mouse over the search field for a few
seconds. Available operators are:

2.1 EVENTS TAB

& : Boolean AND
Example: i:[Link] & s:EVENT displays all of the events in which the IP column
contains [Link] AND the Service column contains EVENT

| : Boolean OR
Example: i:[Link] | s:EVENT displays all of the events in which the IP column
contains [Link] OR the Service column contains EVENT

* : Any string of characters

Example: s:EVENT* displays all of the events in the Service column that contain the EVENT string,
followed by any character

! (unary operator): Negation

Example: !s:EVENT* displays all of the events in the Service column that do not contain the EVENT
string. The <equal><space> prefix searches the exact value. The <not> prefix searches the
opposite value.

31
2.1.8 COUNTERS

ALERT COUNTERS
Indicate the number of events displayed after applying the current filter.
State Description
critical number of alerts in a “critical” state
E.g., 7 out of 13 alerts found are visible after filtering
warning number of alerts in a “warning” state
E.g., 2 out of 8 alerts found are visible after filtering
unknown number of alerts in an “unknown” state
E.g., 1 out of 7 alerts found are visible after filtering
ok number of alerts in an “ok” state
E.g., 3 out of 434 alerts found are visible after
filtering
acknowledge number of acknowledged alerts (under
investigation)
E.g., 0 out of 1 alert found are visible after filtering
disable notification number of alerts with disabled notifications
E.g., 3 out of 36 alerts found are visible after filtering
downtime number of alerts in sleep mode (downtime)
E.g., 0 out of 0 alerts found are visible after filtering
disable active check number of alerts in which monitoring is disabled
E.g., 0 out of 0 alerts found are visible after filtering

PAGES COUNTER
Shows the range of alerts displayed out of the total number of alerts.

If the search generates several pages, the Prev and Next buttons appear. These buttons
can then be used to navigate through the pages.

32
 2 USING POM WEB INTERFACE
2.1.9 OPTIONS

The Option Button opens a pop-up overlay where you can set preferences for how information
is displayed on the “Events” tab:

2.1 EVENTS TAB

The following settings may be customized:
Setting Description
Refreshing every The screen will refresh at the set interval.
Number of displayed lines Maximum number of lines displayed on screen (max. 999)
Default level Alert level displayed by default. By default, confirmed level
2 alerts are displayed, i.e., events in a “warning“ or “critical”
state that have gone through the necessary checks
Max characters: Equipment Maximum number of characters displayed in the
(Hostname) “Equipment” column
Max characters: Service Maximum number of characters displayed in the “Service”
column
Max characters: Output Maximum number of characters displayed in the “Status
(Status information) information” column

33
Setting Description
Max characters: Site Maximum number of characters displayed in the “Site”
column
Max characters: Type Maximum number of characters displayed in the “Type”
column
Max characters: Groups Maximum number of characters displayed in the “Groups”
column
Font size alert Size of the font for displaying events/alerts
Quick search Enables the quick search feature. This allows you to perform
searches by either entering a word in the search field or
clicking a word appearing in an event (without having to
confirm it). Disabling this option allows you to perform more
complex searches
Run pomgen –if on click Enables the display of pomgen windows to allow the
Refresh ‘pomgen –if’ command
Status pop-up: information If this box is checked, all available lines in the pop-up
window will be visible. To reduce the amount of information
on the screen, you can specify the number of lines to
display.
0 displays only the following lines:
Equipment | Service, History | Logs
If the information displayed only represents a partial view,
clicking the “More” link will show the full contents of the
pop-up.
No frame around the page If the box is not checked, a border in the color of the most
serious alert status appears around the alert list. This helps
you easily find information about the most serious alerts,
particularly on a large screen mounted on a wall.
Columns to display Lets you select the columns to display on the screen. By
default, the “IP” and “Groups” columns are hidden.
History to display Lets you select what history information to display in the
pop-up after clicking the “Full history” link.
There are two types of information:
The flag setting (Acknowledgement, Downtime, Comment)
Event changes (Notify, State, Flapping)

34
 2 USING POM WEB INTERFACE
2.2 INVENTORY TAB

2.2 INVENTORY TAB

This section focuses on common usage of the Inventory tab.

 For more advanced features, see HOW-TO: WEB INTERFACE CUSTOMIZATION – Inventory

35
2.2.1 OVERVIEW

POM’s new Smart Inventory & Discovery module allows you to automatically discover devices on a
given network, and export results directly to a POM-compliant spreadsheet file, saving even more
time when registering monitored devices.

Using the Inventory tab is really simple: a daemon makes all the discovery work on the target
network(s), then you just have to filter the results to suit your monitoring needs.
 To modify the daemon’s settings, see HOW-TO: WEB INTERFACE CUSTOMIZATION – Inventory

Results presented in the Inventory tab can also be displayed as a new widget in the 360°
(Dashboards) tab.
 See USING POM WEB INTERFACE: 360* Tab

The Inventory tab is divided in two sections:

 On the right side of the screen is the results table, where all devices found are listed
 On the left side of the screen, filters are available to refine auto-discovery results.

36
 2 USING POM WEB INTERFACE
2.2.2 RESULTS TABLE

The results table displays the list of all devices found on the target network, along with all
corresponding data that could be collected (fetched via SNMP, DNS, etc.).

2.2 INVENTORY TAB

STATE
Current state of the device. Every possible state is represented by a specific icon, and some can be
clicked to access to another tab of the POM web interface.
Possible device states are as follows:
Icon Description Action if click
Unregistered, reachable

Registered, reachable

Unregistered, unreachable

Registered, unreachable

Monitored, "up" state Access to Events tab, pre-filtered, with hostname

Monitored, “unreachable” Access to Events tab, pre-filtered, with hostname

Monitored, "down" state Access to Events tab, pre-filtered, with hostname

POM logs Access to Logs tab, pre-filtered, with hostname

37
TYPE
Type of host/device/machine.
Possible type representations are as follows:
Icon Description
Linux

Windows (from W2000 to W2012)

Other known type

Unknown type

LOCATION
If available, location info on the device

IP ADDRESS
IP address of the Device

NETWORK NAME
Network address, expressed in CIDR notation

HOSTNAME
Name of the device
Icon Description
Name appears in the spreadsheet file

Name fetched by DNS lookup

Name fetched by SNMP interrogation

DNS & SNMP names do not match

MAC ADDRESS
MAC address of the device

LAST UPDATE
Age of the presented data

38
 2 USING POM WEB INTERFACE
ACTION BUTTONS
Button Description
Mark as known host

Export to "[Link]" formatted spreadsheet file

(if no box is checked, all devices are exported – please note that only 150 devices
can be displayed in the table, whereas an export will feature the complete list)
Auto-refresh in use

Auto-refresh stopped

2.2 INVENTORY TAB

39
2.2.3 FILTERS

The filters section on the left side of the screen allows you to refine the results of the smart
discovery.

Results can be filtered either by entering text in a search field, or by checking boxes in the various
states, types, locations and network names found.

ACTION BUTTONS
Button Description
Text search field

Filter results using search field and checked boxes

Reset filters

Read-only field. Formatted, re-usable string.

40
 2 USING POM WEB INTERFACE
2.3 MAPS TAB

2.3 MAPS TAB

This section focuses on common usage of the Maps tab.

 For more advanced features, see HOW-TO: WEB INTERFACE CUSTOMIZATION – Maps

41
2.3.1 STATUS SYMBOLS

A simple and useful set of icons is at your disposal to represent all the possible states. These icons
are used throughout all map levels to identify the “worst” (most serious) of the sub-states.

Square icons represent one or more “host”, “hostgroup”, or “map” objects and their respective
services:
Icon Meaning
The host and its respective services are up and running

The host is down (no ping response)

All problems have been acknowledged

The host is in a period of downtime (scheduled stop)

Round icons represent one or more “service” objects:

Icon Meaning
The service is up and running

The service is in a warning state

The service is in a critical state

The service is down and the problem has been acknowledged

The service is in a period of downtime (scheduled stop)

The state of the service is unknown

The state of the service is pending

The declared object does not exist

42
 2 USING POM WEB INTERFACE
2.3.2 OVERVIEW PAGE

The overview page consists of two panels:

2.3 MAPS TAB

LEFT SIDE: FILTERING PANEL
 A Search field allows you to quickly find the map you are looking for.
 Smart filter boxes allow you to select the Types of maps to be displayed
 A Favorites maps list gives you a quick link to your most useful maps
 A List of maps features all available maps based on your filter selection

RIGHT SIDE: MAP PREVIEW PANEL

Add a new map (if your profile’s permissions grant it)

Open and edit map (if your profile’s permissions grant it)

Open map in detailed view

Open map in fullscreen mode (without the tabs menu)

Mark map as homepage (displayed by default in the Maps overview page)

Mark map as favorite

43
2.3.3 DETAILED VIEW

The detailed view provides the status for all of the components within the defined map. The status
symbols are used again to provide a more accurate description of the hosts, services, host groups,
service groups, and even map hierarchies.

Hovering your cursor over a status symbol will display a pop-up window. This window shows the
object type and its consolidated state. The pop-up also displays the 10 most serious problems
detected to assist you with troubleshooting and corrective action.

44
 2 USING POM WEB INTERFACE
2.3.4 CREATING AND MANAGING A MAP

Creating a new map on the POM platform is a 3-step process.

It consists of placing icons and drawing lines on a background to represent the hosts, services, host
groups, service groups, or even other maps. By doing this, you have established the relationship, in
graphical form, between all of the various elements being monitored.
This section won’t address all of the details and specifics on creating maps, but will mention the
key points you need to know to quickly and easily create new maps.

IMPORTING/CREATING A MAP BACKGROUND

The first thing you need to consider when creating a map is the background.

2.3 MAPS TAB

The background is nothing more than an image, in PNG, GIF or JPG file format. To manage map
backgrounds, click the button, which opens a window containing a form that changes
dynamically depending on the value selected:

Action: Create background image

Action: Create background image

Name Name of the background
Color (Hex) Background color in #RRGGBB hexadecimal format (e.g.: #00FF00
for green).
Width (px) Image width
Height (px) Image height

45
Action: Upload background image

Action: Upload background image

Choose an image Local path of the image file to upload to the server. You can
use the Browse button to select the file's path.

Action: Delete background image

Action: Delete background image

Choose an image Select the image you want to delete from the list provided

The most common operation when managing backgrounds is uploading an image to the server.

46
 2 USING POM WEB INTERFACE
MAP MANAGEMENT

To create a map, click the button. Here again, the form will adapt to the type of action you
select:

Action: Create map

Map Name Name of the map
Supported characters are letters, numbers, special characters - and
_
Map Iconset Iconset to use (select a std_* set)
Background Background image to use

2.3 MAPS TAB

Action: Rename map
Select map Name of the map to rename
New name New map name

Action: Delete map

Select map Choose a map to delete

Action: Export map

Select map Choose a map to export

Action: Import map

Select a map configuration file Local path of the map to import. You can use
the Browse button to select the file's path.

47
EDIT MODE
The following table lists the available buttons when editing the map:
Icon Description
Confirm the map (exit map edit mode)

Switch to map edit mode

Properties / Change map background

Enable/disable the snap-to-grid function

Host element

Service

Host group

Service group

Map - Allows you to view the state of a map inside another map

Iconset used to represent network devices*

Very useful when the map is primarily used to monitor the status of network
links
Label to enter free text within a text box.

Stateless line (not monitored)

Enable/disable the stateful line mode for the next 5 icons

 *For more info on the available shapes in the iconset, see SHAPES

48
 2 USING POM WEB INTERFACE
MODIFYING A LINK
To modify an existing link, right-click the square in the middle of the line representing the link and
select one of the 3 available options (modify settings, modify position/size, or delete)

2.3 MAPS TAB

Options to modify a link (settings, position/size, move, delete):
Label Service Line Shape

Icon Action Comment

modify the parameters are presented in a
window and they can be changed
position/size the user must define new points for
the line
delete deletion requires confirmation

move applies to a link. Require to set new

position to the link

49
2.3.5 WEATHERMAP

A weathermap creates a graphical representation of traffic on network links (input and output).

Some important points to consider when creating a network link:

 A weathermap link represents a host's NETWORK service
 The NETWORK service normally depends on the check_snmp_iface plugin developed by
POM MonitoringTM
 A link represents the network load through a single interface
Consequently, the following points should be verified:
 The host is being properly monitored via SNMP
 The dedicated service only lists one interface
 The %use string is visible in the Status information column of the NETWORK service

CREATING A NETWORK LINK

The following procedure describes how to create a weathermap link. To simplify things, let's say
that we want to visualize the traffic on a link between host (A) and remote host (B).
 Click the Line icon with two arrows pointing towards each other
 Click the Service icon
 (link to B) Click the icon representing host B to place one end of the link
 (link to A) Click the icon representing host A to place the other end of the link
 In the parameters window appearing, select the origin point of the link (in our case, host B),
then select the NETWORK service, and validate.
This procedure results in visualizing incoming and outgoing speeds, as well as traffic loads, on the
link between hosts A and B.

50
 2 USING POM WEB INTERFACE
2.3.6 GEOGRAPHICAL MAPS

For companies with multiple sites, POM features the creation of geographical maps using the
GoogleMaps API. They allow visualizing sites’ health along with their precise geographical
position, based on data registered in the SITE column of a HOSTS section of the configuration
spreadsheet file, or detailed in a SITES section.

Important note: Any site registered in a SITE column of a HOSTS section will be placed on an
automatically created Geographical Map.

2.3 MAPS TAB

A colored chip is automatically placed on each site. The color depends on the site’s current state.
When the map is zoomed out, colored chips are aggregated in larger ones, which take the most
severe color of the several sites they stand for. For a site put on downtime or for which an event
has been acknowledged, the relevant icons will replace the colored chips.
Upon clicking on a site’s chip, a pop-in displays basic information on the site (name, address, state):

From this pop-in, you can also access, by clicking on the corresponding link, to:
 An on-demand map of the site, generated from a model
 See POM-MULTISITE: On-Demand Site Maps
 A map of the site’s meta-indicator
 See MONITORING ADMINISTRATION: Spreadsheet File – META Section

51
SITE ADDRESS CONFIGURATION IN THE SPREADSHEET FILE
In order for a site to appear at the right place in a Geographical Map, you need to define its precise
address or coordinates in a SITES section of the spreadsheet file.

Example:
We have 3 sites defined as follows in a HOSTS section:

HOSTS Section
# HEADER HOSTS SITE TYPE DESCRIPTION
Metropolis PRINTER Samsung
New York City PRINTER Brother
Paris PRINTER Brother

For them to appear at the right place in a Geographical Map, we simply register their address in a
SITES section as follows:

SITES Section
# HEADER SITES SITE ID ADDRESS LATITUDE LONGITUDE GROUPS
Metropolis MET Fake Place, US, Samsung,
99999 Company
Metropolis
New York City NYC Dummy Street, US, Brother,
10000 New York Company
City
Paris PAR Rue Factice, France, Brother,
75000 Paris Company
Each value entered in the GROUPS column will generate a Geographical Map of the sites featuring
this value.

Important Note: LATITUDE and LONGITUDE columns have priority over the ADDRESS column

 For more info on the SITES section, see SPREADSHEET FILE - SITES Section

SITE STATE MODE CONFIGURATION

To define the color (state) a site will appear in, two state representation modes are available:
 meta (default mode) the site will take the current state of the site’s meta-indicator
 hostsvc the site will take the worst state among all the site’s devices

To switch from one mode to another, create a configuration file /etc/pom/wui/[Link]

that will contain the following code:
<?php
// $POM_STATE_SITE_MODE = 'meta';
$POM_STATE_SITE_MODE = 'hostsvc';
?>
You will then just have to comment a line and uncomment the other whenever you want to switch
from one mode to the other.

52
 2 USING POM WEB INTERFACE
2.3.7 SHAPES

The “shapes” button gives you access to a set of shapes that can be placed on a map. Most of these
shapes are icons and only serve as decorations on the map in the sense that they are not active
(they do not change colors). Icons come in seven different sizes: 12, 24, 32, 48, 64, 96, and 128
pixels. Refer to the following table for the full list of these icons.

List of icons available via the SHAPES button

2.3 MAPS TAB

ap camera cdrom cisco-asa cisco-building

cisco-cloud cisco-fw cisco-modem cisco-mux cisco-pbx

cisco-pix cisco-router cisco-router-iad cisco-router-sat cisco-router-voice

cisco-router-voip cisco-router-wireless cisco-sat cisco-sip cisco-softswitch

cisco-stp cisco-sw cisco-sw-isdn cisco-sw-l3 cisco-sw-voice

cisco-tape cisco-vpn computer db disc

flash fw hdd hub laptop

53
List of icons available via the SHAPES button

lock osa-vpn pda printer scanner

server server-app server-db server-file server-gw

server-id server-ldap server-mail server-media server-pom

server-term server-web site-branch site-factory site-hq

tape user-admin user-blue user-boss user-green

user-op user-two wireless

54
 2 USING POM WEB INTERFACE
2.4 LOGS TAB

2.4 LOGS TAB

This section focuses on common usage of the Logs tab.
 For more advanced features, see HOW-TO: WEB INTERFACE CUSTOMIZATION – Logs

POM is bundled with a syslog server, making it possible to receive, store, and archive logs sent
from any machine, as long as they are in syslog format.
 For more info on SYSLOG formatted logs, see HOW-TO: WEB INTERFACE CUSTOMIZATION – Logs

The Logs tab described in this section features an intuitive interface for viewing and searching
[Link] is also possible to trigger an alert if a log entry received by the server matches a predefined
pattern
 See LOGMATCH Section

55
2.4.1 OVERVIEW AND COLOR CODE

The Logs tab screen is divided into 2 sections:

 The top section is used to make changes to the various filters

 The bottom section displays the logs and lets you quickly enter words in the search field by
simply clicking on a word

In the bottom section of the screen, log lines use a color code to quickly determine the severity of
an alert. The following table lists the colors according to the severity level they represent:
Color Severity
Violet Emergency
Dark red Alert
Light red Critical
Orange Error
Yellow Warning
Bright green Notice
Pastel green Info
Off / White Debug

56
 2 USING POM WEB INTERFACE
2.4.2 INDEX

GENERAL PRINCIPLE
Logs received by POM are automatically indexed. This allows quick and efficient searches on large
quantities of data. All logs indexed on-the-fly are listed under the “Index RT (real-time)” entity.
However, because log indexing is fairly memory-intensive, all logs cannot be available
simultaneously. Dailyarchiving is therefore run in the background, moving the oldest RT index
entries to archive files according to the rules defined in the RETENTION tab of the [Link] file.
 See RETENTION Section

More generally, archive files contain all logs received by POM, while the RT index only contains a

2.4 LOGS TAB

subset of these logs.

Important note: a line logged at “debug” and “info” levels is not stored in the RT index but is instead
archived right away.

However, an administrator may need to refer to older logs to determine, for example, the cause of
a problem within the company’s infrastructure.
To make both searching and looking up logs quick and easy, POM lets you create new named
indexes based on archive files (thus creating new searchable entities).

INDEX
The Index button opens the index management dialog box and displays the indexes available. The
default index, the RT or real-time index, is always displayed and cannot be edited. If new indexes
are created, they will be displayed below the real-time index.

Click Available indexes in the dropdown menu to access two other functions in the index
management dialog box. The most important one is the Archived logs import wizard, which lets
you create a new index based on search and selection criteria.

Search criteria include:

 Date
 Category
 Group
 Host

57
Selection criteria include:
 Directory
 Category
 Archive File

After selecting the search criteria or archive file, click the button to add the selected criteria to
the entire set of criteria that will be used to create the new index.
When all of the criteria have been defined, enter a name for the new index in the index name field.
An alias can optionally be defined in the Alias or displayed name field. Finish creating the index by
clicking the Import button.
You can follow the progress of the index creation process by selecting the Import job queue
option. The following actions are available in the job import list:
 Src (see the data's source)
 Log (see all actions initiated)
 Del (delete the job)

The Status column provides information on the stage of completion. Click the Refresh button to
view the updated status.

58
 2 USING POM WEB INTERFACE
2.4.3 DOWNLOAD/ EXPORT LOGS

Displayed logs can be downloaded in CSV format (tabular data separated by a comma) by clicking
the Download button.
In the download dialog box, you have the option to download either the current view with or
without a maximum number of lines, or an archive file from the list provided.
In either option, you can choose whether or not to convert the host names to their aliases (the
ALIAS column in the spreadsheet file) or to their IP addresses.

2.4 LOGS TAB

59
2.4.4 FILTERS

There are several types of POMLog filters:

 Content filters
 Period of time filters
 Filters on the sending hosts
All of these filters are used to narrow down the stream of logs received by the POM server to
display only the information you need to see.
This section describes the different options available to create and save these filters.

FILTER INPUT FIELD

This field allows you to perform an advanced search. A filter is a set of space-separated
expressions. An easy way to create a filter is to click a word (3 characters or more) in a log line. If
multiple words are clicked, they will be added to the filter, separated by a space (essentially the
same thing as a “&” or logical AND).
Other types of separators can then be entered manually to create more complex filters. Search
priorities can be specified using parentheses.

SYNTAX HELP
A Help page is available via the Syntax button. It provides a full description of the expressions
syntax and operators available for filters.
Search expressions syntax:
expression := expression [ [ bool ] expression ... ]
expression := [ ( ] [ not ] filter | expression [ ) ]
filter := [ key [ operator ] ] value
not := !
bool := & |
key := d | h | f | s | p | m
operator := ! | < | > | : | =

The following keys are supported, matching the names of the columns displayed:
 h Host
 c Category
 f Facility
 p Program
 s Severity
 m Message
The following operators are supported:
 : contains
 < less than
 ! does not contain
 > more than

60
 2 USING POM WEB INTERFACE
SYNTAX RULES

Defaults
The default key and operator for a filter are m and : , respectively. For example, writing intrusion
is equivalent to writing m:intrusion .

Combination
Several filters can be combined in order to create a more complex expression. These filters should be
separated with a boolean:

 & logical AND

 | logical OR
Boolean operators can be omitted. In such case, the & will be used. You can combine expressions
using parentheses ( and ) ; a boolean can then be used between these groups of expressions.

The operators : and ! can be used with any key. However, the < and > operators can only be used

2.4 LOGS TAB

with the s key.

Negation
A filter or a group of filters can be negated by preceding it with the ! negation operator.

The * (asterisk) character can be used as a wildcard at the end of a filter on the host column( h key),
the program column ( p key), and the message column ( m key).

Syslog facilities
 auth  kern  local4  mail
 authpriv  local0  local5  news
 cron  local1  local6  syslog
 daemon  local2  local7  user
 ftp  local3  lpr  uucp

Syslog severity levels

 Emerg  Warning
 Alert  Notice
 Crit  Info
 Err  Debug

Example:
The expression p:exim & s>warning will filter logs based on the following criteria:
 the program field contains “exim”
 the severity field level is at least equal to “warning”

61
SEARCHING HISTORY
Creating complex filters can become tedious if you have to reenter them every time you want to
use them. Fortunately, previously used filters can be easily recalled by clicking the History button.
A particular filter can then be reapplied by clicking its index (first column). You can also remove a
filter from history by clicking the del link in the last column.
Example of the history of searches:

LOG VOLUME STATISTICS

The Statistics button generates a graph showing the differences in log volume by blocks of time.
The width of the graph represents a specified timeframe. For example, the image in the following
figure shows that the highest log volume in a 5-minute interval over the given timeframe is just
before 9:40 pm.

Hover over one of the blocks of time to display the number of log lines found and the timeframe
represented.
You can modify the start and end dates/times in which logs are displayed by clicking on one of the
blocks. After clicking Apply, the start and end dates/times appear in the From - To fields. To the
right of the graph, you can also modify the graph resolution (the duration of a block) and the
direction of the time interval (along the graph's horizontal axis).

The buttons and are used to start and stop generating data to display, respectively.

CLEARING A FILTER
The Clear button will clear the contents from the search field and any other filter selected.

LAUNCHING A SEARCH
Launch the search by clicking the Apply button. Only log lines matching the selected filter will be
displayed.

62
 2 USING POM WEB INTERFACE
START AND END DATES/TIMES

You can specify a precise time window in which logs are displayed by modifying the From-To
fields. The calendar allows you to easily select a specific date with just a few clicks and
movements of the mouse.

2.4 LOGS TAB

BOOKMARKS
Another way to filter log entries is to select one of the predefined filters in the favorites list. All
hosts sending their logs to the POM platform are saved as a favorite. Click the name of one of
these hosts to set it as a filter and click Apply to activate it.
Selecting a bookmark:

63
 As the name suggests, the Manage bookmarks entry in the Bookmarks list can be used to create a
favorite filter by taking any filtering component you wish into consideration.
A click on the Manage bookmarks list entry opens a custom filter creation form. You will notice
that a name and a time interval are associated with a bookmark filter.
Entering a custom bookmark:

DISPLAY CONTROL
You can choose how many log lines are simultaneously displayed. By default, the Limit field is set
to display 100 lines simultaneously. This value can be changed to any number between 1 and
1000.
The Offset field determines the index of the first line displayed.
The displayed lines will therefore be the lines with indexes between Offset and (Offset + Limit). For
instance, if Offset is set to 300 and the limit is set to 400, 400 lines will be displayed, the first one
being the 301st line, and the last one being the 700th line.

Finally, the minus and plus buttons are used to decrease and increase the value of Offset,
respectively, by the amount of lines indicated by Limit. In other words, you can select the next
block of log lines with the same number of lines as indicated in the Limit field.

64
65
2.5 360° (DASHBOARDS) TAB

2.5 360 (DASHBOARDS) TAB 2 USING POM WEB INTERFACE

2.5.1 OVERVIEW

The 360 ̊ tab allows you to view and define dashboards that consolidate configurable data into
small windows called widgets. Each widget is a condensed view of one or more monitoring points.

Users are able to view all of the dashboards they have permissions to, whether they are
dashboards they created themselves, public dashboards, or a dashboard another user may have
created.
This allows you to construct a view, for example, that only includes the items that are important to
the IT management team, or one that presents a summary of the email application's status to
network administrators.
This section of the POM User Guide describes how to work with dashboards and widgets.

66
 2 USING POM WEB INTERFACE
2.5.2 MANAGING DASHBOARDS

A dashboard combines multiple widgets that are arranged in one, two, or three columns.

CREATE
To create a new dashboard from scratch, click the +Dashboard button. This will open a dialog box
to enter the name and layout of the dashboard.

2.5 360 (DASHBOARDS) TAB

LIST
This drop-down list includes all of the dashboards a user has access to. The name of the owner (the
user who created the dashboard) is indicated in parentheses.

CLONE
Another way of creating a dashboard is to copy the existing dashboard. The copied dashboard will
automatically be given a name (Copy of <original_name>), and the number of columns and widgets,
along with their settings, will be identical.

EDIT
The Edit button opens a dashboard settings dialog box to edit the following items:
 Name
 Layout (number of columns)
 Mode

67
DELETE
A dashboard can be deleted by its owner by clicking the Delete button.

MODE
By default, private mode is enabled. The dashboard can also be set to shared or public mode.
Regardless of the mode, the administrator can view and manipulate all dashboards. The modes
listed below are therefore for the user, irrespective of the administrator's particular access.

Private
Only the user who created this dashboard will be able to view and make changes to it. This is the
default mode.

Shared
Only users who belong to a profile with the appropriate permissions set will be able to view this
dashboard.
Setting a dashboard to shared mode is therefore a 2-step process:

 The dashboard owner clicks the Shared button

 The administrator grants a profile permission to access the dashboard

Public
Anyone connected to POM and belonging to a profile that allows access to the 360° tab can view this
dashboard, in read-only mode.

 For more info on setting up profiles, see USING POM WEB INTERFACE: Configuration – Permissions

Note: being authorized to view a dashboard does not imply also being authorized to view the individual
widgets. It is quite possible to access a dashboard without being able to view a single widget within it.

 For more info, see MANAGING WIDGETS

68
 2 USING POM WEB INTERFACE
2.5.3 MANAGING WIDGETS

Widgets are ready-to-use, configurable views of specific monitoring points. The number of different
widget types is therefore fixed, since each widget template is designed by POM developers.
This section describes how to work with widgets, but also discusses the different widget templates
available and their settings.

CREATE
To create a new widget, click the +Widget button and then the widget template you want to use
from the provided list. Another window will appear to specify its settings. Instead of clicking the
+Widget button, you can also hover your mouse over an area not currently occupied by a widget

2.5 360 (DASHBOARDS) TAB

and click inside the frame showing a sign.
The newly created widget will appear as a new window in the dashboard. This window contains
two icons to either edit or delete the widget.

EDIT
This icon opens the same dialog box as if you were creating a new widget, so that you can modify
its settings.

DELETE
This will delete the widget after confirming your action.

Important note: the icon for creating a widget will still be visible, even if you do not have the
appropriate permissions in POM to view the content. This is equivalent to being able to write a query,
but not being authorized to run itnor see its results.

Insufficient user rights to view a widget will result in this error window:

69
2.5.4 WIDGET TEMPLATES

EVENTS
Concise view of a subset of the event tray. You can filter the events shown just as you would do in
the Events tab.

Available settings:
Setting Description
Title Text appearing in the window's title bar. There are several variables
available, using the format %variable%:
levelinformation contained in the Level setting
filterinformation contained in the POM Events filter setting
limitinformation contained in the Number of lines setting
infomleninformation contained in the Info max. length setting
fontsizeinformation contained in the Base font size (px) setting
Level Filter based on the severity level of the monitoring points shown. The
possible levels are the same as those in the View level selector in the
Events tab*
POM Events filter Filter based on the column contents. You can create the filter as described
for Filter in the Events tab*
Number of lines Maximum number of lines to display
Duration Enables/disables the display of the Duration column
Information Enables/disables the display of the Information column
Last check Enables/disables the display of the Last check column
Info. max length Limits the number of characters displayed in the Information column. This
value should be tested because it affects how all of the elements in the
widget are displayed, based on the selected font size.
Base font size (px) This determines the size of the font.

 *See FILTERING OBJECTS

70
 2 USING POM WEB INTERFACE
APPLICATION PERFORMANCE GRAPH
This widget shows the performance of an application based on a referenced [Link] performance
graph shows the response quality of all the elements of an application, based on 100, i.e:
compared to a common base value.
Each curve represents the response of an element of the [Link] values stand for good
quality whereas low values stand for low quality.

2.5 360 (DASHBOARDS) TAB

Available settings:
Setting Description
Title Text appearing in the window's title bar. There are several variables
available, using the format %variable%:
appliinformation contained in the Application setting
periodinformation contained in the Period setting
modeinformation contained in the Graph type setting
heightinformation contained in the Graph height (px) setting
Application name of the focused application
Period time window shown in the graph
Graph type display mode. Available values are:
Technical graphjavascript interactive mode
Dynamic graphrough RRD mode
Graph height (px) height of the graph in pixel

71
AVAILABILITY GRAPH
Displays an availability graph (i.e., colors of areas based on the status of a monitoring point) - OK ,
WARNING , CRITICAL , UNKNOWN (e.g., status of a host).

Available settings, using the format %variable%:

Setting Description
Title the title that is displayed in the bar at the top of the widget window. There
are several variables available:
hostinformation contained in the Host setting
svcinformation contained in the Service setting
periodinformation contained in the Period setting
modeinformation contained in the Modesetting
heightinformation contained in the Graph height (px) setting
Host the machine being monitored
Service the service you want to see in the graph
Period time window shown in the graph
Map type type of map
normal⇔ map made by the user or meta autogenerated map
automap⇔ Nagvis automap, based on monitoring dependencies
Graph height (px) height of the graph, in pixels Note that the height of the widget is, of
course, greater than this value (due to the title bar).

72
 2 USING POM WEB INTERFACE
PERFORMANCE GRAPH
Displays a performance graph (i.e., representing values such as PING).

2.5 360 (DASHBOARDS) TAB

Available settings:
Setting Description
Title the title that is displayed in the bar at the top of the widget window. There
are several variables available, using the format %variable%:
hostinformation contained in the Host setting
svcinformation contained in the Service setting
periodinformation contained in the Period setting
modeinformation contained in the Modesetting
heightinformation contained in the Graph height (px) setting
Host the machine being monitored
Service the service you want to see in the graph
Period time window shown in the graph
Map type type of map
normal⇔map made by the user or meta autogenerated map
automap⇔Nagvis automap, based on monitoring dependencies
Graph height (px) height of the graph, in pixels. Note that the height of the widget is, of
course, greater than this value (due to the title bar).

73
MAP
View of a map out of the Maps tab. All maps found in the Maps tab may be displayed in a Map
widget.

Available settings:
Setting Description
Title Text appearing in the window's title bar. There are several variables
available, using the format %variable%:
mapinformation contained in the Map setting
Map type type of map
normal⇔map made by the user or meta autogenerated map
automap⇔Automap, based on monitoring dependencies
Map the name of the map to display
Top offset in px size of top padding in pixel
Left offset in px size of left padding in pixel

74
 2 USING POM WEB INTERFACE
META-INDICATOR: COMPONENT TABLE

2.5 360 (DASHBOARDS) TAB

Available settings:
Setting Description
Title Text appearing in the window's title bar. There are several
variables available, using the format %variable%:
metainformation contained in the Meta indicator setting
periodinformation contained in the Incidents since setting
typeinformation contained in the Incidents type setting
fontsizeinformation contained in the Base font size (px) setting
Meta indicator META to be displayed
Incidents since focused period
Incidents type SOFT or HARD incident type
Unavailability time level of unavailability (WARNING, CRITICAL, UNKNOWN)
Display root meta indicator indicate whether root meta indicator element should be
displayed or not
Meta indicator max. chars. META name length restriction
Base font size (px) size of displayed font in pixel

75
META-INDICATOR LIST: AVAILABILITY OVERVIEW
Displays a summary of the state of an application. By default, all of the applications are displayed.
You must therefore create a widget for each application by adjusting the Include and Exclude
settings to allocate the various applications to separate widgets.
If the value of setting Health is Critical, then a click on the line shows a list of faulty elements
(cause of critical state).

Available settings, using the format %variable%:

Setting Description
Title Text appearing in the window's title bar. There are several variables
available:
periodinformation contained in the Availability on setting
ere-inclinformation contained in the Include regex setting
ere-exclinformation contained in the Exclude regex setting
fontsizeinformation contained in the Base font size (px) setting
Availability on Reporting period for SLA calculation (service-level agreement). For a given
period of unavailability, the displayed state may therefore be different,
depending on the time frame selected.
Note: the options below define a period of availability starting from the time frame indicated. For the
other periods, SLA is calculated based on the last selected unit of time (e.g., 1 day: calculated based
on the last 24 hours).
Hour availability from the beginning of the current hour. If it is 3:16 pm, SLA
will be calculated based on 16 minutes.
Day availability from the beginning of the current day
Week availability from the beginning of the current week
Month availability from the beginning of the current month
Note: The starting point for the calculation is the last time the RRD database was loaded (which is
every 5 minutes).
Include regex Regular expression* describing the applications or sub-applications to
include. This setting, as well as the Exclude setting, lets you define exactly
which applications you want the widget to display.
Exclude regex Idem, describing the applications or sub-applications to exclude.
Base font size (px) This determines the size of the font.

 * See POSIX extended regular expressions

76
 2 USING POM WEB INTERFACE
META-INDICATOR: DETAILED AVAILABILITY
This widget is divided in two parts.

2.5 360 (DASHBOARDS) TAB

Left side
On the left side is the application tree structure. It is possible to show or hide sub-parts by clicking
on an intersection (little gray triangle).

Right side
On the right side is the information about the element selected in the tree.
If the element is a meta-indicator (tree node):
 Indicator: name of the indicator
 Health: instant meta-indicator state, based on its components states
 Information: general information on the meta-components
 Availability: availability rate for the given period. Depends on the components
 Service level: value depending on the SLA levels and the availability the service level is
drawn as a gauge
 Variation: current availability compared to the availability of the previous period the
variation is drawn as a rectangle on the right of the gauge
If the element is a service (tree leaf):
 Host: host name that the service depends on
 IP address: device network address
 Service: service name
 State: current service state - check number/total check - check state (SOFT or HARD)
 Availability: service availability rate for the period
 Service level: the value depends on the SLA set to the parent META
 Variation: current availability compared to the availability of the previous period

77
Available settings:
Setting Description
Title Text appearing in the window's title bar. There are several variables
available, using the format %variable%:
metainformation contained in the Meta indicator setting
periodinformation contained in the Availability on setting
treemaxwidthinformation contained in the Tree max width (%) setting
fontsizeinformation contained in the Base font size (px) setting
Meta indicator name of the focused meta
Availability on time window chosen to calculate the SLA (service-level agreement). For
an unavailability of a given duration, the presented state might be
different, depending on the chosen period.
Note: the following options are special as they provide the availability from the beginning of the
given period. For other periods, calculus is done on the last chosen time unit (e.g.: 1 day: calculus on
the last 24 hours).
hour availability from the beginning of the current hour
day availability from the beginning of the current day
week availability from the beginning of the current week
month availability from the beginning of the current month
Tree max width (%) This setting restrains the tree from being too large
Base font size (px) size of displayed font in pixel
Note: Starting point of the calculus is the last change in RRD database that happens every 5 minutes.
Max tree width (%) restricts the width of the left part of the widget
Font size (px) set font size in pixel

78
 2 USING POM WEB INTERFACE
OVERALL STATE SUMMARY
Displays a graphical representation (in pie chart form) of the overall monitoring state. The main
chart (state counter) shows the proportion of monitoring points that are in a given state.
The second chart, which depends on the Mode setting, shows all the alerts. The chart breaks these
alerts down into alerts that are acknowledged (blue) and those that are not (gray).
Numerical values - number of monitoring points in a particular state - are shown in a table. If both
charts are displayed, this table is located in the upper part of the window.

2.5 360 (DASHBOARDS) TAB

Available settings:
Setting Description
Title Text appearing in the window's title bar. There are several variables
available, using the format %variable%:
pieheightinformation contained in the Pie height (px) setting
fontsizeinformation contained in the Base font size (px) setting
Pie height (px) Vertical height of the pie chart. Since the proportions in the chart stay the
same regardless of its height, using large values in this setting may cause
extra spaces to be added above and below the charts if the column width
is not able to display the full width of the chart.
Mode How data is displayed. There are three possible modes:
State countersDisplays the “State counter” chart with the table of values on
the left side of the widget
State counters + open/newDisplays the “State counter” and “open/new”
charts with the table of values in a single row above the charts
State counters + open/new + alt. headerDisplays the “State counter” and
“open/new” charts with the table of values in two rows above the charts. This
mode makes the data easier to read by clearly showing the two different ways
alerts are broken down: by state and by acknowledgement status.
Donut effect The donut effect displays a hole in the middle of the chart.
Base font size (px) This determines the size of the font.

79
PERFORMANCE GRAPH OF A VIGROUP
Displays a graphical representation of the performance of a ViGroup in a virtualization context,
through the percentage of CPU or MEM used on the hypervisor.

Note: This widget cannot be used in an AWS context

Available settings:
Setting Description
Title Text appearing in the window's title bar. There are several variables
available, using the format %variable%.
Period time window shown in the graph
Hostgroup The virtual machine group being monitored. Corresponds to a ViGroup
value
Service the service you want to see in the graph (CPU or MEM)
Graph height (px) height of the graph, in pixels Note that the height of the widget is, of
course, greater than this value (due to the title bar).

80
 2 USING POM WEB INTERFACE
PERFORMANCE LISTING OF A VIGROUP
Displays a list of ViCPU or ViMEM usage for each VM of each hypervisor in a ViGroup.
Lists are sorted:
 by hypervisor
 then by state severity (CRITICAL first, OK last)

2.5 360 (DASHBOARDS) TAB

Available settings:
Setting Description
Title Text appearing in the window's title bar. There are several variables
available, using the format %variable%
Hostgroup The virtual machine group being monitored. Corresponds to a ViGroup
value
Service the service you want to see in the graph (ViCPU or ViMEM)
Limit Maximum number of listed VMs per hypervisor
Base font size (px) This determines the size of the font.
Truncate output Maximum number of characters displayed in each state line of the list

81
 2 USING POM WEB INTERFACE
2.6 REPORTS TAB

2.6 REPORTS TAB

This section focuses on common usage of the Reports tab.

 For more advanced features, see HOW-TO: WEB INTERFACE CUSTOMIZATION – Reports

83
2.6.1 OVERVIEW

POM’s reports provide users with a summary of monitoring data over a particular period of time.

Nature of the data and layout of the reports are based on report templates. Several pre-defined
templates are available, and it is also possible to create your own report templates from
customizable widgets. Every template can promptly be copied and/or adapted to its intended
purpose.
Report generation uses the template to create an instance of the report that meets the specific
parameters (target, date, etc.) set when generating the report.

84
 2 USING POM WEB INTERFACE
2.6.2 REPORT TEMPLATES

Eight default report templates are available in the drop-down menu on the right side of the screen.
Just click the name of the report template to go to the form where you can create or look up the
corresponding report.

2.6 REPORTS TAB

The default report templates prepared by POM Monitoring TM are:
 - NEW - Network capacity analysis
 APM health report
 Application performance
 Availability of several applications
 Capacity report: disk
 Detailed availability of an application
 Host report
 Monitoring report

In addition to these preset templates, you can create your own report templates, by clicking on the

button next to the templates drop-down menu.

85
2.6.3 WIDGETS

Just like Dashboards, Reports are composed of different customizable widgets. When creating a
new report template, you get to choose from a wide list of available widgets:

We encourage you to browse through the many possibilities and try them out to find the tool that
best suits your reporting needs.
Reports are generated in PDF and HTMLformat. They can be viewed directly in the browser by
clicking the Display as HTML button, or can be downloaded and viewed in a PDF reader.
To create a report, select the desired report template from the options available in the Select a
report template menu to the right of the screen. Then click the Generate a new report link, which
opens the appropriate form to fill out, depending on the template you selected. Each field of the
form is documented in italics so you can easily fill in the blancks.

Do not forget that some fields are pure regex expressions. For example, to exclude C: and Z: disks, write
^(C:|Z:)$

86
 2 USING POM WEB INTERFACE
2.6.4 REPORT TEMPLATE CREATION

FROM AN EXISTING TEMPLATE

To create a template based on an existing one, select it in the drop-down menu on the right side of
the screen.

2.6 REPORTS TAB

Then, once the template is displayed, click on the Clone button to begin creating your
customized version.

BRAND NEW TEMPLATE

To create your own report template from a blank one, simply click the button next to the
templates drop-down menu, and enter a title for the new template:

CREATION PROCESS

You can add widgets to a template with the button in lower left side of the
screen,

Or you can rearrange them using the tool box at your disposal in the upper-right
corner of every widget frame.

Once the report suits your needs, click on the Save button.
If a required field is not set, it will appear in red:

87
2.6.5 REPORT GENERATION

ON-DEMAND REPORT GENERATION

To manually generate a report, select a template, then click on the button in the
upper-left corner. You will be redirected to the on-demand generation screen, where you will have
to choose a reference date, and set other instance paramaters if the particular template requires it.

Once all fields are set, click on the button. The generated report will now appear
in the list of reports on the main screen of the Reports tab.

SCHEDULED GENERATION
You can also make POM automatically generate reports at regular intervals by choosing the
generation by scheduled task. To do so, select a report template then click the
button.

Once every field is set, clcik on the button. Generated reports will appear in
the list of reports on the main screen of the Reports tab.

88
 2 USING POM WEB INTERFACE
2.7 CONFIGURATION

The POM configuration tool can be accessed through the configuration link in the upper right-hand
corner of the screen.

2.7 CONFIGURATION
This tool allows you to configure three main areas of the platform directly within the web
interface:
 Permissions to set up user access rights
 System to configure the key Linux components
 Objects to define the global settings for configuration objects in POM, which
don't belong in the spreadsheet file

89
2.7.1 PERMISSIONS

PROFILES
A profile is a set of rules that determines which POM modules users may access. Users are assigned
to only one profile so that the access permissions for all users in that profile can be modified from
a central location.

Important note: A profile can be thought of as a group that users are placed in. Assigning a profile to a
user is actually the same thing, but we reserve the use of the term “group” in this document for groups
(of hosts or services). We will discuss this later when defining user access rights.

Profiles can be listed, created, modified, or deleted from the profile management screen.

DEFAULT PROFILES
Three profiles are available by default:
 admins (Administrators): POM system administration. By default, the only user in this
profile is admin
 default (Default profile): read-only permissions. All new users are assigned to this profile.
Another designated user will then move new users into the appropriate profile.
 public (Public profile): permissions given to a user that connects anonymously, without a
password to connect to POM. The anonymous account is used when the public access option
is checked on the log-in page (Connection). This profile is typically used to display
monitoring data on a screen that anyone can see.
These three profiles cannot be deleted, and the permissions for the admins profile cannot be
modified.

MODIFYING A PROFILE
With the exception of the admins profile, all of the listed profiles can be modified.
Profile settings can be modified by clicking one of the icons next to each of the profile names.
Edit: Page to change the name and alias (display name) fields.
Page to create a new profile is discussed later.
Users: Page to assign users to the profile.
The form for assigning users to the profile is then displayed. The Available list on the left side of
the screen includes users that are not currently assigned to that profile. The Selected list on the
right side of the screen includes users that are already assigned to the current profile. Use the left
and right arrow buttons to move users from one side to the other.

90
 2 USING POM WEB INTERFACE
Important note: a user in the Available list means that he or she does not belong to the current profile,
but may already belong to another profile. If you move a user over to the Selected list, it will remove the
user from the profile he/she used to belong to.

Form for assigning users to a group:

2.7 CONFIGURATION
Permissions: Page to define user access rights

Access to modules
This form is used to define global access to each POM module. These modules represent the tabs
within the POM web interface. Some modules require you to specify the level of access in the Per
object-type permissions section seen on next page.
If, for example, you want users to be able to view only certain maps, you must first check the POM
Maps checkbox in this section, then specify the level of access for those maps in the Per object-
type permissions section.

91
Per object-type permissions
POM dynamically creates the entries in this section from its configured elements. The tables below
are populated during the configuration generation process, and may therefore vary in size.
The permissions available for each of these elements are:
 View grants read-only access to an element or the hosts associated with that element
 Notify allows users to be notified when an alert is triggered for this element
⇒ applies to Events tab
 Act allows users to modify the status of alerts associated with the element or hosts
associated with that element
⇒ applies to Events tab
 Modify allows users to make changes directly to the element
⇒ applies to Maps tab
 Generate allows users to generate an instance of the element
⇒ applies to Reports tab
Check the checkbox for the level of access you want to grant users for each element.
 All, including new grants global access (for a given permission access level) to all
elements in a table, including future ones. For example, if you create a Management profile
and check All, including new for the View access level in the Hostgroup table, all
users associated with this profile will be able to view monitoringinformation (in the Events
tab) for all hosts.

Hostgroup

The permissions granted in this table will only be valid if the profile authorizes access to POM
Events. The Hostgroup table lists the various groups created based on the elements provided in the
configuration spreadsheet. Every host registered in POM belongs to a SITE and is associated with a
HOST TYPE (TEMPLATE column). By default, POM generates groups based on these elements.
Every host registered in the HOSTS tab of the spreadsheet therefore belongs to at least one Site
group and one Type group in the table.

92
 2 USING POM WEB INTERFACE
The first part of their name indicates where they come from:
 Site indicates a group that was created based on the SITEcolumn in the spreadsheet
 Type indicates a group that was created based on the TEMPLATE column in the
spreadsheet
 Group indicates a group that was created based on the spreadsheet’s GROUP column

META indicator
The permissions granted in this table will only be valid if the profile authorizes access to POM
Events.
Important: these are the same elements as those shown in the Events tab. They do not refer to the
graphs generated by the METAs. Permissions for graphs are defined in the Map table, as discussed
below.

2.7 CONFIGURATION
Map
Permissions granted in this table will only be valid if the profile authorizes access to POM Maps.

Note: “META” and “Automap” maps are automatically generated and therefore cannot be modified.

Report
The permissions granted in this table will only be valid if the profile authorizes access to POM
Reports.

93
 Shared dashboard
The permissions granted in this table will only be valid if the profile authorizes access to POM
360°.
The table elements are dashboards that have been set to Shared.

Specific permissions
This section is used to grant special administrative permissions for each of the POM modules.

Delete: Delete a profile

The profile will be permanently deleted after clicking this icon and confirming your action.

CREATING A PROFILE
Create a new profile by clicking the New profile button and filling out the simple form as shown in
the figure below. Enter a name (may include alphanumeric characters, dots, dashes, and
underscores, but no spaces) and optionally, an alias (display name).
Finish creating the profile by clicking the Submit button or Back to cancel. If necessary, the Reset
button will quickly clear all fields.

94
 2 USING POM WEB INTERFACE
USERS
A user refers to set of data that enables an individual to log into POM.
Click the Users link under the Permissions section in the configuration tool to see the list of users
that have been created on the POM platform. Users are listed in a table whose columns are
explained in the table “List of fields in the new user creation form” below.

2.7 CONFIGURATION
A new user is created in POM by simply clicking the Create new user button, which opens the
following form:

The following points require particular attention:

 The Email address field activates notifications, according to the permissions defined in
the user's assigned profile
 The Password field must be at least 6 characters long

95
List of fields in the new user creation form
Login Name used to log in
Display name Name displayed in the web interface (in the upper right-hand
corner)
Email address Email address used to send email alerts to the user
Phone number Phone number required to receive SMS notifications
Timezone User timezone
Language User language
Profile Profile that the account is associated with
Password Account password (must be at least 6 characters long)
Enable user access Yes/no
Host notification commands Mail / SMS alert commands
Host notification period As set in Objects>Periods
Host notifications enabled Yes/no
Service notification commands Mail / SMS alert commands
Service notification period As set in Objects>Periods
Service notifications enabled Account activation status. An account may be temporarily
disabled by selecting the “No” option.

96
 2 USING POM WEB INTERFACE
2.7.2 SYSTEM

This section of the UI is used to configure POM server settings.

LICENSES
The Licenses section is used to manage your POM licenses.

2.7 CONFIGURATION

It allows you to view the list of currently installed licenses, and to upload a new license package
(in .tar archive format) to your POM server.
If your monitored hosts count exceeds the limit provided by your license, it will appear in red in
the Use column.

AUTHENTICATION
This section is used to configure LDAP/Active Directory settings.

97
The goal is to be able to log into POM using an LDAP account, without specifically having to create
a user account as described in the Users section.
Once properly set up, a user account is automatically created on the POM server using data
collected from the LDAP server. All future log-in attempts will be submitted to the LDAP server.
However, if for some reason the LDAP server is unavailable, the local account may be used.

Automatic profile matching

POM can automatically match LDAP groups with POM user profiles. When a user registered in the
LDAP connects to POM for the first time, POM creates the new user and fetches all parent groups
from the LDAP. If LDAP group names match with existing profiles in POM, then the new user is
automatically assigned to these profiles. If no match is found, the new user will be assigned to the
default profile.

General parameters
The Authentication try fields are used to choose the type of authentication: local or LDAP. If the
value LDAP is set in the first field and local in the second field, POM will first try to authenticate
the user through the LDAP server, and will revert to local authentication if the LDAP server is
unavailable.

Variables
To define LDAP parameters, 3 variables are at your disposal:
 %d for a domain
 %u for a login
 %D for a user DN

LDAP parameters
The values entered in this section depend heavily on how the LDAP server is configured.
LDAP authentication parameters
Server URI URI used to connect to LDAP server
Syntax: ldap[s]://host[:port][ ?starttls]
Option "timeout" timeout delay, 6 usually fits
Option "follow referrals" 1 implies trying on other LDAP server if the search fail
on the main one. The 0 value forbids this behavior
Base DN LDAP domain, may be preceeded with the OU
(Organisational Unit) value
Bind DN LDAP path used for binding, depends on the type of
LDAP (AD or OpenLDAP) - see examples below
Allowed group #1 LDAP path of the group that contains users to be
authenticated
Allowed group #2 other LDAP group
Lookup user group list user group filter, depends on the type of LDAP (AD or
OpenLDAP) - see examples below
Attribute for group name LDAP attribute for group name, depends on the type of
LDAP (AD or OpenLDAP) - see examples below
Lookup for a user entry user search filter, depends on the type of LDAP (AD or
OpenLDAP) - see examples below
Attribute for user login LDAP username attribute, depends on the type of LDAP

98
 2 USING POM WEB INTERFACE
(AD or OpenLDAP) - see examples below
Attribute for user display name LDAP display username attribute, usually displayName
Attribute for user email address LDAP mail address attribute, usually mail
Attribute for user telephone number LDAP tel number attribute, usually mobile or pager

Example of LDAP parameters : Active Directory

Server URI ldap://[Link]:289
Option "timeout" 6
Option "follow referrals" 0
Base DN DC=mydomain,DC=dom
Bind DN mydomain\%u
Allowed group #1 CN=user01,CN=Users,DC=mydomain,DC=dom
Allowed group #2

2.7 CONFIGURATION
Lookup user group list See remarks below
Attribute for group name sAMAccountName
Lookup for a user entry sAMAccountName=%u
Attribute for user login sAMAccountName
Attribute for user display name displayName
Attribute for user email address mail
Attribute for user telephone number mobile

Example of LDAP parameters : OpenLDAP

Server URI ldap://[Link]:289
Option "timeout" 6
Option "follow referrals" 0
Base DN o=mydomain,c=priv
Bind DN uid=%u,cn=nagios,o=mydomain,c=priv
Allowed group #1 users
Allowed group #2
Lookup user group list (&(memberUid=%u)(objectClass=posixGroup))
Attribute for group name cn
Lookup for a user entry (&(uid=%u)(objectClass=posixGroup))
Attribute for user login uid
Attribute for user display name displayName
Attribute for user email address mail
Attribute for user telephone number pager

LDAP Parameters - Remarks

The filter you will use in the Lookup user group list field will depend on whether you need
nested-groups support:
 If you don't need nested-groups support, simply use member=%D

99
 If you need nested-groups support, we advise you to use this OID-including filter:
(&(objectCategory=group)(member:1.2.840.113556.1.4.1941:=%D))

100
 2 USING POM WEB INTERFACE
NETWORK
Network menu parameters
Hostname The hostname, preferably the FQDN ([Link]-
[Link]).
Example: [Link]
Visible hostname Hostname as it will appear on other memebers of the network.
Equivalent to the system-public-hostname parameter of the
pomcfg tool
Description A short description for the server. Equivalent to the pom-
description parameter of the pomcfg tool
Network bonding In POM 5.4, interface bonding is disabled by default. To use
bonding as was the case by default in previous versions, click Yes
DHCP protocol Toggle IP address acquisition via DHCP
IP address IPv4 address

2.7 CONFIGURATION
Subnet mask Written in dotted decimal notation (e.g.: [Link])
Default gateway Default gateway for the server
DNS server IPv4 address of the name resolution server.
SMTP relay IPv4 address of the mail server. This is important information for
sending e-mail alerts.
SMTP relay authentication Authentication parameters for outgoing e-mails
Alias for root user e-mail address to which POM system notifications should be sent.
Equivalent to the former Root Alias entry of the System menu
NTP server IPv4 address of the time server. This is a very important parameter
and should be specified immediately after installing the POM
server to ensure alerts have the correct timestamps.
Syslog server IPv4 address of the SYSLOG server
Enable HTTPS Toggle use of secured HTTPS protocol for the web interface
HTTPS certificate key Browse to certificate key location
HTTPS certificate file Browse to certificate file
HTTP/HTTPS/FTP proxy Proxy server information is specified in these fields:
HTTP proxy address IPv4 address or name
HTTP proxy port value between 1 - 65535. Port number is
usually 3128 or 8080.

101
DEBUG

The Debug menu allows you to open a channel with POM support.
 POM server must be connected to the internet and must have access to [Link]-
[Link] ([Link]) on port 443 (HTTPS)
 This connection will use the HTTPS proxy defined in the NETWORK menu (see previous
page)

102
 2 USING POM WEB INTERFACE
ADVANCED CONFIGURATION
This new menu entry allows you to configure, directly from the web interface, all server parameters
that could only be set using command line in previous POM versions, via the pomcfg tool.

2.7 CONFIGURATION

103
104
 2 USING POM WEB INTERFACE
Each parameter is documented on the right side of the screen.
Ticking a box will set the parameter to its default value.

Once all your parameters are set, don't forget to click the Submit button at the bottom of the page

2.7 CONFIGURATION

105
2.7.3 OBJECTS

CREDENTIALS
The Credentials section is the place to create credentials data that are accessible by the plateform
and referenced in the spreadsheet file.
A credential object contains a name, an alias (description), and one or more fields designed to store
the credential datas necessary to register on a system. The type and the number of available fields
are set by the credential type.
Available credentials types are:
 aws
 crypted
 esx
 generic
 google-analytics
 nsc
 proxy
 snmp
 ssh
 wbem
 web
 wmi

List
The credentials list is a quick way to know existing credentials and their type. It is shown after a
click on the section Objects > Credentials.

Create
A click on the button Create new credential opens a form to :
 choose a type
 set the name
 set the alias
 set a value for every other field

106
 2 USING POM WEB INTERFACE
Usage
POM needs credential data to connect to monitored systems. These data are fetched by providing a
credential name in the POM configuration spreadsheet file, in a HOSTS or SERVICES section, in the
CREDENTIALS column.
Example:
Given an enterprise where two SNMP communities are defined to monitor devices:
 publicSRV for servers
 networkSNMP for network devices
Two credentials of type SNMP are required:
type name alias SNMP_VERSION SNMP_COMMUNITY
snmp snmp_srv SNMP for servers 2c publicSRV
snmp snmp_net SNMP for network devices 2c networkSNMP

2.7 CONFIGURATION
In the spreadsheet file, HOSTS section, CREDENTIALS column, type snmp_srv for server entries and
snmp_net for network devices entries.

Domain
For specific types of credentials, such as wmi, you might need to include the Windows domain in
the credential's parameters.
To do so, simply include the domain in MS_USER, using the syntax: DOMAIN\USER

Creating credentials

107
 Usage in the spreadsheet file

COMMANDS
The Commands section provides more advanced configuration options by listing all of the existing
check commands available in the POM platform. You can also create new commands from
available or downloaded plugins.
 For more info, see FROM PLUGINS TO TEMPLATES: Check Commands

PERIODS
There are two different ways to enter notification periods:
 In the NOTIFICATION-PERIOD column of the spreadsheet file
 See MONITORING ADMINISTRATION: Spreasheet File - HOSTS Section
 Defined in the web interface, then processed by the spreadsheet file
The first method is easy and convenient, and is suitable for most cases. However, it does not allow
you to enter multiple sets of days. For example, you cannot define a range of hours for sending
notifications Monday through Friday, and a different range of hours for Saturday and Sunday for
the same host or the same service.
The second method, however, allows you to define very complex notification periods. The general
approach is to define periods and to give them a name that can then be specified in the
NOTIFICATION-PERIOD column.
The fields in new period entry form are:
Name Content type Comment
Directory Text to select Directory where the definition file will be saved. Directories
listed are those declared by the variables cfg_dir in the
/etc/nagios/[Link] file AND writable by user
apache
File Restricted text Name of the period definition file. No spaces allowed, may only
use characters [alphanumeric, dot, dash, underscore]. The .cfg
extension is automatically added.
Name Restricted text Identifier that will be specified in the NOTIFICATION-PERIOD or
CHECK-PERIOD column of the HOSTS or SERVICES section of the
spreadsheet file. Only supports characters [alphanumeric, dot,
dash, underscore].
Alias Free text Short description. This field supports any printable character.
Definition Timeperiod Valid instructions are described in the Nagios documentation . To
instructions deactivate notifications, simply use the never timeperiod

108
 2 USING POM WEB INTERFACE
Example of timeperiod definition
Directory /etc/pom/wui/nagios
File [Link]
Name wh-monitoring
Alias Monitoring working hours
Definition monday 06:00-23:00
tuesday 06:00-23:00
wednesday 06:00-23:00
thursday 06:00-23:00
friday 06:00-23:00
saturday 08:00-20:00
sunday 08:00-12:00,14:00-18:00

2.7 CONFIGURATION
The resulting file will therefore be:
[root@pom-demo-40 nagios]# cat /etc/pom/wui/nagios/[Link]
# Generated by /opt/pom/www/config/htdocs/[Link] - Fri Dec 6 [Link] CET 2013
define timeperiod {
timeperiod_name wh-monitoring
alias Monitoring working hours
monday 06:00-23:00
tuesday 06:00-23:00
wednesday 06:00-23:00
thursday 06:00-23:00
friday 06:00-23:00
saturday 08:00-20:00
sunday 08:00-12:00,14:00-18:00
}

Important note: the syntax 08:00-12:00,14:00-18:00 will interrupt monitoring between 12:00
and 14:00. You can use this syntax to take weekly maintenance downtime into account, for example.

Example of how a period is used in the spreadsheet file:

 See also HOW-TO: WEB INTERFACE CUSTOMIZATION – Working Hours Settings

109
DOWNTIMES

Allows you to set downtimes for registered hosts or services

You can also set add or delete downtimes using HTTP requests.
 See HOW-TO MONITORING ADMINISTRATION: Setting Up Server Downtimes Via HTTP Requests

110
 2 USING POM WEB INTERFACE
2.7.4 CONFIGURATION STATE

The system configuration can be verified by clicking the Check again link under the Configuration
state section.
The result will be displayed right above the Check again link:

⇔ Configuration is correct

2.7 CONFIGURATION
⇔ Configuration is incomplete

111
 3 POM SERVER ADMINISTRATION
3 POM SERVER
ADMINISTRATION

113
 3.1
POM SERVER INFO

115
3.1 POM SERVER INFO 3 POM SERVER ADMINISTRATION
3.1.1 SERVER DIRECTORY STRUCTURE

POM CONFIGURATION
POM configuration takes place in the subdirectories of:
/etc/pom

POM INSTALLATION
The POM installation directories are located in:
/opt/pom

116
 3 POM SERVER ADMINISTRATION
3.1.2 SERVER PORTS AND STREAMS

IN A POM-HA CONTEXT
 See POM INFRASTRUCTURE ADMINISTRATION - POM-HA
In a HA (High Availability) context, the following streams/ports must be allowed between two POM
servers:
 ICMP protocol
 VRRP protocol
 TCP 22 (SSH)
 TCP 601 (SYSLOG)
 TCP 7789 (DRBD)

3.1 POM SERVER INFO

IN A POM-HYPERVISION CONTEXT
 See POM INFRASTRUCTURE ADMINISTRATION - POM Hypervision
In a POM-Sat / POM-Hypervision context, the following streams/ports must be allowed between
two POM servers:

From POM hypervisor to POM satellite:

 TCP 22 (SSH)

From POM satellite to POM hypervisor:

 TCP/UDP 514 (SYSLOG)

117
119
3.2 QUICKSTART INSTALLATION PROCEDURE

3.2 QUICKSTART INSTALLATION PROCEDURE 3 POM SERVER ADMINISTRATION

3.2.1 REQUIREMENTS

The monitoring machine, whether it is physical or virtual, must be well sized, as it will handle the
whole monitoring load.

SIZING
The following values allow to monitor up to 10 000 services approximately, which correspond to
an average of 1 000 devices monitored. This sizing fits for a single POM server.
 RAM: 4 Gb
 Hard drive: 150 Gb (high performance disks - 15000 rpm, set as RAID1 or RAID10)
 CPU: 4 cores

NB: The machine should be able to boot from a CD-ROM or an ISO file image. POM is a bundled
solution (including the OS - CentOS) that is meant to be installed on a machine (physical or virtual),
thus the installation of an on OS apart is of no use.

POM MACHINE SETUP PARAMETERS

The following parameters are required to configure the POM server
 IP address
 default gateway
 host name
 domain name
 NTP server (set system time)
 DNS server (name resolution)
 Proxy server (http, https, ftp)
 Proxy port (http, https, ftp)

NETWORK PERMISSIONS
POM must be allowed to throw requests to every monitored device. Thus it is important that it can
access to all needed networks and that firewalls allow ICMP, SNMP or required protocols for the
device.
Depending on the devices security policy, it could be important to request network authorizations
as soon as possible to avoid slowing down the monitoring deployment process.

SNMP SETUP ON TARGET DEVICES

As most default monitoring points rely on SNMP protocol, it is mandatory to activate and setup this
service on target devices.
 See HOW-TO: SERVER ONEOFF OPERATIONS – Activating SNMP

120
 3 POM SERVER ADMINISTRATION
WMI SETUP ON TARGET DEVICES
Some monitoring points rely on WMI protocol (e.g.: Windows Exchange). In that case it is mandatory
to activate and setup this service on target devices.
 See HOW-TO: INTEGRATION – Setting up WMI

USING SYSLOG FORMATTED LOGS

POM is also a log management system. Any device on the LAN may send a copy of its logs. For that
to be possible, the device must be setup.
 See HOW-TO: WEB INTERFACE CUSTOMIZATION – Setting up SYSLOG formatted logs

CREATING OTHER ACCESSES

Some monitoring points imply the connection to an application, it is then important to prepare

3.2 QUICKSTART INSTALLATION PROCEDURE

read-only accounts dedicated to monitoring. These accounts should have sufficient rights to read
the technical information to be monitored.
The following elements are examples that need the use of credentials (login / password)
 Database
 Authenticated web sites
 Virtualization software (VMWare, VSphere, ESX)

121
3.2.2 SERVER INSTALLATION

POM 5.4 now offers you two installation methods:

From a CD-ROM / USB stick, as was the case with previous version
From an .OVA Virtual Machine (VM) file, if you intend to virtualize your POM server

CD-ROM / USB INSTALLATION METHOD

In your BIOS settings, make sure your machine can boot on a CD-ROM or USB stick. Switch off the
machine and insert the CD-ROM or the POM installation USB stick, then turn the machine on.
After a short time a welcome screen will appear, showing several options.
Select Install POM (Hardware RAID or single drive) and accept.

The installation process starts and should reach completion without any interaction needed.
However, if your machine is fitted with brand new (not yet initialized) hard drives, a dialog box
may appear. Simply choose the option Re-initialize all.

122
 3 POM SERVER ADMINISTRATION
After installation is complete, the machine will reboot.

NB: Depending on the machine's BIOS settings, the system may reboot from the CD-ROM and resume to
the welcome screen. In that case, remove the CD-ROM from the drive. You can then either restart the
machine or, alternatively, select the option “Boot from local drive” which should be automatically
highlighted and executed after 1min. Press Enter to skip the waiting time.

3.2 QUICKSTART INSTALLATION PROCEDURE

The POM grub boot screen will then appear for a short time (5sec), before automatically launching
the system.

123
.OVA FILE INSTALLATION METHOD

Important note: This installation method is dedicated to virtualized POM server solutions. Prior to
installing the POM server, you must therefore own a hypervisor server equipped with virtualization
software such as VMWare ESX, Oracle VM / VirtualBox, HyperV, Xen, KVM...

In the following, we will use the simple example of a VirtualBox hypervisor. Installation method is
similar for all hypervisors.
Open you hypervisor and, rather than creating a new virtual appliance, choose to import / open
one.

Select the POM 5.4 .OVA file

The OVA appliance we propose is pre-configured with 512MB RAM. This is a minimum
requirement. Feel free to adapt it to your monitoring needs.

124
 3 POM SERVER ADMINISTRATION
Click on the import button.

The import will take a few moments, then the POM server will appear in your hypervisor's VM list.

3.2 QUICKSTART INSTALLATION PROCEDURE

You can now start your POM VM.

Note: Depending on your hypervisor, you may get an error message regarding network interfaces when
you start up your POM VM.

If so, simply open the VM's settings, then revalidate the network settings (this will make your hypervisor
automatically adapt to your system's interfaces layout.

125
3.2.3 INITIAL CONFIGURATION

When POM is run for the first time, a connection prompt will appear on the display.

A new feature of POM 5.4 is the automatic acquisition of an IP address via DHCP, allowing you to
directly use the monitoring platform without further configuration. To do so, note down the address
given in the prompt and go to Connection to web interface in next pages.

If you want to assign a precise IP address to your POM server, or configure other settings like
default gateway, you can now use POM's new online configuration tool in the web interface.
 See POM WEB INTERFACE: Configuration

To use command line configuration, log in to your server using the admin account:

login: admin
password: **********

Please contact our support team in case you forgot the default password.
As a measure of basic security, we recommend a password change for the admin account as soon
as you log in to the server for the first time.
Run the command admin-chpwd and type (twice) your new password for the admin account:

Note : if you do not perform this basic step, POM will notify you shortly, with a CRITICAL alert in the
Events tab, that your default password hasn't been changed.

126
 3 POM SERVER ADMINISTRATION
We will describe below the configuration of:
 The machine's IP address
 The machine’s subnet mask expressed in CIDR notation (i.e. by using the count of leading 1
bits in the mask)
 An NTP time server address - important step, in order to avoid incoherent monitoring points
test timestamps.

These three configuration steps must be performed with superuser privileges, using the pomcfg
tool that comes with your POM platform. Please refer to the example hereafter and the
corresponding outputs in the terminal:

sudo pomcfg set net−cidr=[Link]/24 \

net−gw=[Link] \
ntp-server=[Link]

3.2 QUICKSTART INSTALLATION PROCEDURE

If DHCP is enabled, the ‘pomcfg set net-cidr=’ command automatically disables DHCP

To see a full list of the pomcfg tool's current settings, use the command sudo pomcfg:
[admin@pomsrv ~]$ sudo pomcfg
auth-ldap-base-dn=
auth-ldap-bind-dn=
auth-ldap-display-attr=displayName
auth-ldap-email-attr=mail
auth-ldap-group-allow=
auth-ldap-group-attr=sAMAccountName
auth-ldap-group-filter=member=%D
auth-ldap-login-attr=sAMAccountName
auth-ldap-pager-attr=pager
auth-ldap-referrals=
auth-ldap-timeout=6
auth-ldap-uri=
auth-ldap-user-filter=sAMAccountName=%u
auth-order=local
debug-events=0
debug-reports=0
dns-server=[Link]
events-default-popin=0
events-enable-column-address=1
events-enable-column-groups=1
events-notify-on-ack=1
ftp-proxy=
hostname=pomsrv
http-proxy=
https-proxy=
maps-geographic-status=meta
net-cidr=[Link]/24
net-enable-bonding=0
net-enable-dhcp=0
net-gw=[Link]
net-if=lo;eth0
net-ip=[Link]
net-mask=[Link]
ntp-server=
pom-default-language=fr_FR
pom-description=POM
pom-email-address=pom@pomsrv
pom-housekeeper-retention-days=7

127
 pom-sender-notifications=POM Notifications
pom-sender-reports=POM Reports
pomgen-default-esx-password=password
pomgen-default-esx-user=admin
pomgen-default-host-template=generic-host
pomgen-default-iftype-allowed-list=
pomgen-default-ms-password=password
pomgen-default-ms-user=admin
pomgen-default-nomon-command=check-host-nomon
pomgen-default-nsc-secret=secret
pomgen-default-ping-interval=0.2
pomgen-default-service-template=generic-service
pomgen-default-snmp-auth-password=pompassword
pomgen-default-snmp-auth-protocol=MD5
pomgen-default-snmp-community=public
pomgen-default-snmp-port=161
pomgen-default-snmp-priv-password=pomsecret
pomgen-default-snmp-priv-protocol=DES
pomgen-default-snmp-sec-level=authPriv
pomgen-default-snmp-sec-name=admin
pomgen-default-snmp-transport=UDP
pomgen-default-snmp-version=2c
pomgen-default-ssh-port=22
pomgen-default-ssh-user=admin
pomgen-default-windows-ifname-filter=*,!WAN
Miniport*,!Miniport*WAN*,!Miniport*Moniteur*,!*QoS*,!*WFP*,!*LightWeight*,!RAS *,!*
RAS,!*-0000
pomgen-enable-crond=0
pomgen-enable-hostname-resolution=1
pomgen-enable-ipv4-resolution=1
pomgen-ha-autosync=0
pomgen-host-escalation-options=d;u;r
pomgen-meta-escalation-options=u;c;r
pomgen-service-escalation-options=u;c;r
root-alias=
same-proxy-for-all-protocols=1
smtp-server=
smtp-server-auth=
syslog-server=
system-enable-https=0
system-https-cert=/etc/pki/tls/certs/[Link]
system-https-key=/etc/pki/tls/private/[Link]
system-poller=NAGIOS
system-public-hostname=pomsrv
system-snmp-community=public
system-snmp-contact=support@[Link]
system-snmp-location=

As we've just seen, to set one or more of these parameters, use the command:
sudo pomcfg set [parameter]=[value]
You can set several parameters by leaving spaces between them

To reset a parameter to its default value, use the command:

sudo pomcfg unset [parameter]

Please note that all these parameters can now be set directly from the web interface, in the Network
and Advanced configuration entries of the Configuration menu.

 See POM WEB INTERFACE: Configuration

128
129
3.2 QUICKSTART INSTALLATION PROCEDURE 3 POM SERVER ADMINISTRATION
CONNECTION TO WEB INTERFACE
To ensure proper operation of the machine, open a web browser and go to the POM server's
address.

SSL certificate
In POM 5.4, connection to POM web interface is done via HTTP by default, instead of HTTPS as was
previously the case. You can enable HTTPS at any time in the web interface's revised Network
configuration page.

 See POM WEB INTERFACE: Configuration - Network

When HTTPS is enabled and first accessing the machine via a web browser, a security exception is
required, since the server is using a self-signed SSL certificate.
The following screenshots show a security exception confirmation on a Chrome browser:
Choose Add Exception

Then Confirm Security Exception

130
 3 POM SERVER ADMINISTRATION
First connection
Once you're set for your first connection, the POM web interface login box will appear.

3.2 QUICKSTART INSTALLATION PROCEDURE

Once again, login account is admin :

login: admin
password: **********

If everything has been correctly set up, you should then be directed to the Events tab of the
monitoring interface.

End of configuration using the web interface

You must now conclude the platform's configuration by going to the configuration link in the upper-
right corner of the interface. The parameters for the Network section, in particular, need to be properly
set up.

 See USING POM WEB INTERFACE: Configuration

131
133
3.3 HOW-TO: SERVER MAINTENANCE

3.3 HOW-TO: SERVER MAINTENANCE 3 POM SERVER ADMINISTRATION

3.3.1 LOGGING IN AS ROOT

In order to perform many maintenance tasks on the POM server, you will need to log in as root
user. To do so, when connected as admin, simply use the following command:
[admin@pom-server ~]# root

MOMENTARILY ASSUME ROOT PRIVILEGES

To execute commands as root while staying logged in as admin, use the usual sudo command:
[admin@pom-server ~]# sudo ping [Link]

134
 3 POM SERVER ADMINISTRATION
3.3.2 REBOOTING AND SHUTTING DOWN THE SERVER

REBOOT THE SERVER

[root@pom-mon ~]# reboot

SHUTDOWN THE SERVER

[root@pom-mon ~]# halt

Note: to start the server again, you will, of course, need to use the server power button

3.3 HOW-TO: SERVER MAINTENANCE

135
3.3.3 UPDATING & UPGRADING A POM PLATFORM

Important note: the “rolling release” approach described below became a simple and safe procedure
with POM 5.2. For earlier versions of POM, we do not recommend that you try to update the system
without help from the POM support. Updates from POM 4.1 to 5.0 and 5.0 to 5.1 in particular have a
high impact on the system core and must be handled with great care.

The POM platform is based on a CentOS Linux distribution. Therefore, it can be updated just as any
other Linux distribution.
The yum tool allows you to update the integrated Linux system as well as the POM application
[root@pom-mon ~]# yum update

DISPLAYING CURRENT VERSION OF CENTOS AND LINUX SYSTEM

[admin@pom-mon ~]$ cat /etc/centos-release
CentOS release 6.7 (Final)

[admin@pom-mon ~]$ uname -a

Linux [Link] 2.6.32-504.8.1.el6.x86_64 #1 SMP Wed Jan 28 [Link] UTC
2015 x86_64 x86_64 x86_64 GNU/Linux

DISPLAYING CURRENT RELEASE OF POM

[admin@pom-mon ~]$ rpm -q pom-release
pom-release-5.4.0~[Link]

[admin@pom-mon ~]$ cat /opt/pom/release

5.4.0

136
 3 POM SERVER ADMINISTRATION
POM RPM PACKAGES INFORMATION
To get the list of RPM packages installed by POM, run the following command:
[admin@pom-mon ~]$ rpm –qa | grep pom-

RPM package name description

pom-base System tools and basic blocks
pom-birt-runtime Reporting engine
pom-box Additional elements to transform Linux system into POM system
pom-builtins All C coding functions
pom-cli Command Line Interface configuration
pom-dashboard WUI 360° tab
pom-doc Documentation
pom-elog Logging tools
pom-events WUI Events tab

3.3 HOW-TO: SERVER MAINTENANCE

pom-extrarepos Device-specific repositories (e.g.: Dell)
pom-gen Monitoring onfiguration
pom-logmatch Pattern matching features
pom-logs WUI Logs tab
pom-maps GoogleMaps tools
pom-mibs Management Information Base over SNMP (OID database)
pom-nagios Non-POM tools settings for integration to POM (including check
commands)
pom-nagvis Maps engine
pom-plugins Monitoring plugins
pom-release Dependencies
pom-reports WUI Reports tab
pom-rotate Screen roolover tool
pom-rrt Round Robin Toolbox (metrology backend)
pom-syslog2pg SYSLOG to postgreSQL archiving conversion tool
pom-system Exim features
pom-text2syslog SNMP trap to SYSLOG conversion tool
pom-ws Web services (backend-frontend communication abstraction layer)
pom-wui Web User Interface libraries, etc.
pom-wui Web User Interface configuration

137
3.3.4 BACKING UP & RESTORING A POM PLATFORM

BACKUP COPIES
POM backup copies can be found in two directories:
 Logs and entries of the database can be found in the directory /data.
 The POM platform's configuration is saved in the directory /var/backup/housekeeper
by the housekeeper tool.

Housekeeper tool
The Housekeeper backup tool runs automatically every night at 1:30. You can run it instantly
(you must be logged in as root) with the following command :
[root@pomsrv ~]# housekeeper

It creates in the directory /var/backup/housekeeper a backup of the POM platform config

(/home/admin/incoming), of installed rpm packages, and of parts of the POM system (in /etc
and /opt/pom).

You can configure housekeeper by editing its configuration file, which is located at
/etc/pom/housekeeper/[Link].
In this config file, the DUMP_RETENTION variable sets the number of days housekeeper keeps
backup files (7 by default):
DUMP_RETENTION=7
You can also add a line with the CLEAN_RRD_TTL_DAYS variable, which sets how long .RRD and
.TXT files of the RRD database can stay unmodified before being archived (default is 31 days).
Archived data will be stored in /data/rrd and their filenames will be of the form:
[Link]

RESTORATION PROCEDURE
1. Reinstall POM 5.4
2. Deactive cron elements in /etc/cron.d/pom-box
3. Stop the following services: nagios, mysqld, postgresql-9.1,
syslog-ng, snmptrapd, httpd
4. Set up network configuration with the pomcfg tool
 See QUICKSTART INSTALLATION PROCEDURE
5. Update POM with the command yum update
6. Put back contents of /data
7. Put back contents of /var/backup
8. Put back contents saved by housekeeper in /etc, rpm, rpm-
added, rpm-verify, /opt/pom, /home/admin/incoming
9. Start the following services: nagios, mysqld, postgresql-9.1,
syslog-ng, snmptrapd, httpd
10. Reactivate cron elements in /etc/cron.d/pom-box

138
 3 POM SERVER ADMINISTRATION
3.3.5 MIGRATING/DUPLICATING A POM PLATFORM

CONTEXT
In the particular case of transfering POM from a virtual machine to a physical server without using
tools offered by the virtualization platform, a specific procedure is required in order to avoid data
loss.
The context of our example is as follows:
 The company's domain name is [Link]
 The POM platform is installed on a virtual machine
hostname=[Link]
hostdesc=POM v5.4 VM
net-cidr=[Link]/24
net-gw=[Link]

3.3 HOW-TO: SERVER MAINTENANCE

dns-server=[Link]
ntp-server=[Link]
 The company just acquired a duly sized physical machine, installed in the server room,
connected to the network and reachable from a KVM. This machine will be granted internet
access for updates and packages installation needs. The target configuration is as follows:
hostname=[Link]
hostdesc=POM v5.4 PHY
net-cidr=[Link]/24
net-gw=[Link]
dns-server=[Link]
ntp-server=[Link]

Important note: while migrating, the temporary IP address [Link]/24 will be allocated to
phy to prevent conflicts.

139
PROCEDURE

Note: All steps must be performed in command line, as root user.

 Update the POM system on vm

[root@vm ~]# yum update
 Install POM on phy
 Configure network with the temporary IP address on phy
 Udpate the POM system on phy
 Generate an ssh key without password on phy
[root@phy ~]# ssh-keygen
 Authorize phy to connect (as root) with this ssh key
[root@phy ~]# ssh-copy-id root@vm
 Still on phy, ensure connection to vm works
[root@phy ~]# ssh vm
 List and install missing RPMs on phy
[root@phy ~]# yum install $(grep -v -f <(rpm -qa | sort) <(ssh vm "rpm -qa | sort"))
 Stop services on vm, then on phy
for s in nagios \
mysqld \
postgresql-9.1 \
syslog-ng \
httpd \
smb-only \
nmb \
winbind ; do \
service $s stop ; done
 On phy, initiate the data copy from vm to phy. Note: Nagios must be stopped on vm
[root@phy ~]# [[ -z $(ssh vm "service nagios status" | grep pid) ]] && while read ; do
rsync -Pav vm:$REPLY $REPLY ; done <<EOF
/home/admin/incoming/
/opt/pom/
/etc/nagios/
/etc/pom/
/etc/samba/
/etc/httpd/
/etc/krb5.*
/etc/[Link]
/root/.[Link]
/data/
EOF
sync
 Swap the two machines' IP addresses
On vm
service network stop ; sleep 20 ; pomcfg set net-cidr='[Link]/24' ; service
network restart
On phy (within 20 seconds of running the command on vm)
pomcfg set net-cidr='[Link]/24'
 Restart POM services on phy only
[root@phy ~]# for s in nagios \
mysqld \
postgresql-9.1 \
syslog-ng \
httpd \
smb-only \
nmb \
winbind ; do \
service $s start ; done
 Check everything works as expected on phy

140
 3 POM SERVER ADMINISTRATION
3.3.6 INCREASE /DATA PARTITION SIZE

You may want to increase the size of the /data partition after adding a physical or virtual hard
drive to your POM server. In the following procedure, we will use the case of a physical hard drive.
Procedure for a virtual hard drive is similar.

Note: you must perform all the following tasks with superuser privileges.

CREATE A PRIMARY LINUX PARTITION

[root@pomsrv ~]# cfdisk /dev/sda
Create a primary Linux partition named /dev/sda8

3.3 HOW-TO: SERVER MAINTENANCE

INITIALIZE THE PARTITION
[root@pomsrv ~]# pvcreate /dev/sda1
Physical volume "/dev/sda8" successfully created
In case an error occurs, force detection of the partition with the following command:
[root@pomsrv ~]# partx -v -a /dev/sda
Then run the pvcreate command again.

FETCH LOGICAL VOLUME NAME AND PATH

[root@pomsrv ~]# lvdisplay
--- Logical volume ---
LV Path /dev/data/full
LV Name full
VG Name data
LV UUID fczMYJ-XSjf-quv1-Ka5U-IyB6-n6YI-vcMNvL
LV Write Access read/write
LV Creation host, time [Link], 2015-10-20 [Link] +0200
LV Status available # open 1
LV Size 29.59 GiB
Current LE 947
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:0

ADD PARTITION TO DATA VOLUME GROUP

[root@pomsrv ~]# vgextend data /dev/sda8
Volume group "data" successfully extended

141
FETCH AVAILABLE PHYSICAL VOLUME EXTEND AMOUNT
Look for the value of the Free PE (Physical Extend) entry (384 in the following example)
[root@pomsrv ~]# pvdisplay
--- Physical volume ---
PV Name /dev/sda8
VG Name data
PV Size 12.02 GiB / not usable 18.33 MiB
Allocatable yes
PE Size 32.00 MiB
Total PE 384
Free PE 384
Allocated PE 0
PV UUID KMt2CU-Sjkq-Z0gx-vMcQ-mezw-mBaA-KC7Tyn

INCREASE LOGICAL VOLUME SIZE

[root@pomsrv ~]# lvresize -l +384 /dev/data/full
Size of logical volume data/full changed from 29.59 GiB (947 extents) to 41.59 GiB (1331
extents).
Logical volume full successfully resized

STOP ALL SERVICES LIKELY TO WRITE IN /DATA

[root@pomsrv ~]# service perf2rrd stop
Stopping perf2rrd: [ OK ]
[root@pomsrv ~]# service nagios stop
nagios is stopped
[root@pomsrv ~]# service mysqld stop
Stopping mysqld: [ OK ]
[root@pomsrv ~]# service ndoutils stop
Stopping ndo2db: [ OK ]
[root@pomsrv ~]# service syslog-ng stop
Stopping syslog-ng: [ OK ]
[root@pomsrv ~]# service snmptrapd stop
Stopping snmptrapd: [ OK ]
[root@pomsrv ~]# service postgresql-9.1 stop
Stopping postgresql-9.1 service: [ OK ]

RESIZE THE FILE SYSTEM

This step may take several minutes, depending on the partition size.
[root@pomsrv ~]# resize2fs /dev/mapper/data-full
resize2fs 1.41.12 (17-May-2010)
Filesystem at /dev/mapper/data-full is mounted on /data; on-line resizing required
old desc_blocks = 2, new_desc_blocks = 3
Performing an on-line resize of /dev/mapper/data-full to 10903552 (4k) blocks.
The filesystem on /dev/mapper/data-full is now 10903552 blocks long.

CHECK THE RESIZING WAS INDEED PERFORMED

[root@MAPOM ~]# df -H
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 8.4G 1.7G 6.3G 21% /
tmpfs 258M 0 258M 0% /dev/shm
/dev/sda1 252M 49M 190M 21% /boot
/dev/mapper/data-full
44G 453M 42G 2% /data
/dev/sda5 4.1G 164M 3.8G 5% /var
/dev/sda3 8.4G 85M 7.9G 2% /var/backup
tmpfs 135M 0 135M 0% /var/nagios/checkresults

142
 3 POM SERVER ADMINISTRATION
RESTART PREVIOUSLY STOPPED SERVICES
[root@pomsrv ~]# service postgresql-9.1 start
Starting postgresql-9.1 service: [ OK ]
[root@pomsrv ~]# service snmptrapd start
Starting snmptrapd: [ OK ]
[root@pomsrv ~]# service syslog-ng start
Starting syslog-ng: [ OK ]
[root@pomsrv ~]# service ndoutils start
Starting ndo2db: [ OK ]
[root@pomsrv ~]# service mysqld start
Starting mysqld: [ OK ]
[root@pomsrv ~]# service nagios start
nagios is stopped
Cleanup nagios checkresults: [ OK ]
Starting nagios: [ OK ]
[root@pomsrv ~]# service perf2rrd start
Starting perf2rrd: [ OK ]

3.3 HOW-TO: SERVER MAINTENANCE

143
3.3.7 RENEWING SSL CERTIFICATE

SAVING THE CURRENT CERTIFICATE

[root@pom-mon ~]# cp -a /etc/pki/tls/certs/[Link] \
/etc/pki/tls/certs/[Link]

GENERATING THE CSR BY ANSWERING COMPANY-RELATED QUESTIONS

[root@pom-mon ~]# openssl req -new \
-key /etc/pki/tls/private/[Link] \
> /etc/pki/tls/certs/[Link]
You are about to be asked to enter information that will be incorporated into your
certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:US
State or Province Name (full name) []:NEW YORK
Locality Name (eg, city) [Default City]:NEW YORK CITY
Organization Name (eg, company) [Default Company Ltd]:MY_GREAT_COMPANY
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:[Link]
Email Address []:root@localhost

Please enter the following 'extra' attributes

to be sent with your certificate request
A challenge password []:
An optional company name []:

GENERATING THE CERTIFICATE

[root@pom-mon ~]# openssl x509 -req -days 365 \
-in /etc/pki/tls/certs/[Link] \
-signkey /etc/pki/tls/private/[Link] \
-out /etc/pki/tls/certs/[Link] # <<<<<<<<<<<<<<
Signature ok
subject=/C=FR/ST=FRANCE/L=PARIS/O=MY_GREAT_COMPANY/OU=IT/CN=[Link]/emailA
ddress=root@localhost
Getting Private key

RESTARTING APACHE WEB SERVER

[root@pom-mon ~]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]

144
145
3.4 HOW-TO: SERVER ONEOFF OPERATIONS

3.4 HOW-TO: SERVER ONEOFF OPERATIONS 3 POM SERVER ADMINISTRATION

3.4.1 SETTING UP LANGUAGE

POM web interface comes in three possible languages: French, English and German.
Default language is French, and you can modify this setting in two ways:

MOMENTARILY
By adding ?i18n=<language_code> at the end of the url in your browser

Force French language:

[Link]

Force English language:

[Link]

Force German language:

[Link]

PERMANENTLY
By editing the language configuration file /etc/pom/wui/[Link]

Set French as default language:

[root@p50 ~]# cat /etc/pom/wui/[Link]
<?php
// Define default LC_MESSAGE and LC_TIME locale.
// Supported values: fr_FR, en_US, de_DE
//
define('LANG_DEFAULT', 'fr_FR');
?>

Set English as default language:

[root@p50 ~]# cat /etc/pom/wui/[Link]
<?php
// Define default LC_MESSAGE and LC_TIME locale.
// Supported values: fr_FR, en_US, de_DE
//
define('LANG_DEFAULT', 'en_US');
?>

Set German as default language:

[root@p50 ~]# cat /etc/pom/wui/[Link]
<?php
// Define default LC_MESSAGE and LC_TIME locale.
// Supported values: fr_FR, en_US, de_DE
//
define('LANG_DEFAULT', 'de_DE');
?>

146
 3 POM SERVER ADMINISTRATION
3.4.2 ACTIVATING SNMP

OVERVIEW
As POM monitoring functionalities rely heavily on SNMP (Simple Network Management Protocol),
it is necessary to activate it on target hosts.

The SNMP protocol uses an agent installed on the monitored host. This functionality is usually
provided by the host's system. The agent has 2 distinct operating modes:
 Server mode: In this mode, the agent listens to the port 161/udp and replies to requests.
 Trap mode: In this mode, the agent sends to an SNMP trap server, on port 162/udp,
information relative to events occuring on its host.

Default configuration for the agent in POM is the server mode, that will allow most common

3.4 HOW-TO: SERVER ONEOFF OPERATIONS

checks (CPU, RAM, disk, network, etc.). But it is still possible to use trap mode to send information
that will feature in the Logs view and will be used to generate specific alerts (Events view)

Setting SNMP on a host includes:

 Activating SNMP
 Ensuring that the target host broadcasts all needed info via SNMP
 Ensuring that the POM server is allowed to perform requests.

ON WINDOWS SYSTEMS

Installation on Windows Server 2003

 Start menu> Control Panel > Programs and Features
 Add/remove Windows Components (will launch the wizard)
 Select Management and Monitoring Tools and click the Details button
 Check the SNMP box (you can also check WMI SNMP Provider if WMI usage is planned)

Note: you will need the Windows Server 2003 installation CDs to perform the above tasks

Installation on Windows Server 2008

 Start menu> Control Panel > Programs and Features
 Click Turn Windows features on or off
 In Server Manager, click Add Features
 Check SNMP Services

147
Configuration

Note: on Windows Server 2008, you may need to log out after SNMP installation, and log in again to
see all tabs related to SNMP

 Start Menu > Run > [Link]

 SNMP service > Properties
In the Security tab
Add a Read Only Community
For community name, give the registered DNS name or the POM server's IP address

In the Agent tab, check all elements

148
 3 POM SERVER ADMINISTRATION
ON LINUX/UNIX SYSTEMS

Install SNMP server (snmpd)

RedHat/CentOS
yum install snmpd

Debian
aptitude install snmpd

Configure SNMP server

Snmpd configuration is defined in the file /etc/snmp/[Link]
The purpose of this example is to get the minimal needed configuration.

3.4 HOW-TO: SERVER ONEOFF OPERATIONS

You may want to make a backup copy of the config file provided at installation and replace its contents
by the following lines.

The following lines will define the public COMMUNITY, VERSION 2c, without restriction on
informations provided by the SNMP server (OID)
### SNMP SERVER ###
#com2sec SECNAME SOURCE COMMUNITY
com2sec full default public

#group GROUP VERSION SECNAME

group full v2c full

#view VNAME TYPE OID [MASK]

View full included .1

#access GROUP CONTEXT VERSION LEVEL PREFX READ WRITE NOTIFY

Access full "" any noauth exact full none none

### SNMP TRAP ###

authtrapenable 1
trapcommunity public
trap2sink POM-SERVER

Note: POM-SERVER is the DNS name of the POM server. This name must be registered on the host.

Restart snmpd service

service snmpd restart

149
ON NETWORK DEVICES
SNMP is normally installed on all network devices, therefore no installation procedure is needed.
However, SNMP is deactivated by default on most devices, and the admin will have to activate the
functionality.

Examples on the most common devices:

Cisco
configure terminal
snmp-server community <community_name> RO
snmp-server host <IP_POM_server> v2c

HP Procurve
configure terminal
snmp-server community "<community_name>" Operator
snmp-server host <IP_POM_server> community "<community_name>"

Dell
configure terminal
snmp-server community <community_name> ro
snmp-server host <IP_POM_server> v2c

Nortel
configure terminal
snmp-server community "<community_name>" ro
snmp-server host <IP_POM_server> "<community_name>"

150
 3 POM SERVER ADMINISTRATION
3.4.3 SETTING UP A PERSISTENT ROUTE

If monitored devices are located on a different network than the POM server's, it may be necessary
to add a persistent route that will be established on network service startup.

On RedHat/CentOS, such routes are defined in config files for the corresponding interfaces, and
located in /etc/sysconfig/network-scripts.
In POM, the main interface is, by default, bond0, which is an aggregated interface bond.
Therefore, the corresponding config file will be /etc/sysconfig/network-scripts/route-bond0.

Example:
The POM platform, IP [Link], is located on the network LAN1: [Link]/24,
default gateway [Link].

3.4 HOW-TO: SERVER ONEOFF OPERATIONS

Check registered routes:
[root@pom ~]# ip route
[Link]/24 dev bond0 proto kernel scope link src [Link]
default via [Link] dev bond0

The POM platform must monitor all machines on the network LAN2: [Link]/16

Add the adequate route on bond0:

[root@pom ~]# echo '[Link]/16 via [Link] dev bond0' > /etc/sysconfig/network-
scripts/route-bond0

Restart network service to check the new route has been registered:
[root@pom ~]# service network restart
Shutting down interface bond0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface bond0: [ OK ]

[root@pom ~]# ip route

[Link]/24 dev bond0 proto kernel scope link src [Link]
[Link]/16 via [Link] dev bond0
default via [Link] dev bond0

151
3.4.4 MANAGING LARGE DRIVES

This section applies to Linux systems running a net-snmp server.

 For more info on SNMP, see HOW-TO: SERVER ONEOFF OPERATIONS – Setting up SNMP

The hrStorageAllocationUnits (in net-snmp configuration file /etc/snmp/[Link]) does not

report real allocation unit size, but some calculated value so hrStorageAllocationUnits *
hrStorageSize gives real size of the filesystem. This calculation happens only when
hrStorageSize is too small (32bits) for filesystem size, e.g. filesystems larger than 8TB with 4096
bytes block size. This calculation can be turned off by the realStorageUnits config option.

In case the reported drive size is lower than expected, the only action needed is to declare the
following line in the config file of the SNMP agent interrogated by POM:
realStorageUnits 0

Below is an excerpt from the [Link] man page, detailing the purpose of the realStorageUnits
parameter:

realStorageUnits

controls how the agent reports hrStorageAllocationUnits, hrStorageSize and hrStorageUsed in

hrStorageTable. With this option set to 0, the agent re-calculates these values for big storage
drives with small allocation units so hrStorageAllocationUnits x hrStorageSize gives
real size of the storage.

Example:

Linux xfs 16TB filesystem with 4096 bytes large blocks will be reported as
hrStorageAllocationUnits = 8192 and hrStorageSize = 2147483647, so 8192 x 2147483647 gives
real size of the filesystem (=16 TB).

Setting this directive to 1 (=default) turns off this calculation and the agent reports real
hrStorageAllocationUnits, but it might report wrong hrStorageSize for big drives because the value
won't fit into Integer32. In this case, hrStorageAllocationUnits x hrStorageSize won't
give real size of the storage.

152
 3 POM SERVER ADMINISTRATION
3.4.5 SETTING UP A BEAGLEBONE AS A POM CONSOLE

The following section describes how to set up a Beaglebone machine intended to serve as POM
console.

PREPARING THE MICROSD FLASH DRIVE

Detailed information on this step can be found on these reference sites:
[Link]
[Link]
[Link]

Below is an example of command to execute when the microSD card is inserted in a device such as

3.4 HOW-TO: SERVER ONEOFF OPERATIONS

a smartphone and mounted in /dev/mmc:
# xzcat [Link] > /dev/mmc

BOOT FROM MICROSD CARD RATHER THAN INTERNAL EMMC

If the microSD card is bootable, the machine will automatically boot from it.
For other cases, please refer to the following procedure:
[Link]

153
OPEN CHROME IN KIOSK MODE AT STARTUP
When preparing the microSD card, the xsessionrc must be modified for the autologged user debian.
The following code allows Chrome in kiosk mode (full screen, no alerts), and only after the target
host is DNS-resolved. Waiting for this last step to be completed may take 30 to 60 seconds.
# mount /dev/mmcblk0p2 /mnt/disk
# cat >> /home/admin/.xsessionrc << EOF
SITE=[Link]
HOST=${SITE#*://}
HOST=${HOST%%/*}
( # wait for host to be resolved before starting chrome
while ! host $HOST ; do sleep 1 ; done
set -e
CHROMIUM_TEMP=~/tmp/chromium
rm -Rf ~/.config/chromium/
rm -Rf $CHROMIUM_TEMP
mkdir -p $CHROMIUM_TEMP
GOOGLE_API_KEY="no" \
GOOGLE_DEFAULT_CLIENT_ID="no" \
GOOGLE_DEFAULT_CLIENT_SECRET="no" \
chromium \
--disable \
--disable-translate \
--disable-infobars \
--disable-suggestions-service \
--disable-save-password-bubble \
--disk-cache-dir=$CHROMIUM_TEMP/cache/ \
--user-data-dir=$CHROMIUM_TEMP/user_data/ \
--start-maximized \
--ignore-certificate-errors \
--kiosk "$SITE" & ) &
EOF
# umount /mnt/disk

ADAPTING X SERVER TO CONSOLE ROLE

By default, X server checks for presence of keyboard and mouse and will not start if they are
missing. Moreover, screen will go to sleep mode after a few minutes of inactivity. These default
settings must be deactivated to meet the console-only needs.
# mount /dev/mmcblk0p2 /mnt/disk
# cat >> /etc/X11/[Link] << EOF
Section "Monitor"
Identifier "Builtin Default Monitor"
Option "BlankTime" "0"
Option "StandbyTime" "0"
Option "SuspendTime" "0"
Option "OffTime" "0"
EndSection
EOF
# umount /mnt/disk

154
155
3.5 HOW-TO: WEB INTERFACE CUSTOMIZATION

3.5 HOW-TO: WEB INTERFACE CUSTOMIZATION 3 POM SERVER ADMINISTRATION

3.5.1 EVENTS

DEFAULT SETTINGS FOR THE EVENTS VIEW

Columns displayed by default

Displaying certain columns by default is possible by creating a dedicated configuration file in
/etc/pom/events

Important note: to avoid overwriting previously entered data, you must use the precise syntax described
in the example below in the address and groups columns.

Example:
Create the file /etc/pom/events/[Link]
Set its permissions as such:
[root@pom ~]# chown root: /etc/pom/events/[Link]
[root@pom ~]# chmod a-x,ug-w,a+r,u+w /etc/pom/events/[Link]
Then edit it and insert the following lines:
<?php
$COLUMN_DEFINITION['address']['opts'] |= COL_ENABLED;
$COLUMN_DEFINITION['groups']['opts'] |= COL_ENABLED;
?>

Display specific columns

It is possible to display all columns of a HOSTS or a SERVICES section in the Events view, as well
as in its pop-in windows.
To do so, you just have to declare them and set them as displayed by default.

Example (continued):
Note: As the DESCRIPTION column was not previously set to appear in the Events view, we can use a
more simple syntax here
<?php
// show description column in options dialog box (cvar) and in events vue (opts)
// note: COL_ENABLED is a value, thus quotes are forbidden
$COLUMN_DEFINITION['description'] = array(
'cvar' => 'DESCRIPTION',
'opts' => COL_ENABLED
);

// show description column link in events pop-in

$SHOWSTATUSCVAR = array('_DESCRIPTION');
?>

156
 3 POM SERVER ADMINISTRATION
PROCEDURE column
This column allows you to associate a problem solving procedure to a monitoring point.
The content of this column can be:
 the procedure itself (dokuwiki syntax applies)
 an URL corresponding to, e.g., a wiki article on the specific problem encountered. Any link
starting with http:// or https:// will be treated as an url. If the url contains spaces or
special characters, either use the url-encode syntax (e.g. replace a space by %20) or use
the syntax [[url|link name]]
The link will be rendered available in the Procedure field of the pop-in.
Example: [[[Link] The POM]], display

DEACTIVATE POP-IN WINDOW

3.5 HOW-TO: WEB INTERFACE CUSTOMIZATION

You can disable the default display of the pop-in window in the Events tab.
If disabled, the pop-in will remain reachable by pressing the CTRL key while hovering a line of the
event tray

Create a configuration file named /etc/pom/events/[Link] and insert the following

lines:
<?php
// do not show pop-in
$POPIN = 0;
?>

ACTIVATE DUAL GRAPHS VIEW IN POP-IN WINDOW

You can make the pop-in window display dual graphs by default.
To do so, set the DUAL_GRAPHS variable to 1 in a .cfg file in /etc/pom/events/
Example :
[root@pom-srv ~]# cat /etc/pom/events/[Link]
<?php
$DUAL_GRAPHS = 1;
?>

157
3.5.2 INVENTORY

DISCOVERY DAEMON CONFIGURATION FILE

Important note : It is not recommended to manually alter the list of scanned addresses/networks.
Having POM Server’s address should be all Discovery needs to discover surrounding hosts, step by step.

Even if not recommended, you can still modify the default settings for the Discovery daemon by
editing its configuration file, located at /etc/pom/discovery/[Link].

 In snmp-configurations, you can add snmp communities to the default one.

In the example below, the community named test is added to the default one (Discovery uses the
public community by default, and also uses credentials defined in the web interface
configuration)
 For more info on credentials, see Web Interface Configuration: Credentials
 In externals, you can define the networks that will be scanned by the daemon when
performing its GetIPAdd action.
 In networks, you can add networks you want the daemon to keep an eye on.
Added to the default parameters in the following example are networks. By default, Discovery will
scan private IP ranges, from neighbor to neighbor, starting from POM server’s IP.
 Finally, with delay-active, you can define the time (in seconds) before an unreachable
device is removed from the inventory
In the following example, we set it to 500 seconds

Example:
{
"discov": {
"snmp-configurations": [
{
"version": "2c",
"community": "test"
},
],
"externals": {
"network_scan.sh": [
"[Link]/24",
"[Link]/32"
]
},
"networks": [
"[Link]/16",
"[Link]/16",
"[Link]/16"
],
"delay-active": 500
}
}

158
 3 POM SERVER ADMINISTRATION
3.5.3 MAPS

SETTING UP AUTOMAP
Automaps creation process is based on three elements:
 Dependencies, which are set in POM with the DEPENDS column
 See MONITORING ADMINISTRATION: Spreadsheet file – HOSTS section
 The configuration file, that will define which host will act as parent
 The defaultroot in the /etc/pom/nagvis/[Link] file, [automap] section

In order to use the file /etc/pom/nagvis/automaps/[Link], you must ensure the POM server
name is pom. If not the case, you will have to replace the default value pom in this file by the one
defined in the spreadsheet file.

3.5 HOW-TO: WEB INTERFACE CUSTOMIZATION

This step can be achieved by the following command:
[root@pom]# [[ ! -f /etc/pom/nagvis/[Link] ]] && cp -a
/etc/pom/nagvis/[Link] /etc/pom/nagvis/[Link] ; sed -i
"s@defaultroot=\"montana\"@defaultroot=\"$(pomklive --hide-headers --no-default-col -c
host_name -g type-pom | sort -u)\"@" /etc/pom/nagvis/[Link]

As an example, let's take a host named core and have it act as parent for an automap.
The host will then have to be declared in the DEPENDS column of the spreadsheet file.
# cp /etc/pom/nagvis/automaps/[Link] /etc/pom/nagvis/automaps/[Link]
# cat
[root@pom]# cat /etc/pom/nagvis/automaps/[Link]
define global {
iconset=pom_small
hover_childs_sort=s
hover_childs_order=asc
label_show=1
label_border=transparent
default_params=&root=core&renderMode=circular&width=700&height=700
}
...

5 different rendering modes are available for the renderMode setting:

 directed
 undirected
 undirected2
 radial
 circular

159
MODIFYING AN EXISTING MAP BACKGROUND
This functionality is not yet available from the web interface.
It can however be achieved in 2 simple steps:
 Load the new image via the user interface
 Alter the map configuration file to display the new image

In the default configuration file, the background image is the value allocated to map_image in the
global section:
# cat /etc/pom/nagvis/maps/[Link]
define global {
map_image=[Link]
iconset=std_medium
}
...

Note: the maps images directory is /etc/pom/nagvis/userfiles/images/maps/

DISPLAY GRAPHS IN THE MAPS POP-INS

In /etc/pom/nagvis/userfiles/templates , create a new HTML template file named
[Link] , based on the existing one [Link] :
cp /etc/pom/nagvis/userfiles/templates/pom{,-graph}.[Link]

To use the pre-existing .css style associated with the template, create a symbolic link:
ln -s [Link] /etc/pom/nagvis/userfiles/templates/[Link]

In the newly created template [Link] , add the following lines before the last
<!-- END service --> tag (line 38):
<!-- BEGIN: POM graph -->
<tr>
<td colspan="2">
<iframe style="margin-top: 10px; border: none; width: 100%; min-width: 450px;
height: 200px;"
src="/rrd/[Link]?view=pink&period=1day&host=[obj_name]&svc=[service_description]&
area&small">
</iframe>
</td>
</tr>
<!-- END: POM graph -->

Finally, modify the configuration file /etc/pom/nagvis/[Link] to make it use the

newly created template. To do so, simply set the hovertemplate variable in the [defaults]
section to the value pom-graph (instead of pom )

160
 3 POM SERVER ADMINISTRATION
ADDING A CUSTOM ICONSET
You can customized the sets of icons used in your maps.

Requirements
 A POM iconset must contain 12 icons (see example below).
 Allowed file formats are .png, .jpeg, .gif (animated gifs are allowed)
 It is recommended to use an identical size for all icons of a set
 The name of each icon file must be of the form iconset_state.extension, where
iconset is the name of the iconset as it will appear in the drop-down menu in Maps, and
state is the monitoring point state pictured (see example below).

Filenames
Icon example State part of the filename State
(pom_big iconset) (here xxx in pom_big_xxx.png)
ok OK

3.5 HOW-TO: WEB INTERFACE CUSTOMIZATION

(SERVICE or META)
warning WARNING
(SERVICE or META)
critical CRITICAL
(SERVICE or META)
unknown UNKNOWN
(SERVICE or META)
sack ACKNOWLEDGED
(SERVICE or META)
sdowntime DOWNTIME
(SERVICE or META)
up UP
(HOST or HOSTGROUP)
down DOWN
(HOST or HOSTGROUP)
ack ACKNOWLEDGED
(HOST or HOSTGROUP)
downtime DOWNTIME
(HOST or HOSTGROUP)
error ERROR
pending PENDING

Installation folder
The 12 icon files must be placed in:
/etc/pom/nagvis/userfiles/images/iconsets/

And they must have the following user/permission settings:

u g o owner group
-rw-r--r-- root root

161
3.5.4 LOGS

SETTING UP SYSLOG FORMATTED LOGS ON LINUX SYSTEMS

RSYSLOG
 Edit the rsyslog configuration file (Redhat/Debian): /etc/[Link]
 Add the following line ([Link] is POM server's IP address)
*.* @[Link]

SETTING UP SYSLOG FORMATTED LOGS ON WINDOWS SYSTEMS

NXLOG

 See NXLOG official documentation

Location of the configuration file:

 32 bit systems: c:\program files\nxlog\conf\[Link]
 64 bit systems: c:\program files (x86)\nxlog\conf\[Link]

Location of log file:

 32 bit systems: c:\program files\nxlog\data\[Link]
 64 bit systems: c:\program files (x86)\nxlog\data\[Link]

Installation:
Download the .msi Windows installation file from Sourceforge
Follow the setup instructions.
## This is a sample configuration file. See the nxlog reference manual
## about the configuration options. It should be installed locally and
## is also available online at
## [Link]

## Please set the ROOT to the folder your nxlog was installed into,
## otherwise it will not start.

#define ROOT C:\Program Files\nxlog

define ROOT C:\Program Files (x86)\nxlog

Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\[Link]
SpoolDir %ROOT%\data
LogFile %ROOT%\data\[Link]

<Extension syslog>
Module xm_syslog
</Extension>

<Input internal>
Module im_internal
</Input>

<Input in>
Module im_msvistalog

162
 3 POM SERVER ADMINISTRATION
# For windows 2003 and earlier use the following:
# Module im_mseventlog
</Input>

<Output out>
Module om_tcp
Host [Link]
Port 514
</Output>

<Route 1>
Path in => out
</Route>

Configuration for the eventlogs

You must first know the IP address of the SYSLOG server (i.e. the POM server, which endorses that
role). The port used by SYSLOG (UDP/514) must be open/allowed on network devices that filter
data upstream from the server (such a device has the IP address [Link] in our example).
In the configuration directory, you must adapt the config to the installed system.
On Windows Server 2003 and earlier versions, the adequate module is im_mseventlog

3.5 HOW-TO: WEB INTERFACE CUSTOMIZATION

define ROOT C:\Program Files\nxlog

Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\[Link]
SpoolDir %ROOT%\data
LogFile %ROOT%\data\[Link]

<Extension syslog-mod>
Module xm_syslog
</Extension>

<Input internal>
Module im_internal
Exec to_syslog_bsd();
</Input>

<Input eventlog>
Module im_mseventlog
Exec to_syslog_bsd();
SavePos True
</Input>

<Output syslog>
Module om_udp
Host [Link]
Port 514
</Output>

<Route to-syslog>
Path internal,eventlog => syslog
</Route>
On Windows Server 2008 and later versions, the adequate module is im_msvistalog
define ROOT C:\Program Files (x86)\nxlog

Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\[Link]
SpoolDir %ROOT%\data
LogFile %ROOT%\data\[Link]

<Extension syslog-mod>
Module xm_syslog
</Extension>

<Input internal>
Module im_internal
Exec to_syslog_bsd();
</Input>

163
<Input eventlog>
Module im_msvistalog
Exec to_syslog_bsd();
SavePos True
</Input>

<Output syslog>
Module om_udp
Host [Link]
Port 514
</Output>

<Route to-syslog>
Path internal,eventlog => syslog
</Route>

Close attention must be paid to the define ROOT directive, which defines NXLOG's installation
directory and subdirectories path

Service start
 Launch [Link]: press Windows key + R and type cmd
 Move to the installation directory cd /Prog*/nxlog
 Install the service
nxlog -i
 Start the service
net start nxlog

Service restart
 Stop the service
net stop nxlog
 Start the service again
net start nxlog

164
 3 POM SERVER ADMINISTRATION
Send events to more than one server
As an example, we have 2 recipient servers, with the IP addresses [Link] and
[Link] respectively.
We must adapt the config to setup 2 output interfaces, and 2 routes for each of these interfaces.
<Output out1>
Module om_udp
Host [Link]
Port 514
</Output>

<Output out2>
Module om_udp
Host [Link]
Port 514
</Output>

<Route multi>
Path in => out1, out2
</Route>

3.5 HOW-TO: WEB INTERFACE CUSTOMIZATION

Read a log file
If an application generates a log file that you want to transmit to the monitoring platform, you
must add the following rules to the configuration file:
<Input file>
Module im_file
File ‘C:/App/[Link]’
Exec $Message = $raw_event; $SyslogFacilityValue =
syslog_facility_value("local2"); $Severity = "info" ; $SourceName = "App";
to_syslog_bsd();
SavePos True
</Input>

<Route file_out>
Path file => out
</Route>

165
3.5.5 REPORTS

CUSTOMIZING REPORTS
It is possible to adapt reports to your company by customizing the following elements:

Logo
To replace the default POM logo with your own logo, simply place the corresponding image file in
/etc/pom/reports.
The image file must meet the following requirements:
 file format: png, jpg, gif
 maximum recommended size: 377×133 (width x height)
To use an image located in another directory, you just have to set the header_logo variable to the
absolute path of the image file, in the /etc/pom/reports/[Link] configuration file.
Example:
Our image file, [Link], is located in the directory /etc/pom/reports
$BIRT_VARIABLES['header_logo'] = '/etc/pom/reports/[Link]';

Important note: quotes are mandatory. Omitting the quotes may cause the Reports tab to become
unreachable.

Footer
You can override the default footer appearing on each page of the report, also by editing the
/etc/pom/reports/[Link] configuration file:
Simply set the footer_html_text variable to the text you want to appear in the report's footer
Example:
$BIRT_VARIABLES['footer_html_text'] = '<a href="[Link]
company</a> - 1, Main Street - METROPOLIS';

Week starting day

By default in POM, the first day of the week is Monday, in accordance with EU standards.
It is however possible to define Sunday as the first of the week (in accordance with US standards),
by setting the pom_week_start_day variable to 0, still in /etc/pom/reports/[Link].

166
 3 POM SERVER ADMINISTRATION
WORKING HOURS SETTINGS

Note: in the filenames used hereafter, “ho” stands for "Heures Ouvrées", French for "Working Hours"

To create a new period:

 Edit the file /etc/pom/[Link]
 Create a new section, using an explicit period name
 Specify days and hours for the working hours period
 Exclude public holidays or pre-planned closing days (can be defined in called blocks further
in the file)
 Add an rrd line at the end of the main block (required by the generation tool). Periods can
be embedded, i.e. a period definition line can call another definition block further in the file.
In that case, only the main block must feature the rrd line (see file example)

Generate the periods, using the command [Link] with the following

3.5 HOW-TO: WEB INTERFACE CUSTOMIZATION

arguments:
 # --years number of years generated
 # --step period resolution
 # --overwrite to overwrite current data
Example:
[Link] --years 5 --step 3600 --overwrite

File example
In this example, two working hours periods will be created, since two blocks feature the rrd line
 christmas period, which embeds mon-fri-7h-20h, week-end and public holidays
 mon-fri-8h-19h period, which only embeds public holidays
[christmas]
mon-fri-7h-20h
week-end
!public-holiday-2014-fr
!public-holiday-2015-fr
!public-holiday-2016-fr
!public-holiday-2017-fr
!public-holiday-2018-fr
!public-holiday-2019-fr
!public-holiday-2020-fr
rrd

[week-end]
sat 07:00-20:00
sun 08:00-14:00

[mon-fri-7h-20h]
mon 07:00-20:00
tue 07:00-20:00
wed 07:00-20:00
thu 07:00-20:00
fri 07:00-20:00

[mon-fri-8h-19h]
mon 08:00-19:00
tue 08:00-19:00
wed 08:00-19:00
thu 08:00-19:00
fri 08:00-19:00
!public-holiday-2011-fr

167
!public-holiday-2012-fr
!public-holiday-2013-fr
!public-holiday-2014-fr
!public-holiday-2015-fr
!public-holiday-2016-fr
!public-holiday-2017-fr
!public-holiday-2018-fr
!public-holiday-2019-fr
!public-holiday-2020-fr
rrd
alias period

[public-holiday-2014-fr]
2014-01-01
2014-04-21
2014-05-01
2014-05-08
2014-05-29
2014-06-09
2014-07-14
2014-08-15
2014-11-01
2014-11-11
2014-12-25

[public-holiday-2015-fr]
2015-01-01
2015-04-06
2015-05-01
2015-05-08
2015-05-14
2014-05-25
2015-07-14
2015-08-15
2015-11-01
2015-11-11
2015-12-25

[public-holiday-2016-fr]
2016-01-01
2016-03-28
2016-05-01
2016-05-05
2016-05-08
2016-05-16
2016-07-14
2016-08-15
2016-11-01
2016-11-11
2016-12-25

[public-holiday-2017-fr]
2017-01-01
2017-04-17
2017-05-01
2017-05-08
2017-05-25
2017-06-05
2017-07-14
2017-08-15
2017-11-01
2017-11-11
2017-12-25

[public-holiday-2018-fr]
2018-01-01
2018-04-02
2018-05-01
2018-05-08
2018-05-10
2018-05-21
2018-07-14
2018-08-15
2018-11-01
2018-11-11
2018-12-25

168
 3 POM SERVER ADMINISTRATION
[public-holiday-2019-fr]
2019-01-01
2019-04-22
2019-05-01
2019-05-08
2019-05-20
2019-06-10
2019-07-14
2019-08-15
2019-11-01
2019-11-11
2019-12-25

[public-holiday-2020-fr]
2020-01-01
2020-04-22
2020-05-01
2020-05-08
2020-05-21
2020-06-01
2020-07-14
2020-08-15
2020-11-01
2020-11-11
2020-12-25

3.5 HOW-TO: WEB INTERFACE CUSTOMIZATION

Reminders
To deactivate notifications, simply use the never timeperiod.
To create gaps in monitoring periods use a comma , . Example: 00:00-6:30,7:00-24:00 will
create an unmonitored gap between 6:30 AM and 7:00 AM

169
3.5.6 SETTING UP SCREEN ROLLOVER

Screen rollover (or rotation) is a very handy functionality when POM is displayed on a large
monitoring screen, such as a wall-mounted TV screen in an office or an IT team open space.
The display alternates between several views, with a predefined delay.
You can set up this functionality by editing the /etc/pom/[Link] configuration file:
# cat /etc/pom/[Link]
...
$delay = 30;

$links = array (
"/events/?monitor",
"/nagvis/frontend/nagvis-js/[Link]?mod=Map&act=view&show=Oise&monitor=1"
);
...
 The $delay variable sets display time for each view
 The $links variable defines a php table with one line for each value. 2 consecutive values
must be separated by a comma ,

Methods to get the url of each view vary, depending both on the kind of view you want to collect
and the kind of browser you use. Following are a few tricks:

To fetch a dashboard’s URL:

Right-click on the 360° tab and select “open in a new tab”, then simply choose the desired
dashboard. Its URL will appear in the address bar of your browser.

To fetch a map’s URL:

Connect to your POM interface, then type the url <POM server address>/maps in your
address bar.

Click on the desired map in the list and click on the "monitor mode" button.

The map's URL should appear in the address bar of your browser. Copy the fetched URL and paste
it in your config file, without the server part.

Adding \txt{monitor=1} at the end of the address displays a view without the action buttons,
which particularly suits the screen rollover presentation.
Example:
The collected url is
[Link]

Copy the address without the server part, and add the parameter \txt{monitor=1}
/nagvis/frontend/nagvis-js/[Link]?mod=Map\&act=view\&show=POM\&monitor=1

170
 3 POM SERVER ADMINISTRATION
Once addresses are filled in the /etc/pom/[Link] config file and the file is saved, you only
need to open a web browser on the screen dedicated to screen rollover, and go to the pom server,
adding the parameter /rotate at the end of the url.
Example:
If your POM server's url is [Link] , then [Link]
will give you the screen rollover presentation previously configured.

To create several different rollover patterns (e.g. for different teams in the company), simply
duplicate the config file /etc/pom/[Link], then create symolic links for the new files.
Example (must be performed as root):
cp /etc/pom/[Link] /etc/pom/[Link]
cp /etc/pom/[Link] /etc/pom/[Link]
ln -s /etc/pom/[Link] /opt/pom/www/rotate/[Link]
ln -s /etc/pom/[Link] /opt/pom/www/rotate/[Link]

3.5 HOW-TO: WEB INTERFACE CUSTOMIZATION

To display the variants created, use the following URLs:
## default configuration /etc/pom/[Link]
[Link]

## variant 1 /etc/pom/[Link]
[Link]

## variant 2 /etc/pom/[Link]
[Link]

171
 4 POM INFRASTRUCTURE ADMINISTRATION
4 POM
INFRASTRUCTURE
ADMINISTRATION

173
 4 POM INFRASTRUCTURE ADMINISTRATION
4.1 POM-AGENT

POM-Agent is a monitoring agent that can be installed on any monitored Windows machine. It
consists of:
 A web service on the POM server
 A Windows service on the monitored host
The Windows service collects data in a .txt file on the local system it's installed on, then sends
them through HTTPS to the web service on the POM server (HTTP can be used but is not
recommended). Data collected are:
 Standard host status data (MEM, CPU, DISK…)
 URL execution time (check_url)
 WEB scenario
 CLIENT/SERVER scenario
The agent fetches data via HTTPS requests, then sends these data via HTTPS PUSH request to the
POM server, which in turn relays them to the dedicated indicators.

Important note: to allow communication between the agent and the POM server, the adequate port (443

4.1 POM-AGENT
for HTTPS) must be opened on the target host.

175
4.1.1 AGENT INSTALLATION ON THE WINDOWS SYSTEM

Run the POM-Agent installation program. The first screen will allow you to define parameters.

Important note: to modify any of these parameters afterwards, you will need to re-install the agent.

URL
Web service URL, by default:
[Link] server address>/agent/[Link]

Expect sleep time in seconds

Defines time interval between two data transmissions (by default, 60sec)

Server credentials
By default, agent:password

Proxy
Optional proxy address and port

Proxy credentials
Optional

Expect the computer domain name

Allows you to configure a domain name different than the one configured on the machine

Expect the computer identifier

Allows you to configure a different name than the one configured on the machine

176
 4 POM INFRASTRUCTURE ADMINISTRATION
4.1.2 AGENT REGISTRATION IN POM

HOSTS SECTION
First, you need to register the agent in the HOSTS section of the configuration spreadsheet file,
using the win-agent host template
See example below:
# HEADER HOSTS SITE TEMPLATE DESCRIPTION IP-ADDRESS NAME
MYSITE win-agent Windows Server 2008 [Link] SRV-W2K8

Note: The value entered in the NAME column must be the same as the HOSTNAME column value in the
SERVICES section

This registration will automatically create the following indicators, with the corresponding default
threshold values:
Indicator name WARNING CRITICAL
CLOCK 180 300

4.1 POM-AGENT
CPU 75 80
DISK 90 95
MEM 180 300
NB-PROCESS 80 100
NETWORK 80 90
SWAP 90 95
UPTIME 600

SERVICES SECTION
To test execution times of specific URLs, register them in the SERVICES section, using the
WEB@AGENT template.
See example below:
# HEADER SERVICES HOSTNAME TEMPLATE NAME URL WARNING CRITICAL …
# SRV-W2K8 WEB@AGENT login [Link] 300 400 …

... RETURN METHOD DATA EXPECT_OUTPUT

... 200 POST pom_auth_username=admin&pom_auth_password=p@ssw0rd POM Administrator

177
4.1.3 EXECUTION OF SCENARIOS

Execution of scenarios by POM-Agent can take two forms: either simple web (light) scenarios, or
advanced client/server (heavy) scenarios.
 For scenarios outside POM-Agent, see HOW-TO: MONITORING ADMINISTRATION – Setting up scenarios

Reminder: When setting up the scenario’s waiting times, be sure to take the pages loading times into
account, to avoid performing any action before a page is properly loaded.

WEB SCENARIOS (LIGHT SCENARIOS)

A web scenario (a.k.a. light scenario) uses most of the functionalities of the check_scenario
plugin. It is registered in the configuration spreadsheet file using the SCN_LIGHT@AGENT service
template.

Note: WARNING and CRITICAL columns are available, but only apply to the total_time index. It is
therefore recommended to use the relevant script functions, in order to choose which index they will
apply to.

See example below:

# HEADER SERVICES HOSTNAME TEMPLATE NAME URL SCENARIO
SRV-W2K8 SCN_LIGHT@AGENT test_pom [Link] test_light_pom

Note: the value in the SCENARIO column is the name of the scenario file WITHOUT its .scn extension

Reminder:
 User-created scenarios are located by default in /etc/pom/scenarios.
 If your scenarios folder is different than this default one, ensure you entered the right path
as $USER4$ in the configuration file /etc/nagios/[Link]

Functions and keywords from the check_scenario plugin can be used in your script :
id NAME define step in script (for output)
baseurl URL define base URL for next relative requests
get URL [QUERY-STRING] send URL with GET method
get-location send last location as URL
post URL [QUERY-STRING] post URL
post-data DATA set DATA for all futur usage
no-post-data reset DATA used by POST
store NAME VALUE same as store-value
store-value NAME VALUE expect and store value
store-value-xapth NAME MATCH VALUE expect and store value
store-value-xapth-html NAME MATCH VALUE expect and store value (html)
urlencode
expect-return RETURN... expect return code
expect-output STRING expect STRING in returned data
expect-location [-r] VALUE expect header Location: value
follow-location internaly follow Location:
no-follow-location disable following location internaly
store-location store special header Location:
message "my message" forced message for next operation error
port PORT set non standard port
vhost HOSTNAME set hostname to present to web server
header HEADER VALUE prepare headers to add in futurs requests
expect-header NAME VALUE expect header NAME with VALUE

178
 4 POM INFRASTRUCTURE ADMINISTRATION
store-header NAME VALUE expect and store header
no-headers reset headers
no-referer reset referer
cookie NAME VALUE add client cookie
no-cookie remove all client cookie
query-string DATA set QUERY-STRING for all future usage
no-query-string reset QUERY-STRING
critical INDEX OPERATOR VALUE check INDEX
warning INDEX OPERATOR VALUE check INDEX
think-time TIME wait TIME (ms)
store-urlencode VNAME VALUE urlencode a value
store-next VALUE store as NEXT request
get-next send next determined request as URL
post-next send next determined request as URL (POST)
- time time getting object (s)
- namelookup time for name lookup (s)
- connect time connecting server (s)
- header time sending headers (s)
- start time receiving first byte (s)
- download download size (bytes)
- running time getting all objects since last id (s)
- all-time overall time getting all objects (s)
- all-objects overall number of objects
- all-size overall download size of all objects

KVM SCENARIOS (KEYBOARD/VIDEO/MOUSE HEAVY SCENARIOS)

4.1 POM-AGENT
A KVM scenario aims at measuring QoE (Quality of Experience) via an external tool. It allows you to
run a .exe executable file, get its execution time as well as HTTP return codes and intermediate
times.

Installing AutoIT
Prior to using KVM scenarios (a.k.a. heavy scenarios), you must first install an automation software.
We have tested and recommend AutoIT.

Launch the AutoIT installer, click “Next”, then “I Agree”.

179
If you are using a 64-bit Windows OS, you will be asked to choose between x64 (64-bit) or x86
(32-bit) compilation. If you choose x64, 32-bit compilation will still be available in Windows
context menu used to execute the .exe file. Click “Next”.

In next window, you will be asked what default action you want Windows to perform when double-
clicking on a .au3 script file. It is recommended that you choose “Edit the script”, in order to avoid
unwanted script runs. Click “Next”.

180
 4 POM INFRASTRUCTURE ADMINISTRATION
In next setup window, select all components you want to install, then click “Next”.

4.1 POM-AGENT
Finally, choose an installation location, and click “Install”. Once the installation is complete, you
will receive confirmation. Click “Finish” to exit the wizard.
The AutoIT tool will generate an autonomous .exe executable file for each scenario. You will then
have to place created executables in the directory /etc/pom/scenarios of your POM server.
POM will automatically deploy and update scenarios on all hosts where POM-Agent is installed.

Note : While AutoIT has to be installed on a Windows machine, you do not need to install it on your
target Windows host. AutoIT is only used to compile executable scenarios and is not involved in the
monitoring process.

AutoIT comes with with a comprehensive scripting documentation, be sure to check it out.

181
Using a dedicated library
To create heavy scenarios more easily, we recommend that you use a dedicated function library. To
do so, create a file named pom.au3 in the \Include folder of your AutoIT installation path (by
default, C:\Program Files (x86)\AutoIt3\Include ), and fill it with the following lines:
#include <WinAPIFiles.au3>
Global $ghPomFileOpen = 0
Global $giTimer = 0
Global $gsTimerId

; pom_close_windows_of_class
; Closes all windows of the defined class
; To be used at start and end of script
Func pom_close_windows_of_class($class_name = "")
Local $aList = WinList($class_name)
For $i = 1 To $aList[0][0]
If $aList[$i][0] <> "" And BitAND(WinGetState($aList[$i][1]), 2) Then
WinClose($aList[$i][0])
EndIf
Next
EndFunc

; pom_init
; Opens the agent's swap file
; Must be used at start of the script
Func pom_init($file_name = "")
Local $nb_param = $CmdLine[0]
;Local $file_name = ""
if ($ghPomFileOpen = 0) then
if ($file_name = "") Then
;~ Check if specific parameters has been send by the agent
if ($CmdLine[0] > 1) Then
if ($CmdLine[1] = "/pom_file_out") Then
$file_name = $CmdLine[2]
EndIf
EndIf
Endif
;~ If a file name is given by the agent, we can add perfdata in this file
if ($file_name <> "") Then
$ghPomFileOpen = FileOpen($file_name, $FO_OVERWRITE)
If $ghPomFileOpen = -1 Then
exit -2
EndIf
EndIf
EndIf
EndFunc

; pom_quit
; Closes the agent's swap file
; Must be used at the end of the script
Func pom_quit()
FileClose($ghPomFileOpen)
exit 0
EndFunc

; pom_id
; Has behaviour of the id function of check_scenario
; Triggers a timer
Func pom_id($sTimerId)
$gsTimerId = $sTimerId
$giTimer = TimerInit()
EndFunc

; pom_perfdata
; Writes in the swap file, in the format expected by the agent
Func pom_perfdata($perfdata_index, $perfdata_current, $perfdata_warning = "",
$perfdata_critical = "", $perfdata_min = "", $perdata_max = "")
; Target syntax below
; Local $sPerfData = "'" & $perfdata_index & "'=" & $perfdata_current & ";" &
$perfdata_warning & ";" & $perfdata_critical & ";" & $perfdata_min & ";" & $perdata_max
& @CRLF
; FileWriteLine($ghPomFileOpen, $sPerfData)
Local $sPerfData = "time_" & $perfdata_index & ":" & $perfdata_current & @CRLF
FileWriteLine($ghPomFileOpen, $sPerfData)
EndFunc

182
 4 POM INFRASTRUCTURE ADMINISTRATION
; pom_stats
; Stops the pom_id timer
Func pom_stats()
pom_perfdata($gsTimerId, Round(TimerDiff($giTimer)))
EndFunc

; pom_output
; Allows you to alter the plugin's output
Func pom_output($sOutput)
FileWriteLine($ghPomFileOpen, "bin_output:" & $sOutput & @CRLF)
EndFunc

; pom_check_pixel_checksum_change
; Gives the control back only when the contents of the defined rectangle have changed
; or when $iLoopLength loops of $iLoopStep milliseconds have been completed
Func pom_check_pixel_checksum_change($iXLeft, $iYTop, $iXRight, $iYBottom, $iLoopLength
= 100, $iLoopStep = 100)
Local $iLoopCount = 0
Local $iCheckSum = PixelChecksum($iXLeft, $iYTop, $iXRight, $iYBottom)
; Wait for the region to change, the region is checked every 100ms to reduce CPU load
While $iCheckSum = PixelChecksum($iXLeft, $iYTop, $iXRight, $iYBottom) And $iLoopCount
< $iLoopLength
$iLoopCount = $iLoopCount + 1
Sleep($iLoopStep)
WEnd
EndFunc

When creating a new scenario, you will then be able to call functions defined in the library, by
including the library at the start of the scenario, like this:

4.1 POM-AGENT
#include <pom.au3>

Scenario examples
In the following example, we are going to use an .au3 scenario script to test response time and
availability of a webmail (namely the Zimbra client used by the Free ISP).

But first, let's see how you can fetch useful information for your scenario using the Window Info
tool that comes with AutoIT. Launch the Window Info tool:

183
By dragging the crosshairs symbol and dropping it on the desired web frame, you get all the
information needed : frame title, class and instance

You can now create your script, that will look like this:
#include <pom.au3>

; Window cleanup
pom_close_windows_of_class("[CLASS:IEFrame]")

; Call to POM functions

pom_init()

; Zimbra login form

pom_id("Login_form")

AutoItSetOption ( "SendKeyDelay", 50 )

run ("C:\Program Files (x86)\Internet Explorer\iexplore [Link]

WinWait ("Webmail [Link] - Internet Explorer", "" , 60)

pom_stats()
sleep(1000)
pom_id("In_Box")

Sleep (200)
if WinExists ("Webmail [Link] - Internet Explorer") Then
sleep(200)
ControlSend("[CLASS:IEFrame]", "", "Internet Explorer_Server1",
"youraddresshere@[Link]", 1)
sleep(200)
ControlSend("[CLASS:IEFrame]", "", "Internet Explorer_Server1", "{TAB}")
sleep(200)
ControlSend("[CLASS:IEFrame]", "", "Internet Explorer_Server1", "YourPasswordHere",
1)
sleep(200)
ControlSend("[CLASS:IEFrame]", "", "Internet Explorer_Server1", "{TAB 2}")
sleep(200)
ControlSend("[CLASS:IEFrame]", "", "Internet Explorer_Server1", "{ENTER}")
Else
Winclose ("[CLASS:IEFrame]")
pom_close_windows_of_class("[CLASS:IEFrame]")
pom_output("Zimbra not available")
FileClose($ghPomFileOpen)

184
 4 POM INFRASTRUCTURE ADMINISTRATION
exit 1
EndIf

WinWait ("Zimbra: Réception", "", 60)

sleep(200)

if WinExists ("Zimbra: Réception") Then

pom_stats()

Winclose ("[CLASS:IEFrame]")
pom_close_windows_of_class("[CLASS:IEFrame]")
pom_output("Zimbra Ok")
pom_quit()
Else
Winclose ("[CLASS:IEFrame]")
pom_close_windows_of_class("[CLASS:IEFrame]")
pom_output("Zimbra box KO")
FileClose($ghPomFileOpen)
exit 1
EndIf

Note that we used "Internet Explorer_Server1", meaning instance #1 of the class "Internet
Explore_Class"

Another simple scenario example, testing opening time and availability of a PowerPoint .potx file
located on a Windows share (continued on next page):
#include <pom.au3>

4.1 POM-AGENT
#include <Process.au3>
#include <MsgBoxConstants.au3>

pom_init()
pom_close_windows_of_class("[CLASS:SALFRAME]")

Local $file = "p:\[Link]"

pom_id("net_use")
_RunDos ("net use P: \\YourServerIPAddressHere\DATA YourPasswordHere
/user:YourUserNameHere\pomagent /PERSISTENT:NO")
pom_stats()

Local $pDrive = DriveStatus ("P:\")

if $pDrive <> "READY" Then
pom_output("net share not available")
FileClose($ghPomFileOpen)
exit 1
EndIf

pom_id("libre_office")
if FileExists ($file) Then
Run ("C:\Program Files (x86)\LibreOffice 4\program\[Link] " & $file)
if @error <> 0 Then
$exitcode = @error
pom_output("LibreOffice not available")
FileClose($ghPomFileOpen)
exit 2
EndIf
Else
pom_output("[Link] not available")
FileClose($ghPomFileOpen)
exit 3
EndIf

WinWait ("Untitled 1 - LibreOffice Impress", "", 90)

sleep(200)
if WinExists ("Untitled 1 - LibreOffice Impress") Then
pom_stats()
Else
pom_close_windows_of_class("[CLASS:SALFRAME]")
pom_output("fail open [Link]")
FileClose($ghPomFileOpen)
exit 4
EndIf

185
 sleep(200)

WinClose("Untitled 1 - LibreOffice Impress")

pom_close_windows_of_class("[CLASS:SALFRAME]")
pom_output("Powerpoint OK")
FileClose($ghPomFileOpen)
pom_quit()

Registering scenarios in POM config file

Once the scenario is created, you will have to register it in the spreadsheet file, using the
SCN_HEAVY@AGENT service template.
Available columns are as follows:
Column Format Def. val. Comment
HOSTNAME text N.A Target host name as given in the HOSTS
section
TEMPLATE SCN_HEAVY@AGENT N.A Mandatory value
NAME text N.A Optional. Monitoring point name.
SCENARIO text N.A Name of the .exe scenario file created
by AutoIT and placed in
/etc/pom/scenario.
Do not include the .exe suffix in the name
WARNING integer Warning threshold for the total_time
index (milliseconds)
CRITICAL integer Critical threshold for the total_time index
(milliseconds)
RETURN return code N.A Expected return code of the .exe
program
TIMEOUT integer Time elapsed before timeout (seconds). If
reached, POM will kill the scenario
process.
DOMAIN text N.A Domain name, for authentication
purposes
CREDENTIALS text N.A Authentication credential, wmi type.
Mandatory, see remarks

Example of use in context:

# HEADER SERVICES HOSTNAME TEMPLATE NAME SCENARIO ...
# SRV-W2K8 SCN-HEAVY@AGENT test_heavy test_heavy.exe ...

... WARNING CRITICAL RETURN TIMEOUT DOMAIN CREDENTIALS

... 10000 15000 2 60 [Link] cred-scn01-wmi

Remarks on Credentials:
While web scenarios use non-graphical sessions (remember, for example, that the cURL text-based
browser is used), KVM scenarios need a graphical session to be performed. Therefore values related
to authentication (CREDENTIALS and DOMAIN) are mandatory. If these columns were left empty,
POM would use the default localsystem user that, on its own, is not granted access to a
graphical session.
 For more info on credentials setup, see WEB INTERFACE CONFIGURATION - Credentials

186
 4 POM INFRASTRUCTURE ADMINISTRATION
Scenario execution times
You can make the Agent fetch scenario execution times and send them back to POM as perfdata.
To do so, a swap file is used.

Important note: the swap file will be created in C:\temp , it is then required that such a directory is
present on your machine.

To get the swap file in AutoIT, use the following code:

;~ Check if specific parameters have been sent to file by the agent
if ($CmdLine[0] > 1) Then
if ($CmdLine[1] = "/pom_file_out") Then
$file_name = $CmdLine[2]
EndIf
Endif

The file must contain one perfdata per line, in the following format:
<prefix><perfdata name>:<value>.
Where:
 <prefix> must be time_

4.1 POM-AGENT
 <perfdata name> is the name that will appear in perfdata graphs
 <value> is an integer in milliseconds

The following code will write perfdata to the defined file

;~ Add perfdata to defined file
if ($file_name <> "") Then
Local $hFileOpen = FileOpen($file_name, $FO_OVERWRITE)
If $hFileOpen = -1 Then
exit -2
EndIf
;~ The "Acme" perfdata is written to file
FileWriteLine($hFileOpen, "time_Acme:102")
FileClose($hFileOpen)
EndIf

187
Settings for remote desktop connection
To allow remote connections to your target host, proceed as follows :
 On the target host, go to System Properties

188
 4 POM INFRASTRUCTURE ADMINISTRATION
 In the Remote tab, make sure remote connections are allowed and uncheck the box Allow
connections only from... , then click OK

4.1 POM-AGENT

189
 4 POM INFRASTRUCTURE ADMINISTRATION
4.2 POM-HA (HIGH AVAILABILITY)

POM-HA (for High Availability) allows you to increase reliability of your POM monitoring platform,
by introducing a backup POM server that will activate in the event of a server unavailability.

The main principle of POM-HA is to have two identical POM servers, each with its own IP address,
one being affected to the role of MASTER (active) server, the other one serving as BACKUP
(passive) server.
You access POM’s functionalities via a VIP (Virtual IP address) redirecting you to the currently
active server.

In case the MASTER becomes unavailable, POM-HA makes the VIP switch to the BACKUP server,
which then assumes MASTER role. The POM platform's users are oblivious to this switchover,
which allows the administrator to perform repairs without impeding the vital monitoring process.

4.2 POM-HA (HIGH AVAILABILITY)

For more info on server ports and streams in a POM-HA context:
 See POM SERVER ADMINISTRATION - Server Ports and Streams

191
4.2.1 BASIC PROCEDURES

SYNCHRONIZE CONFIGURATION ON THE TWO NODES

Synchronization should be performed each time the configuration spreadsheet file is altered, in
order to avoid monitoring data loss if a switchover occurs. To synchronize configuration from the
MASTER to the BACKUP node, run the following command on the MASTER server:
# pomha sync push
Or, alternatively, with a force argument:
# pomha –f sync push

Environment consistency
To perform a synchronization, the two nodes must be exact clones regarding both installed RPM
packages and user/group settings. To ensure this is the case, pomsync performs, among others, a
check on UID/GID info. If it fails, you will get an error message like this one:
[root@master ~]# pomha sync push
INFO: master: pomsync/push: Verify environment consistency
INFO: master: pomsync/push: Attempt 1/2 ssh pom-ha-peer -T bash
INFO: master: pomsync/push: Command succeeded with return code 0
ERROR: master: pomsync/push: Environment consistency test failed.
--- LOCAL
+++ REMOTE
@@ -494,3 +494,2 @@
passwd: admin:x:500:10::/home/admin:/bin/bash
-passwd: user01:x:0:0:root:/root:/bin/bash
paswwd: apache:x:48:48:Apache:/var/www:/sbin/nologin
FATAL: master: pomsync/push: Sync aborted, you may use --no-env-check to skip
environment consistency test

SWITCH A NODE TO MAINTENANCE MODE

It is good practice to switch a node to maintenance mode when performing heavy changes on the
other node’s configuration. To do so, on the server you want to put in maintenance mode, run the
following command:
# pomha maint start
When your intervention is completed, switch the server back to normal mode with:
# pomha maint stop

MANUALLY SWITCH THE MASTER ROLE TO THE BACKUP SERVER

You must log on to the BACKUP server and run the following command with root privileges:
# pomha want

ACTIVATE AUTOSYNC
You have the ability to let POM automatically synchronize some files on the two nodes for you.
To do so, simply create a .inc configuration file in /etc/pom/local/gen that will set the
following variable:
POM_HA_AUTOSYNC=1
Setting this variable to 1 will activate an event-handler that will automatically check and replicate
changes to non-DRBD files (examples: files in /etc or /home/admin/incoming) from one
node to the other, by performing a pomha sync push. If the synchronization fails, user will be
notified.

192
 4 POM INFRASTRUCTURE ADMINISTRATION
4.2.2 MAINTENANCE PROCEDURES

SOLVE A SPLIT-BRAIN ISSUE

A split-brain issue appears whenever data written on the two nodes (servers) do not match.
You must then decide to keep data written on one of the servers, therefore called survivor, while
losing data on the other server, called victim.

Steps to perform on the victim server:

service keepalived stop
pomha res stop
drbdadm disconnect pom-ha-data # Ignore error if already StandAlone
drbdadm secondary pom-ha-data # Role becomes Secondary
drbdadm connect --discard-my-data pom-ha-data # Connection state become WFConnection
service keepalived start

Steps to perform on the survivor server:

drbdadm disconnect pom-ha-data # Ignore error if already StandAlone
drbdadm connect pom-ha-data # WFConnection

4.2 POM-HA (HIGH AVAILABILITY)

REBOOT THE MASTER SERVER WHILE PREVENTING THE SWITCHOVER

Switch the BACKUP server to maintenance mode.

When the MASTER node shuts down, the BACKUP node will be designated as MASTER at VRRP
level, but the maintenance flag will prevent it from acquiring MASTER status at POM-HA level.
# pomha maint start

Reboot the MASTER node.

# reboot
When it is correctly rebooted, it appears in BACKUP/BACKUP (VRRP/POM-HA) status.
You then have to manually switch it to MASTER/MASTER:
# pomha want

Remove maintenance flag on BACKUP node.

# pomha maint stop

193
CONFIGURE POMHA SYNC TO IGNORE CERTAIN RPM PACKAGES
This can be required if the two nodes' hardware differ.

Create a configuration file /etc/pom/sync/[Link] :

# Use original pom-ha-pick-targeted configuration
source /opt/pom/lib/sync/[Link]

# Ignore some packages

RPM_DIFF_EXCLUDE_ERE='^(kmod-hpsa|kmod-tg3)-[0-9]'

Modify /etc/pom/ha/[Link] to take the new configuration into account:

[...]

# Defaults for pomha sync wrapper to the pomsync command.

POMSYNC_DEFAULTS=pom-ha-custom

SKIP ENVIRONMENT CONSISTENCY TEST

Although it is not recommended, you might need to skip the RPM/UID/GID... consistency test
during synchronization.
To do so, run the pomha sync push command with the option --no-env-check
[root@master ~]# pomha sync push --no-env-check

194
 4 POM INFRASTRUCTURE ADMINISTRATION
4.2.3 EVENTS CHECKLIST

In all the following examples, two servers/nodes, called HA1 & HA2, are configured in HA (High
Availability). HA1 is active and assumes MASTER role, whereas HA2 is BACKUP. The switchover
generally occurs after a waiting time (5min), to prevent unwanted switchovers. In all the following
examples, a SHORT disruption is therefore <5min, while a LONG one is ≥5min.

REBOOT OF ONLY ONE NODE

Event Expected Procedure Observations / Alerts
MASTER reboot Switchover after None While MASTER down : no monitoring.
Sollicited, short validation period On VIP : WUI unavailable
On BACKUP IP : no monitoring info
HA link:
HA2 in MASTER/BE-MASTER,
peer : Failed to retrieve status
On BACKUP IP WUI :
EVENT/ha1(vrrp-state) → 1 x VRRP state change BACKUP
EVENT/ha2(split-brain) → 1 x DRBD split-brain automatically
solved on drbd1

4.2 POM-HA (HIGH AVAILABILITY)

EVENT/ha1(split-brain) → 1 x DRBD split-brain automatically
solved on drbd1
EVENT/ha2(ha-state) → EVENT/ha2(ha-state)
EVENT/ha1(ha-state) → 3 x HA state change BACKUP
MASTER reboot Switchover after None While HA1 down, for time (validation + switchover) :
Sollicited, long validation period No WUI, no monitoring
After switchover:
check_ha : HA CRITICAL - [ha2] **HA=MASTER/?** **Res=OK/?**
**DRBD=WFC+UTD/?+?** Maint=OFF/?
EVENT/ha2(ha-state) → 1 x HA state change MASTER
After HA1 return:
EVENT/ha1(vrrp-state) → 1 x VRRP state change BACKUP
EVENT/ha1(ha-state) → 2 x HA state change BACKUP
MASTER reboot Switchover after None While rebooting : No WUI, no monitoring
Unsollicited, short validation period After reboot, on WUI:
EVENT/ha2(ha-state) → 1 x HA state change BACKUP
EVENT/ha1(ha-state) → 1 x HA state change MASTER
MASTER reboot Idem Idem Idem
Unsollicited, long
BACKUP reboot No switchover None While rebooting, check_ha in error
Sollicited, short HA CRITICAL - [ha1] **HA=MASTER/?** **Res=OK/?**
**DRBD=WFC+UTD/?+?** Maint=OFF/?
HA link, BACKUP section: Failed to retrieve status
While rebooting, HA link stopped: Failed to retrieve status
INFO ha1 Attempt 1/2 ssh pom-ha-peer pomha -l tsv status
ERROR ha1 Attempt 1/2 failed with return code 255
INFO ha1 Wait 3 sec before retry
INFO ha1 Attempt 2/2 ssh pom-ha-peer pomha -l tsv status
ERROR ha1 Attempt 2/2 failed with return code 255
After BACKUP return :
EVENT/ha2(ha-state) → HA state change BACKUP
EVENT/ha2(vrrp-state) → VRRP state change BACKUP
HA link : evolution of BACKUP status:
BACKUP/ERROR > BACKUP/BACKUP

195
 Event Expected Procedure Observations / Alerts
BACKUP reboot No switchover None idem "Sollicited BACKUP reboot, short”
Sollicited, long
BACKUP reboot No switchover None idem "Sollicited BACKUP reboot, short”
Unsollicited, short
BACKUP reboot No switchover None idem "Sollicited BACKUP reboot, short”
Unsollicited, long

SIMULTANEOUS REBOOT OF THE TWO NODES

Event Expected Procedure Observations / Alerts
MASTER + BACKUP One MASTER, None if roles While rebooting: no WUI, no monitoring
Sollicited reboot One BACKUP unchanged. After dual reboot, on WUI:
HA functional Else, switch EVENT/ha2(ha-state) → 1 x HA state change BACKUP
BACKUP and EVENT/ha1(ha-state) → 1 x HA state change MASTER
MASTER.
MASTER + BACKUP Idem Idem Idem
Unsollicited reboot

NETWORK ISSUES
Event Expected Procedure Observations / Alerts
MASTER No switchover None While MASTER down: no monitoring
Link down, short On VIP: No WUI
On BACKUP IP: no monitoring info
HA link:
HA2 in MASTER/BE-MASTER, peer : “Failed to retrieve status”
After MASTER return, on WUI:
check_ha : HA CRITICAL - [ha1] **HA=MASTER/?** **Res=OK/?**
**DRBD=WFC+UTD/?+?** Maint=OFF/?
Note: this information may not appear, as it depends on the
moment check_ha was performed.
MASTER Switchover Split-brain WUI, while HA1 down, after switchover:
Link down, long HA2 becomes solving check_ha: HA CRITICAL - [ha2] **HA=MASTER/?** **Res=OK/?**
MASTER **DRBD=WFC+UTD/?+?** Maint=OFF/?
HA link, peer section: Failed to retrieve status
EVENT/ha2(vrrp-state) → 2 x VRRP state change BACKUP
EVENT/ha2(ha-state) → 3 x HA state change MASTER
EVENT/ha1(vrrp-state) → 2 x VRRP state change MASTER
After HA1 return:
HA2 stays MASTER/MASTER (StandAlone Primary/Unknown
UpToDate/DUnknown) provides resources & VIP
HA1 becomes BACKUP/MASTER (StandAlone Primary/Unknown
UpToDate/DUnknown) and also provides resources & VIP
Impact on monitoring : many checks in error then back to OK
after a few minutes
WUI:
EVENT/ha1(split-brain) → 1 x DRBD split-brain unresolved on
drbd1
EVENT/ha2(split-brain) → 1 x DRBD split-brain unresolved on
drbd1
Check HA in error : HA CRITICAL - [ha1]
**HA=MASTER/MASTER** Res=OK/OK
**DRBD=SA+UTD/SA+UTD** Maint=OFF/OFF |
Interconnection No switchover None Idem BACKUP link down, short
Down, short

196
 4 POM INFRASTRUCTURE ADMINISTRATION
Event Expected Procedure Observations / Alerts
Interconnection Switchover Split-brain Idem MASTER link down, long
Down, long Conflict when Solving
HA1 returns
MASTER
BACKUP No switchover None While BACKUP down, on WUI:
Link down, short HA link: Failed to retrieve status
check_ha: HA CRITICAL - [ha1] **HA=MASTER/?** **Res=OK/?**
**DRBD=WFC+UTD/?+?** Maint=OFF/?
After BACKUP return:
EVENT/ha2(vrrp-state) → 3 x VRRP state change BACKUP
BACKUP No switchover None While BACKUP down, on WUI:
Link down, long check_ha: HA CRITICAL - [ha1] **HA=MASTER/?** **Res=OK/?**
**DRBD=WFC+UTD/?+?** Maint=OFF/?
HA link: Failed to retrieve status
After BACKUP return, on WUI:
check_ha: HA OK - [ha1] HA=MASTER/BACKUP Res=OK/OK
DRBD=C+UTD/C+UTD Maint=OFF/OFF
HA link:
EVENT/ha2(vrrp-state) → 3 x VRRP state change BACKUP

SYSTEM ISSUES

4.2 POM-HA (HIGH AVAILABILITY)

Event Expected Procedure Observations / Alerts
MASTER resources No switchover None Nagios service stopped
Down, short WUI Event tray frozen
HA link: Resource consistent-master nagios → FAIL
check_ha: EVENT/ha1(nagios) → 7 x Resource consistent-
master nagios FAIL
Impact: No monitoring
MASTER resources Switchover None or Nagios service stopped
Down, long Manual In WUI:
switchover EVENT/ha2(ha-state) → 1 x HA state change MASTER
EVENT/ha1(vrrp-state) → 1 x VRRP state change MASTER
EVENT/ha1(vrrp-state) → 1 x VRRP state change BACKUP
Impact: no monitoring during (validation + switchover) time.
After switchover:
EVENT/ha1(nagios) → 7 x Resource consistent-master nagios
FAIL
BACKUP resources No incidence None POM not running `mysqld start' in this context [ SKIP ]
Start attempt, normal on HA
BACKUP resources No incidence None POM not running `mysqld start' in this context [ SKIP ]
Start attempt, forced on HA

SERVER MAINTENANCE
Event Expected Procedure Observations / Alerts
Manual switchover Switchover Manual In WUI:
switchover check_ha in error: HA CRITICAL - P=MASTER/BACKUP
**R=OK/ERR** Dcs=Co/Co Dds=Up/Up Main=OFF/OFF
HA link: shows Which node is MASTER, which one is BACKUP
Intervention on Detach BACKUP maintenance pomha status shows BACKUP in maintenance mode:
BACKUP system From HA NOTICE: ha2: pomha/status: Flag maintenance ON

197
 4 POM INFRASTRUCTURE ADMINISTRATION
4.3 POM HYPERVISION

In Hypervision mode, the POM infrastructure is composed of several POM servers, called satellites
or pollers, organized around a main server, called hypervisor.
This main POM server provides the WUI (Web User Interface) but does not perform the actual
checks on monitored devices. Instead, it collects monitoring data gathered by its satellites on their
respective sites (which are usually remote LANs, e.g.: specific datacenter, region, country, etc.).
The POM hypervisor therefore performs what is called passive monitoring, whereas the
satellites/pollers perform active monitoring by directly interrogating monitored devices.

The hypervising POM server is the one that gets ‘the big picture” of the monitored infrastructure, it
is therefore the right place to create meta-indicators.
 See MONITORING ADMINISTRATION: Spreadsheet file - META

For more info on server ports and streams in a POM-Hypervision context:

 See POM SERVER ADMINISTRATION - Server Ports and Streams

4.3 POM HYPERVISION

199
4.3.1 POM HYPERVISOR AND POM SATELLITES

POM Satellites are used to monitor machines on distant networks, e.g. on a remote site's LAN.
A main POM server will then centralize data collected by the various remote POM-sats, and act as
an hypervisor.
 The configuration spreadsheet file is common to all POM servers in the infrastructure, and is
hosted by the main server.
 Registering a machine monitored in satellite mode in the spreadsheet file is done using the
SITE column of the HOSTS section
 Each POM satellite's configuration is built on the main platform then pushed to satellites via
SSH (22/TCP)
 Monitoring is performed on the local LAN by each satellite, which then sends data to the
main server via SYSLOG (601/TCP)

See figure below for the general principle of the POM-Satellite infrastructure solution:

INSTALLATION
Being a critical action, the installation of a POM server in Satellite mode is usually performed by a
POM integrator.
 Contact us for more info

200
 4 POM INFRASTRUCTURE ADMINISTRATION
4.4 POM MULTISITE

POM Multisite allows you to easily monitor a large number of sites, e.g. the many stores of a same
company.
In many companies and groups, a large number of sites will have a quite similar IT infrastructure
arrangement; the aim here is to take advantage of these similiraties to reduce the registering
process in POM to just one line per site.

4.4 POM MULTISITE

201
4.4.1 REGISTERING IN THE SPREADSHEET FILE

As with any other kind of monitored points in POM, registering sites of a multisite infrastructure is
done by simply entering the adequate data in the configuration spreadsheet file.
 See MONITORING ADMINISTRATION: Spreadsheet file

Note: It is recommended that you create a specific spreadsheet file dedicated to your multisite
infrastructure, called for example [Link].

META-INDICATORS

META section specific columns

A multisite configuration spreadsheet file should always include the declaration of a meta-
indicator for each site. This is done by using a model (see next page), with the value SITE in the
TYPE column of of a META section.
Example:

MODELS
Since, in a multisite context, host types and IP addressing architecture are often homogeneous
from one site to another, our aim is to register each site with just one line.
The pomgen tool now allows us to declare models in a HOSTS, SERVICES or META section, and
these models will be applied to each line of the corresponding SITE section.
To declare a section as a model, simply insert SITE-TEMPLATE=<model name> in its # HEADER
cell (see explicit syntax example in red in the example below). A same model name can be used at
will in several sections.
Example of model use:

In the example above, you can see the contents of the HOSTS section differ from their usual form
in the use of the model “default”, which includes variables that are defined, for each site, in a
dedicated line of the SITE section.
The “default” model defined in the HOSTS section is applied to the corresponding lines of the SITE
section by simply entering the model name in the TEMPLATE column.

Note: the TEMPLATE, SITE, ID and ADDRESS columns of the SITE section are all mandatory.

202
 4 POM INFRASTRUCTURE ADMINISTRATION
Simple variables & Loop variables
In the above example, you will also notice that 2 types of columns can be expected in a SITE
section:
 Classic columns, which are used for simple variables can be referenced in the model
by using the syntax ${COLUMN} (green arrows in our example).
 Columns with an arobase @ prefix, which are used for loop variables to repeat a same
line several times using the model. They can be referenced in the model by using the syntax
@{COLUMN} (blue arrows in our example). In the SITE section, they must contain numeric
values, which syntax is discussed on next page.
Hereafter is what the corresponding lines for “Metropolis” in our example would look like in the
HOSTS section if we didn’t use loop variables:

4.4 POM MULTISITE

Since we declared 7 cash registers in the @CHECKOUT column and 7 payment terminals in the
@EFTPOS column, the loop is performed 7 times for each device.

Variables syntax in HOSTS section

The general syntax for variables in the HOSTS section is {VARIABLE[,<option>]…}.

Note: the above syntax applies to both simple and loop variables

Available options are:

 + addition for numeric values only
 - substraction for numeric values only
 % basic formatting for integer numeric values only (using printf-style formatting). Only
the d and ld conversion specifiers, and the 0 left-padding flag may be used
 For more info on printf syntax, see this reference page

Loop variables syntax in SITE section

The general syntax for loop variables in the SITE section is <number> (<meta>).
As an iteration will be performed based on this value, <number> must be an integer.
<meta> is optional, and is used to automatically declare a meta-indicator for corresponding
devices involved in the loop. It is of the form <type>[<service>]…, where:
 <type> can be AND, OR or <wa>/<cr> (see previous example)
 <service> is replaced by PING if none is specified

203
Models and variables usage constraints
 A model (HOSTS section declared as model) must be declared before a SITE section
 POM automatically applies a type (integer, text or address) to variables, depending on their
value. To be of type integer, a string cannot begin with a leading zero 0.
 IPv4 addresses are automatically identified as address-type strings, whether they are
followed by CIDR network mask or not. If a mask is present, it is ignored, therefore no alert
will be raised if a + or – operation results in IP addresses overshooting the declared mask.
 Only one loop variable may be used per cell in the HOSTS section.

204
 4 POM INFRASTRUCTURE ADMINISTRATION
SITE SECTION SPECIFIC COLUMNS

GROUP column
The GROUP column of the SITE section allows you to gather several sites in a new group type,
msite (for multisite). The column allows multiple entries, which must be separated by a comma ,
For each group, an implicit Geographical Map is created.
 See POM WEB INTERFACE: Maps Tab - Geographical Maps
 See also MONITORING ADMINISTRATION: Spreadsheet File - SITES Section

Site coordinates
The values in LATITUDE and LONGITUDE columns will be automatically fetched by the Geocoding
service of the GoogleMaps API, based on the contents of the ADDRESS column. However, you can
choose to manually overwrite these values if you have more precise ones at your disposal.

User-created columns
As we saw with our model example, the POM administrator can, at will, create specific columns in
the SITE section, that will be usable in models as variables of the form ${<COLUMN>}.

4.4 POM MULTISITE

205
4.4.2 ON-DEMAND SITE MAPS

In a multisite context, the POM administrator must create a map model for each model declared in
the MODEL column of the SITE section. It allows POM to automatically create generic, on-demand
site maps for the Maps tab of the web interface.

Note: Since POM 5.1, meta-indicator maps are generated on demand only, due to the susbantial amount
of time required for their generation in a multisite context

 Map models are placed in the directory /etc/pom/nagvis/maps/site-templates

 Map model names must be of the form SITE_TEMPLATE_<name>.cfg, where <name>
must match the value declared in the MODEL column of the SITE section.

Hereafter is an example of map model, based on our previous example:

 The SITE section of the spreadsheet file declares the @CHECKOUT and @EFTPOS columns
 The corresponding model in the HOSTS section uses loop variables to declare two device
lots: Checkouts (cash registers) and EFTPOSs (payment terminals)
define global {
alias=Site ${SITE}, ${ID}
map_image=light_800_600.png
iconset=pom_medium
}

define textbox {
text=${SITE}
x=40
y=60
h=0
w=0
border_color=transparent
style=font-size:90px;
}

define textbox {
text=CHECKOUTS (PING services)
x=380
y=20
h=130
w=17
}

define service {
host_name=${ID}-CHECKOUT-@{CHECKOUT,%02d}
service_description=PING
x=380
y=60
}

define service {
host_name=pom-internal
service_description=META-SITE-${ID}-CHECKOUT
x=375
y=145
iconset=pom_big
label_show=1
label_text=[service_description]
label_x=-2
label_y=+35
}

define textbox {
text=EFTPOSs (hosts)
x=620
y=20

206
 4 POM INFRASTRUCTURE ADMINISTRATION
h=72
w=17
}

define host {
host_name=${ID}-EFTPOS-@{EFTPOS,%02d}
x=620
y=60
}

define service {
host_name=pom-internal
service_description=META-SITE-${ID}-EFTPOS
x=615
y=145
iconset=pom_big
label_show=1
label_text=[service_description]
label_x=-2
label_y=+35
}

Below is the resulting map in the POM web interface:

 The map model is applied to the site “Metropolis”
 The site is configured with the value 12 (10/8) for both @CHECKOUT and @EFTPOS
columns:

4.4 POM MULTISITE

 For more info on maps, see USING POM WEB INTERFACE: Maps tab

207
 5 INTEGRATION
5 INTEGRATION

209
 5.1
SYSTEMS

211
5.1 SYSTEMS 5 INTEGRATION
5.1.1 MONITORING A WINDOWS SYSTEM

SPREADSHEET FILE BASIC REQUIREMENTS:

 4 required columns: SITE, TEMPLATE, IP-ADDRESS, NAME
 Choose the adequate system type (w2003, w2008, etc.)

SERVICES AND PROCESSES

 SNMP Must be activated on target host
 See HOW-TO: SERVER ONEOFF OPERATIONS – Activating SNMP
 SERVICES column of the spreadsheet file must be filled with the display name (two
services are separated by a comma , )
 PROCESS column must be filled with results of the list-snmp-process command (two
processes are separated by a comma , )

TARGET HOST SETTINGS

SNMP
 Agent tab: select all system elements
 Security tab: Add a read-only community, authorize POM

WMI

 See HOW-TO: INTEGRATION – Setting up WMI

Logs
 Logs must be correctly set up. Requires NXLOG
 See HOW-TO: WEB INTERFACE CUSTOMIZATION – Setting up SYSLOG formatted logs
 See MONITORING ADMINISTRATION: Spreadsheet file – Logmatch section

212
 5 INTEGRATION
5.1.2 MONITORING A LINUX/UNIX SYSTEM

SPREADSHEET FILE BASIC REQUIREMENTS:

 4 required columns: SITE, TEMPLATE, IP-ADDRESS, NAME
 Choose the adequate system type (rh50, linux, etc.)

SNMP
 Must be activated on target host
 See HOW-TO: SERVER ONEOFF OPERATIONS – Activating SNMP
 PROCESS column of the spreadsheet file must be filled with results of the list-snmp-
process command (two processes are separated by a comma , )

LOGS
 Logs must be correctly set up
 See HOW-TO: WEB INTERFACE CUSTOMIZATION – Setting up SYSLOG formatted logs
 See MONITORING ADMINISTRATION: Spreadsheet file - Logmatch section

5.1 SYSTEMS

213
5.1.3 MONITORING A VIRTUALIZED INFRASTRUCTURE (VMWARE)

A VMWare infrastucture can be monitored in two main ways:

 By using a VCenter
 By indepently monitoring ESX servers.
Not only can the virtual machines' contents be monitored, but also the VMs themselves: alerts can
be set to warn in case of problems related to VMWare tools or snapshots.

VCENTER
The plugin uses HTTPS protocol to interrogate the server.
The account used for monitoring will need to be registered with read-only permission in the
VCenter interface.

Create ESX-type authentication

 See USING POM WEB INTERFACE: Configuration – Credentials

We'll assume for the following example that the created identifier is esx_cred.
We will then feed this name in the CREDENTIALS column.

Spreadsheet file example:

HOSTS section
SITE TEMPLATE DESCRIPTION IP-ADDRESS NAME ViGROUP
France w2012 Main VCenter VM-VCENTER VMWare, common

SERVICES section (the order of columns has no impact)

HOSTNAME NAME TEMPLATE CPU MEM VMFS IO CONFIG CREDENTIALS
VM-VCENTER FL1 ESX-VC esx_cred
VM-VCENTER VAL_DEF ESX-VC 75%/85% 75%/85% 75%/85%//inc=.+/exc=’ˆ$’ kernel//4/6 esx_cred
device//15/20
queue//0/0
VM-VCENTER FL2 ESX-VC 75%/85%//exc=Local|local esx_cred
VM-VCENTER FAKE ESX-VC NO-MON NO-MON */exc=.+ NO-MON esx_cred

Automatically created services: VC-CPU, VC-MEM, VC-VMFS, VC-IO, VC-Config

Virtualization context specific columns for the HOSTS section - VCenter:

COLUMN Comment
ViGROUP Optional. Virtualization group

214
 5 INTEGRATION
Remarks on the SERVICES section columns:
COLUMN Comment
HOSTNAME Required. VCenter name
NAME monitoring point prefix (if omitted, created services will bear the prefix VC- )
SERVICE Required. ESX-VC
CPU Usage percentage for the CPUs of all ESXs monitored by the VCenter. Created
service: VC-CPU
MEM Idem for RAM usage. Created service: VC-Mem
VMFS Idem for VFMS usage. Created service: VC-VMFS
IO Usage of IO (kernel, device and queue), in milliseconds. Created service: VC-IO
CONFIG Configuration info. Created service: VC-Config

ESX
To monitor an ESX, you can either:
 interrogate it directly (which requires setting up a dedicated account)
 interrogate its parent VCenter.

Direct ESX access:

5.1 SYSTEMS
 An account may be created from the VSphere client management interface. This account
must have read-only permission.
 As with the VCenter method seen earlier, the created identifier (e.g. esx_cred) will have
to be fed in the CREDENTIALS column.

Access via a VCenter:

 Credentials for the VCenter will be automatically used for the ESX once the VCenter is set as
the referent (VMANAGEMENT column of the HOSTS section in the spreadsheet file)

Spreadsheet file example:

To feed the credentials in the spreadsheet file, here again two ways are at your disposal,
depending on your chosen access method:
 Direct ESX access: The identifier created for the ESX must be filled in the
CREDENTIALS column.
 Access via a VCenter: The VCenter name is filled in the VMANAGEMENT column (see
example)

HOSTS section
SITE TEMPLATE DESCRIPTION … NAME VMANAGEMENT CREDENTIALS
France esx independent ESX [Link] esx_cred
France esx independent ESX [Link] esx_cred
France esx ESX via VCenter [Link] vm-vcenter//name=[Link]
France esx ESX default values valdef

215
 HOSTS section (continued)
… NAME CPU MEM VMFS IO NETWORK CONFIG
… [Link] NO-MON NO-MON */exc=.+ NO-MON NO-MON */exc=.+
… [Link] 80%/95% device//25/45 */exc=partition
… [Link] */exc=local|Local NO-MON
… valdef 75%/85% 75%/85% 75%/85%//inc=.+/exc=’ˆ$’ kernel//4/6 */exc=’ˆ$’
device//15/20
queue//0/0

 See HOST MONITORING TEMPLATES: ESX

Virtualization context specific columns for the HOSTS section - ESX:

COLUMN Comment
ViGROUP Optional. Virtualization group

VM
Once again, to monitor a VM, you can either directly interrogate the ESX, or access it via its parent
VCenter. In either case, the VMANAGEMENT column is used.
Spreadsheet file example:

HOSTS section
SITE TEMPLATE DESCRIPTION … NAME … HARDWARE VMANAGEMENT
France w2012 AD1 - VM / ESX VM-SRVAD01 … esx vm-esx//name=[Link]
France linux WEB1 - VM / VCenter VM-SRVWEB01 … esx vm-vcenter//name=[Link]

Important note: For a VM, the value in the NAME column must match the machine name in the VCenter
VM tree view (modifiable with a simple right-click).

Virtualization context specific columns for the HOSTS section - VM:

COLUMN Comment Syntax
ViGROUP Optional. Virtualization group text
ViTOOLS Used to deactivate ViTOOLS - See below NO-MON
ViCONFIG Used to deactivate ViCONFIG - See below NO-MON
ViCPU CPU use as percentage of total CPU allocated by Warn/Crit or Warn%/Crit%
hypervisor (e.g.: 80%/90%)
ViMEM MEMory use as percentage of total MEMory Warn/Crit or Warn%/Crit%
allocated by hypervisor (e.g.: 80%/90%)
ViIO Input-Output operations Warn/Crit
(e.g.: 1048576/2097152)
ViNETWORK Threshold for network usage per interface, Examples:
compared to total network usage allocated by vmnic2
hypervisor vmnic2/80%/90%
vmnic2/80%/90%/1G
vmnic2/80%/90%/1G/100M
vmnic2/20M/40M/50M/50M
vmnic2/20M/40M/50M
ViSNAPSHOT Threshold for snapshot age, in days Integer (e.g.: 90)
ViUPTIME Threshold for VM uptime Examples:
In seconds 600
In minutes, etc. 10m
NP stands for "Non Persistent" 10m/np
10m/NP

216
 5 INTEGRATION
DEACTIVATE MONITORING OF VITOOLS & VICONFIG
To deactivate monitoring points automatically created by adding esx in the HARDWARE column,
define the corresponding columns as NO-MON:
 NO-MON in ViTOOLS column: Stop monitoring presence and update of VMWare tools
 NO-MON in ViCONFIG column: Stop monitoring errors in VSphere for the VM

MANUAL TEST
[root@pom ~]# /opt/pom/plugins/check_vmware_api.pl -D [Link] -u vmlogin -p
’vmp@ssw0rd’ -l runtime -s listhost
runtime OK - 1/1 Hosts up: [Link](UP) | hostcount=1units;;

5.1 SYSTEMS

217
5.1.4 MONITORING A VIRTUALIZED INFRASTRUCTURE (AWS)

An AWS (Amazon Web Services) infrastucture can be monitored in POM. The same general logic as
a VMWare infrastructure applies.

HYPERVISOR / REGIONAL SERVER

The plugin uses HTTPS protocol to interrogate Amazon servers.

Create AWS-type authentication

 See USING POM WEB INTERFACE: Configuration – Credentials

We'll assume for the following example that the created identifier is cred-aws-01.
We will then feed this name in the CREDENTIALS column.

Spreadsheet file example:

HOSTS section
SITE TEMPLATE IP-ADDRESS NAME CREDENTIALS ViGROUP
AWS-EU-WEST-1 AWS [Link] AWS-EU-WEST-1 cred-aws-01 AWS

Important note: as Amazon's internal maintenance may result in a server IP address change, it is
recommended that you use a name address instead, as shown in the example above

SITES section
SITE ADDRESS GROUPS
AWS-EU-WEST-1 EU (Ireland) aws

SERVICES section (the order of columns has no impact)

HOSTNAME TEMPLATE NAME WARNING CRITICAL ALARM
AWS-EU-WEST-1 AWS-ALARM AWS-local-alarm-01 AWS-alarm-01
AWS-EU-WEST-1 AWS-BILLING 40 80

 See SERVICE MONITORING TEMPLATES: AWS-ALARM & AWS-BILLING

Virtualization context specific columns for the HOSTS section - Regional server:
COLUMN Comment
ViGROUP Optional. Virtualization group

218
 5 INTEGRATION
VM
To monitor a VM (called "instance") in an AWS context, the logic is the same as for a VMWare
infrastructure.

Spreadsheet file example:

HOSTS section
SITE TEMPLATE IP-ADDRESS NAME CREDENTIALS HARDWARE VMANAGEMENT
AWS-EU-WEST-1 linux SSH [Link] VM-01 cred-03 aws AWS-EU-WEST-1/instance="i-01234567"

Virtualization context specific columns for the HOSTS section - AWS VM:
COLUMN Comment Syntax
ViGROUP Optional. Virtualization group text
ViCPU CPU use as percentage of total CPU allocated by Warn/Crit or Warn%/Crit%
hypervisor (e.g.: 80%/90%)
ViIOPS Input-Output operations per second Warn/Crit
(e.g.: 128/256)
ViIO Input-Output operations Warn/Crit
(e.g.: 1048576/2097152)
ViNETWORK Threshold for network usage per interface, Examples:
compared to total network usage allocated by vmnic2
hypervisor vmnic2/80%/90%
vmnic2/80%/90%/1G
vmnic2/80%/90%/1G/100M

5.1 SYSTEMS
vmnic2/20M/40M/50M/50M
vmnic2/20M/40M/50M

219
221
5.2 USERS & AUTHENTICATION

5.2 USERS & AUTHENTICATION 5 INTEGRATION

5.2.1 LDAP/LDAPS/LDAPTLS AUTHENTICATION

SETTING UP LDAP PARAMETERS IN POM

LDAP server connection parameters can be set directly from POM’s web interface.
 See USING POM WEB INTERFACE: Configuration – System

ENABLING LDAPS IN ACTIVE DIRECTORY

The following instructions are based on this tutorial.

By default, Windows Active Directory servers are unsecured. All LDAP messages are unencrypted
and sent in clear text. This restricts what developers can and can't do via LDAP. For example,
password modification operations must be performed over a secure channel, such as SSL, TLS or
Kerberos.
To enable LDAP over SSL (LDAPS), you need to install an SSL certificate on the Active Directory
server. In POM, rather than buying a third-party certificate, you can create your own certificate
using the included openssl tool.

Create a Certificate Authority (CA)

Before creating your own certificate, you need to first create a Certificate Authority (CA). First, you
must create a keystore which is used to store your password.
openssl genrsa -des3 -out [Link] 4096

Create a CA certificate
In the following example, we will create a CA Certificate that is valid for 10 years:
openssl req -new -x509 -days 3650 -key [Link] -out [Link]
When generating the CA certificate, OpenSSL will prompt you for several key pieces of information.
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:New York
Locality Name (eg, city) []:New York
Organization Name (eg, company) [Internet Widgits Pty Ltd]:ACME
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:[Link]
Email Address []:info@[Link]

222
 5 INTEGRATION
Install the Certificate Authority (CA)
 1. Start>Run...>Type mmc. This will open the “Add/Remove Snap-in" dialog.
 2. Click Add... to open the "Add Standalone Snap-in" dialog.
 3. In the "Add Standalone Snap-in" dialog, select Certificates and press "Next".
 4. Select Computer account and press "Next".
 5. Select Local computer and press "Finish"
 6. Click "Close" to close the "Add Standalone Snap-in" dialog.
 7. Click "OK" to close the "Add/Remove Snap-in" dialog.
 [Link] the Certificates snap-in is open, expand the Certificates node under
"Trusted Root Certification Authorities. Rightclick on the Certificates node, select All
Tasks > Import..., and import the Certificate Authority ([Link]) previously created

5.2 USERS & AUTHENTICATION

223
Create a Certificate Signing Request (CSR)
This step can be, once again, performed with the openssl tool. However, the preferred approach
is to use Microsoft's certreq utility. The certreq utility is a command line application that takes a
*.inf file and generates a CSR. Below is an example of such an .inf file. Pay close attention to
the Subject line: It should contain the FQDN (Fully Qualified Domain Name) of the Active Directory
server.
;----------------- [Link] ------------------
[Version]
Signature="$Windows NT$"
[NewRequest]
Subject = "CN=[Link],OU=IT,DC=dc1,DC=acme,DC=com,O=ACME,L=New York,S=New
York,C=US"
;
KeySpec = 1
KeyLength = 1024
Exportable = TRUE
MachineKeySet = TRUE
SMIME = False
PrivateKeyArchive = FALSE
UserProtected = FALSE
UseExistingKeySet = FALSE
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
ProviderType = 12
RequestType = PKCS10
KeyUsage = 0xa0
[EnhancedKeyUsageExtension]
OID=[Link].[Link].1 ; this is for Server Authentication

Once you have a .inf file, generate a Certificate Signing Request (CSR) using certreq. In the
following example, [Link] is the CSR.
certreq -new [Link] [Link]

Sign the Certificate

If you are purchasing an SSL certificate, send the CSR to your vendor (e.g. Verisign) and they will
generate and sign the certificate for you.
If you have already purchased an SSL certificate, you can skip this step.
To sign your own certificate using openssl, simply enter the following:
openssl x509 -req -days 3650 -in [Link] -CA [Link] -Cakey [Link] -set_ serial 01 -out
[Link]

Accept the Certificate

This is done using the certreq utility:
certreq -accept [Link]

224
 5 INTEGRATION
Install the Certificate
You should, at this point, still have your Certificates snap-in opened. Expand the
Certificates node under "Personal". Right-click on the Certificates node, select "All Tasks" >
"Import...", and import the [Link].

5.2 USERS & AUTHENTICATION

Restart Active Directory
After installing the certificate, you must restart the domain controller. You can use Microsoft's Ldp
GUI tool to test the LDAPS connection. The default port is 389 and the SSL port is 636.

LDAP SSL/TLS & STARTTLS SUPPORT IN POM

Fetching the server’s Common Name

The hostname used to connect to the LDAP server must be the same as the Common Name of the
Active Directory server’s certificate. You can get the Common Name by connecting to the server via
the client integrated in openssl:
[root@pom-srv ~]# openssl s_client -showcerts -connect [Link]:636 < /dev/null
2>/dev/null | openssl x509 -noout -subject
subject= /C=FR/L=Paris/O=Acme/OU=MyCompany/CN=[Link]
In the above example, [Link] will then be the correct hostname to use when
setting up LDAP parameters.
If the Common Name cannot be resolved by DNS lookup, add an entry in the file /etc/hosts to
allow POM to connect to the AD server using this name. To ensure you properly added the entry,
you can use the getent tool:
[root@pom51 ~]# getent hosts [Link]
[Link] [Link]

Setting up openldap client

POM’s openldap client must be configured to trust the AD server’s certificate. To do this, declare
it as trusted peer in openldap’s NSS base:

225
[root@pom51 ~]# openssl s_client -showcerts -connect [Link]:636 < /dev/null
2>/dev/null | certutil -d /etc/openldap/certs -A -n [Link] -t P,,
Alternatively, you can use the certutil tool to make openldap trust the LDAP server’s
certification authority:
[root@pom51 ~]# certutil -d /etc/openldap/certs -A -n [Link] -i <[Link]>
-t C,,

Setting up LDAP parameters in POM web interface

For LDAP with SSL/TLS

Server connection URI ldaps://[Link]

For LDAP with STARTTLS

Server connection URI ldap://[Link]?starttls

226
 5 INTEGRATION
5.2.2 SSO VIA KERBEROS

SSO (Single Sign On) authentication via Kerberos allows a user registered in a Windows LDAP
domain to login without having to type in his credentials.

REQUIREMENTS
To use this functionality, a few packages need to be installed on your POM system:
 krb5-workstation.x86_64 (Kerberos connection client)
 mod_auth_kerb (Kerberos authentication module for Apache)
Install these packages using the usual method:
yum install krb5-workstation.x86_64 mod_auth_kerb
You must also ensure that:
 DNS resolution is active between POM and the domain controllers
 NTP synchronization is functional
 LDAP authentication is configured in POM's web interface

The files involved are:

 DNS
/etc/[Link]
NTP

5.2 USERS & AUTHENTICATION


/etc/ntp/[Link]
 Kerberos
/etc/[Link] (initial setting)
/etc/httpd/[Link] (POM server authentication key)
 Samba
/etc/samba/[Link] (registering POM server in the domain)
 Fore more info, refer to the Samba wiki online
 Apache web server
/etc/httpd/conf.d/[Link]

227
SAMBA
Samba must be configured, in order to register your POM server in the AD.
To avoid losing the config file when a Samba update overwrites it, it is good practice to rename it
and create a symbolic link.
[root@pomsrv ~]# mv -i /etc/samba/[Link] /etc/samba/[Link] && ln -si smb-
[Link] /etc/samba/[Link]

Only the [global] section needs to be altered, and the following parameters adapted:
 server string
 realm
 workgroup
 security
 netbios name
 password server

/etc/samba/[Link]

[global]
workgroup = DOM
server string = POM
security = ads

;passdb backend = tdbsam

;wins support = no
;wins proxy = no
;dns proxy = no

netbios name = mapom

realm = [Link]
password server = [Link]
domain master = no

load printers = no
printcap name = /etc/printcap
printing = bsd

nmb and smb services must be set to run on POM startup. They must also be restarted to take
changes into account.
[root@pomsrv ~]# chkconfig nmb on ; service nmb restart
[root@pomsrv ~]# chkconfig smb on ; service smb restart

Binding POM server to the domain:

[root@pomsrv ~]# net ads join -U administrator

228
 5 INTEGRATION
KERBEROS
The Kerberos configuration file must be modified:
/etc/[Link]
[logging]
default = FILE:/var/log/[Link]
kdc = FILE:/var/log/[Link]
admin_server = FILE:/var/log/[Link]

[libdefaults]
default_realm = [Link]
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true

[realms]
[Link] = {
kdc = [Link]
admin_server = [Link]
}

[domain_realm]
.[Link] = [Link]
[Link] = [Link]

Once Kerberos configuration is completed, we can then generate a Kerberos ticket.

[root@pomsrv ~]# kinit -V administrator@[Link]
Remark: administrator is the domain admin, the corresponding password will have to be entered

Important note: domain name is case-sensitive

5.2 USERS & AUTHENTICATION

Check the ticket creation with the command klist
[root@pomsrv ~]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: administrator@[Link]

Valid starting Expires Service principal

08/29/16 [Link] 08/29/16 [Link] krbtgt/[Link]@[Link]
renew until 09/05/16 [Link]

We must then create generate an authentication key for Apache:

[root@pomsrv ~]# net ads keytab add HTTP -U administrator
[root@pomsrv ~]# chmod 640 /etc/[Link] && chgrp apache /etc/[Link]

Validation
[root@pomsrv ~]# klist -k -t /etc/[Link]
Keytab name: FILE:/etc/[Link]
KVNO Timestamp Principal
---- ----------------- --------------------------------------------------------
2 08/29/16 [Link] HTTP/[Link]@[Link]
2 08/29/16 [Link] HTTP/[Link]@[Link]
2 08/29/16 [Link] HTTP/[Link]@[Link]
2 08/29/16 [Link] HTTP/[Link]@[Link]
2 08/29/16 [Link] HTTP/[Link]@[Link]
2 08/29/16 [Link] HTTP/pomsrv@[Link]
2 08/29/16 [Link] HTTP/pomsrv@[Link]
2 08/29/16 [Link] HTTP/pomsrv@[Link]
2 08/29/16 [Link] HTTP/pomsrv@[Link]
2 08/29/16 [Link] HTTP/pomsrv@[Link]

229
APACHE
The 3rd step consists in setting the web server to propagate the Kerberos authentication to the AD
server.
To do this, we need to create a specific configuration file, e.g. /etc/httpd/conf.d/000-kerb-
[Link].

/etc/httpd/conf.d/[Link]

<Location />
AuthType Kerberos
AuthName "[Link]"
KrbMethodNegotiate On
KrbMethodK5Passwd Off
KrbAuthRealms [Link] [Link]
Krb5Keytab /etc/[Link]
KrbSaveCredentials On
KrbServiceName HTTP/[Link]@[Link]

KrbLocalUserMapping On
Require valid-user
</Location>

Restart Apache service to validate new configuration:

[root@pomsrv ~]# service httpd restart

BROWSER
The last step is configuring the web browser to ensure it can connect to the server via Kerberos
authentication.

Internet Explorer:
Usually IE is already set to use SSO. If needed, you can check the authentification parameter,
and/or add POM server address as an intranet site.

230
 5 INTEGRATION
Firefox:
In the address bar, type about:config and skip the security alert
In the search field, type uris to filter entries
Double click on the entries [Link]-uris and [Link]-
[Link]-uris, give them the value [Link] and validate

Access to POM server from Firefox should now be via Kerberos

Note: when Kerberos autologin is in use, it is recommended to grant permissions only to the domain
machines or even to the sole POM server.

ALLOW SELF-REQUEST FOR POM SERVER

This little additional configuration allows POM server to perform requests on itself without
authentication in a KERBEROS context.

Create a file named /etc/httpd/conf.d/[Link] that will contain the

following configuration:

5.2 USERS & AUTHENTICATION

<Location>
AuthType Kerberos
AuthName "[Link]"
KrbMethodNegotiate On
KrbMethodK5Passwd Off
KrbAuthRealms [Link] [Link]
Krb5Keytab /etc/httpd/[Link]
KrbSaveCredentials On
KrbServiceName HTTP/[Link]@[Link]
KrbLocalUserMapping On
Require valid-user
Satisfy any
Order Allow,Deny
Allow from [Link]
</Location>

231
5.2.3 SMTP AUTHENTICATION

Your POM server can send mails with SMTP authentication.

To define SMTP authentication credentials, simply use the pomcfg tool:
pomcfg set smtp-server=<server address>:587
pomcfg set smtp-server-auth=<email address>@<domain>:<password>

232
 5 INTEGRATION
5.2.4 ADDING WEB USERS

To add web users to POM, two ways are at your disposal:

MANUALLY
 In the web interface configuration menu: Permissions section > Users
 See USING POM WEB INTERFACE: Configuration – Permissions

AUTOMATICALLY
 By logging on to POM with the AD or LDAP credentials.
The default profile is allocated to any new user. The POM administrator will need to assign another
profile to suit the needs of any non-regular user.
 See USING POM WEB INTERFACE: Configuration – System

5.2 USERS & AUTHENTICATION

233
5.2.5 PASSWORDS

CHANGING PASSWORDS
As on the vast majority of UNIX systems, changing passwords in POM is done using the command
passwd.
For the admin password, POM MonitoringTM specifically developed the admin-chpwd command.
It updates credentials for all accesses of the admin account on POM:
[root@pom-mon ~]# admin-chpwd
New password:
Retype new password:
Changing password for user admin.
passwd: all authentication tokens updated successfully.

Note: the command admin-chpwd may be executed as either admin or root.

PASSWORD ENCRYPTION
By default in POM, when a particular plugin or template requires authentication, one may directly
register passwords, in clear text, in the spreadsheet file. This poses an obvious security issue.
A first good method to avoid this issue is the use of credentials.
 For more info on credentials, see WEB INTERFACE CONFIGURATION: Credentials
In addition to the use of credentials, and since POM v5.2, you can now encrypt your passwords
using the pompwd tool. An encrypted password generates a reference of the form XXXXYYYY,
which can then be used by the plugin.
At the moment, only the following tools allow the use of pompwd :
 snmpget
 snmpwalk
 snmpbulkwalk
 snmpset
 smbclient
 winexe
 wmic
 curl
 check_vmware_api.pl (community plugin)
In the short to medium term, we plan to implement this new feature for all available plugins.
Encrypted data will then feature a lock icon in POM Web Interface.

The encrypted passwords are generated when the service starts, using a primary key passphrase:
# /etc/init.d/pompwd start
Passphrase: ********
Confirm Passphrase: *******

234
 5 INTEGRATION
5.2.6 AUTOLOGIN

When entering the POM web interface, you systematically have to go through the authentication
page.
This step ensures that only registered users will be granted access to the interface, but may not be
advisable if you want to present POM elements (e.g. maps or dashboards) over the company's
intranet.

The following procedures allow you to go around the authentication step in certain conditions,
inorder to integrate various POM features in an iframe or other web presentations without having
to use POM credentials.

The general principle of autologin relies on authentication by REMOTE_USER environment.

Another aspect of autologin may involve SSO (Single Sign-On) via Kerberos.
 See USERS & AUTHENTICATION: SSO via Kerberos

AUTHENTICATION BASED ON SERVER PORT

This method is well adapted to cases where you need to display POM features on a content server

5.2 USERS & AUTHENTICATION

or over an intranet (e.g. to include a POM map on a Sharepoint portal).

Create a profile dedicated to this access method

The profile will be granted no action at all, but will be able to visualize a map, a dashboard, etc.
As an example we can use the public profile and a special user named anonymous.

Configure Apache server

We then set POM Apache server to listen on a port dedicated to this autologin public profile.
In the following example, we'll use port 8080 and the module mod_setenvif to set REMOTE_USER.
Create a dedicated configuration file:
cat <<EOF >/etc/httpd/conf.d/[Link]
Listen 8080
RewriteEngine on
RewriteCond %{SERVER_PORT} =8080
RewriteRule ^/ - [E=REMOTE_USER:anonymous]
EOF

Restart Apache server to validate changes to configuration.

service httpd restart

235
 Create a dedicated DNS entry to access POM server via autologin
E.g.: if we create the entry pom-public and the domain name is my-company, then access to POM
with autologin will be via the URL
[Link] .
If we wish to include the map named Network in the Web portal, the URL to use when setting the
iframe will be:
[Link]
js/[Link]?mod=Map&act=view&show=Network

Resorting to a specific DNS entry provides flexibility compared to the case where we omit it:
Without a specific DNS entry, upon visualazing the portal page that features the POM iframe, we
get a session cookie for the whole host, e.g. [Link].
If we then decide to go to [Link] to login as admin, the cookie kicks in and
we have to disconnect prior to accessing the authentication page.

AUTHENTICATION BASED ON SOURCE IP ADDRESS

This method is well adpated to monitoring screens.
The IP address used may be the host to which the screen is connected.
Note: if the host gets its IP dynamically, you will have to switch to a static IP address and plan a
dedicated address range in the DHCP settings.

Example:
We want to allow access via autologin for the host [Link] as user monitoring. This user
must be declared in the POM config.

Create and edit an Apache configuration file

e.g. /etc/httpd/conf.d/[Link]
cat <<EOF >/etc/httpd/conf.d/[Link]
<Location />
SetEnvIf Remote_Addr ^192\.168\.57\.12$ REMOTE_USER=monitoring
</Location>
EOF

Then restart Apache server

service httpd restart

Remark: in case we want to login as a user other than REMOTE_USER from this host, we need to
use a particular URL:
[Link] (where [Link] is POM
server's IP address)

236
237
5.3 HOW-TO: INTEGRATION

5.3 HOW-TO: INTEGRATION 5 INTEGRATION

5.3.1 SETTING UP WMI

How to set up Windows Management Instrumentation (WMI):

CREATE A DOMAIN USER

On your Active Directory domain controller, create a domain user (e.g: domain\pom-acme) dedicated
to monitoring.

ACTIVATE ''WINDOWS MANAGEMENT INSTRUMENTATION'' SERVICE

Run [Link] and set WMI (Windows Management Instrumentation)

ADD USER TO LOCAL GROUP

Add the monitoring domain user to the computer's local group Performance Monitor Users

To be able to monitor Windows services status, you must add the wmi user to Administators group.

238
 5 INTEGRATION
DCOM SECURITY CONFIGURATION

Run [Link]
Run Start > Run > [Link]

Open DCOM Properties

Right click on My Computer and select Properties.

5.3 HOW-TO: INTEGRATION

239
Edit Limits...
Select COM Security Tab, and next choose Edit Limits… from the Launch Activation Permissions
section.

Enable remote permissions

Only Remote Launch and Remote Activation need to be enabled for WMI monitoring.

240
 5 INTEGRATION
SET WMI SECURITY CONFIGURATION

Run [Link]
Run Start > Run > [Link]

Open WMI Properties

Right click on WMI Control and select Properties.

5.3 HOW-TO: INTEGRATION

241
 Open Security settings
In Security tab, develop the Root node, select CIMV2 and click on Security.

Set user rights

Add the domain user and allow only Enable Account and Remote enable.

TEST IF EVERYTHING IS OK
From your POM server, run this command from a shell :
wmic \
--user='login' \
--password='password' \
--workgroup='domain' \
--namespace='root\CIMV2' \
//[Link] \
"SELECT * FROM Win32_LogicalDisk" ; echo $?
The output should look like the block below:

242
 5 INTEGRATION
Access|Availability|BlockSize|Caption|Compressed|ConfigManagerErrorCode|ConfigManagerUse
rConfig|CreationClassName|Description|DeviceID|DriveType|ErrorCleared|ErrorDescription|E
rrorMethodology|FileSystem|FreeSpace|InstallDate|LastErrorCode|MaximumComponentLength|Me
diaType|Name|NumberOfBlocks|PNPDeviceID|PowerManagementCapabilities|PowerManagementSuppo
rted|ProviderName|Purpose|QuotasDisabled|QuotasIncomplete|QuotasRebuilding|Size|Status|S
tatusInfo|SupportsDiskQuotas|SupportsFileBasedCompression|SystemCreationClassName|System
Name|VolumeDirty|VolumeName|VolumeSerialNumber
0|0|0|A:|False|0|False|Win32_LogicalDisk|3 1/2 Inch Floppy
Drive|A:|2|False|(null)|(null)|(null)|0|(null)|0|0|5|A:|0|(null)|NULL|False|(null)|(null
)|False|False|False|0|(null)|0|False|False|Win32_ComputerSystem|XCHANGE2|False|(null)|(n
ull)
0|0|0|C:|False|0|False|Win32_LogicalDisk|Local Fixed
Disk|C:|3|False|(null)|(null)|NTFS|18712121344|(null)|0|255|12|C:|0|(null)|NULL|False|(n
ull)|(null)|False|False|False|68349325312|(null)|0|False|True|Win32_ComputerSystem|XCHAN
GE2|False||38074507
1|0|0|D:|False|0|False|Win32_LogicalDisk|CD-ROM
Disc|D:|5|False|(null)|(null)|UDF|0|(null)|0|254|11|D:|0|(null)|NULL|False|(null)|(null)
|False|False|False|3618824192|(null)|0|False|False|Win32_ComputerSystem|XCHANGE2|False|E
XCHSRV2013|B5E4C9A6
0

TROUBLESHOOTING

WMI client (wmic) is missing

 Contact POM MonitoringTM support.

WMI query timeout

If the output looks like this:
[librpc/rpc/dcerpc_connect.[Link]rpc_pipe_connect_b_recv()] failed NT status

5.3 HOW-TO: INTEGRATION

(c00000b5) in dcerpc_pipe_connect_b_recv
[wmi/wmic.[Link]main()] ERROR: Login to remote object.
NTSTATUS: NT_STATUS_IO_TIMEOUT - NT_STATUS_IO_TIMEOUT
1
Make sure your firewall rules allow WMI protocol on this server.

Host seems unreachable

If the output looks like this:
[librpc/rpc/dcerpc_connect.[Link]rpc_pipe_connect_ncacn_ip_tcp_recv()] failed NT
status (c000023d) in dcerpc_pipe_connect_ncacn_ip_tcp_recv
[librpc/rpc/dcerpc_connect.[Link]rpc_pipe_connect_b_recv()] failed NT status
(c000023d) in dcerpc_pipe_connect_b_recv
[wmi/wmic.[Link]main()] ERROR: Login to remote object.
NTSTATUS: NT_STATUS_HOST_UNREACHABLE - NT_STATUS_HOST_UNREACHABLE
1
Then make sure you entered the right IP address.

243
5.3.2 CHANGING POM USER LANGUAGE ON AN IBM AS/400

In order to simplify the use of POM with an IBM AS/400 system, you may want to change the
language of the POM user to English on you AS/400.
This is done by the Change System Library List (CHGSYSLIBL) command, assuming superuser
privileges:
CHGSYSLIBL LIB(QSYS2924) OPTION(*ADD)
Where QSYS2924 is the specific library for English.
This command simply adds English at the top of the system’s language list.

244
 6 MONITORING ADMINISTRATION
6 MONITORING
ADMINISTRATION

245
 6.1
SPREADSHEET FILE

247
6.1 SPREADSHEET FILE 6 MONITORING ADMINISTRATION
6.1.1 FORMATTING & PROCESSING RULES

There are several important points worth noting regarding the spreadsheet file.
 The supported file format is “Microsoft Excel 97/2000/XP/2003” (with the .xls extension),
available through most open-source (e.g., LibreOffice) and proprietary (e.g., Excel)
spreadsheet programs.
 Files are placed in the /home/admin/incoming/ folder on the POM server.
 The file name uses the format plan-*.xls. It is highly recommended to limit which
characters can be used in the file name:
- letters from a to z and A to Z (case sensitive on UNIX)
- numbers from 1 to 9
- a few punctuation characters: ., - and _
 Each individual spreadsheet file must not exceed 32765 lines (all worksheets included).
However, the total amount of lines in all spreadsheet files combined can exceed 32765
lines.
 The POM global configuration can be applied to multiple spreadsheet files. The order in
which data is processed by POM is important, as it has a direct impact on the consistency of
the generated configuration. Declaring an application (service) requires a machine (host) to
be declared. This means that the machine needs to be registered before its applications.
Spreadsheet files and their content are processed in the following order:
- If several plan-*.xls files are found, they are read in lexicographic order
(i.e., as they are listed using the ls command)
- For each file found, the worksheets (or tabs) are read from left to right
- For each worksheet found, the rows are read from top to bottom
 Modifying a single spreadsheet file will cause all files to be reprocessed

Processing order of spreadsheet files

248
 6 MONITORING ADMINISTRATION
6.1.2 STRUCTURE OF A SPREADSHEET FILE

The files provided in POM by default are arranged in worksheets: (HOSTS, SERVICES, PORTS, META,
LOGMATCH and RETENTION). POM MonitoringTM set up the files this way because it works in most
cases. But we will see that this is not the only way to organize data.
What's important in these files is not the worksheet names, but rather the names of the sections
declared inside each worksheet. Each section declares a record type that will be translated into one
or more configuration elements, regardless of the name of the worksheet it is in.
A section is defined by the name of the cell in column 1, which must follow the format:
# HEADER <type>, where <type> may be:

HOSTS
Registering the monitored devices (host) and a set of monitoring points (service)

 See HOSTS Section

SERVICES
Registrering specific monitoring points

 See SERVICES Section

SITES
Defining sites in detail, in a Geographical Map and in a multisite context

 See SITES Section

6.1 SPREADSHEET FILE

META
Definition of availability oriented indicators, linking monitoring points with logical operators

 See META Section

APPLIPERF
Definition of performance oriented indicators, comparing monitoring points response values and their
response reference value

 See APPLIPERF Section

LOGMATCH
Definition of log message matching rules in order to alert as soon as they arrive

 See LOGMATCH Section

RETENTION
Definition of log retention rules

 See RETENTION Section

249
Cells to the right of this first cell represent the name of a parameter that may or may not be used
during configuration.
Whether you choose to create worksheets within each file or have multiple files is purely a method
of organizing data. You may therefore organize your worksheets and files in whatever way suits
your needs.

Generally, multiple files are used when there are several people working on different sets of data.
The network administrator typically manages the plan-01_network.xls file and the system
administrator manages the plan-02_server.xls file so that changes made by one person don't
overwrite the other's work.
If there is no risk of overwriting data but you still want to clearly keep the types of hosts separate,
all you might need is one NETWORK worksheet and one HOSTS worksheet, each containing a
HOSTS section within the same [Link] file.

On the other extreme, you could put all of the POM configuration data into a single spreadsheet
file, containing only one worksheet, and sections listed one after the other, or instead create a
separate spreadsheet file for each section. So, there are no technical requirements for how to
organize the data.
It is usually good practice to set up the number of files, worksheets, and which sections to include
based on the company's organizational structure. Some companies prefer to create a separate
spreadsheet file for each IT Team (plan-01_network.xls, plan-02_server.xls, etc.), while others
prefer to use a geographical approach (plan-01_hq.xls, plan-02_province.xls, plan-03_europe.xls).

250
 6 MONITORING ADMINISTRATION
6.1.3 GLOBAL SETTINGS IN A SECTION

Since POM version 3.1, you can define the default value for cells within a column. To do this,
indicate the name of the column and the default value for the cell that defines a section.

Example 1:
Say you want to monitor a web server farm and avoid duplicating information that all of these
servers share, such as the group they are affiliated with, or processes related to web server
functionality. You can create a specific section for these hosts and specify default values for
GROUP and PROCESS columns.

Note: you can even delete both of these columns from the section if the values for all of the hosts are
identical.

All of the hosts declared in the section will have the following in common:
 they belong to the WEB group
 the httpd, jboss and mysql processes will be monitored
 all of the hosts will be monitored to determine when port 80 opens
The syntax to use for the cell # HEADER HOSTS will be:
# HEADER HOSTS ADM=80 GROUP=WEB PROCESS=httpd,jboss,mysql

Example 2:
Now, say you want to monitor a large number of core network ports. Because there are 512 ports,

6.1 SPREADSHEET FILE

you can avoid wasting time copying and pasting and simplify the section layout by defining default
values for the HOSTNAME, TEMPLATE, and THRESHOLD columns.
All of the services declared in the section will have the following in common:
 the HOSTNAME will be the core network name as defined in the HOSTS section (coresw)
 the TEMPLATE will be NETWORK
 the default thresholds (THRESHOLD for this template) will be 80%/90%/100M
The syntax to use for the cell # HEADER SERVICES will be:
# HEADER SERVICES HOSTNAME=coresw TEMPLATE=NETWORK THRESHOLD=80%/90%/100M

251
6.1.4 OBJECT DEFINITION COMMANDS

ADDING OBJECT DEFINITION COMMANDS TO THE SPREADSHEET FILE

Since POM version 3.1, you can insert an object definition command in a HOSTS section or a
SERVICES section.
To do this, create a column using the name of the command you want to define as the column
name, preceded by the + sign, and enter the value in the desired row.

Example:
The network load of a device being monitored exceeds the CRITICAL threshold on a regular basis,
but operating staff does not consider it to be critical (there are occasional large file transfers), as
long as it does not last longer than 15 minutes.
A simple solution to this problem is to adjust the value of the retry_interval Nagios
command, which determines the interval between checks when the monitoring point is in a SOFT
state

By setting this value to 3 (minutes), there will be 5 checks over a span of 15 minutes, which is the
amount of time the monitored network link is allowed to be under a full load.
# HEADER HOSTS SITE TEMPLATE DESCRIPTION IP-ADDRESS NAME
France ip main router [Link] router1

# HEADER SERVICES HOSTNAME NAME TEMPLATE PORT THRESHOLD +retry_interval

router1 EXT-LINK NETWORK wan_0 97%/99%/20M 3

 See the full list of possible Object Definition Commands

For two common commands among this list, you can even use dedicated columns:
 a CI column stands as an alias for the command +check_interval
 a NE column stands as an alias for the command +notifications_enabled

CASCADING OBJECT DEFINITION COMMANDS

When using object definition commands in a HOSTS section, you can cascade the properties they
define to the related services. By default, if cascading is not enabled, object definition commands
will apply only to the host.
To define which object definition commands cascade from the host to its services, edit the file
/etc/pom/gen/[Link] at the following entry (you will find it near the end of file):
# Host properties to cascade to services if not already present
# HOST_CASCADE=( notification_interval
# notification_period
# check_period )
As you see above, the commands +notification_interval, +notification_period and
+check_period are cascaded by default

252
 6 MONITORING ADMINISTRATION
6.1.5 HOSTS SECTION

LIST OF COLUMNS
The HOSTS section is used to define a host's parameters based on its type.
HOSTS
Switch # HEADER HOSTS (alias HOST, SERVERS, SRV)

Field Description Required

SITE (alias LOCATION) Site identification, triggers a group to be created no
TEMPLATE (alias TYPE) Device type, triggers a group to be created See List of yes
host templates
DESCRIPTION Device description, only provides information in the no
spreadsheet since it is not used in the POM
configuration
IP (alias IP-ADDRESS, IP address of the device yes
ADDRESS, IPADDR)
SECONDARY Secondary IP addresses for the device. no
Syntax: IP1 [, IP2]…
TIMEZONE Host timezone. Syntax: <REGION>/<CITY> (see notes) no
NAME (alias HOSTNAME, Device name, usually the DNS name yes
HOST)
ALIAS Another name for the device, allowing you to correlate no
the name of the host shown in the logs with the name
declared in POM Essential if the two names are not
exactly the same
GROUP (alias GROUPS, Name(s) given to a logical grouping of hosts, with no
HOSTGROUP, multiple groups separated by a comma

6.1 SPREADSHEET FILE

HOSTGROUPS)
EVENT Disable log alerts for the device by entering NO-MON no
in this column
DEPEND (alias PARENT, List of devices that this host is dependent upon. Used no
PARENTS) to limit the number of alerts in case a “parent” device
goes down. It is also used to generate automaps.
Multiple parents are separated by a comma.
CREDENTIALS (alias Credential created in the WUI configuration wizard. no
CREDENTIAL) Credentials can be combined if separated by a comma
, but you can only use one credential per type
NETWORK Threshold for the network interfaces of the device no
SW:PORT Port(s) on which the device is connected no
CPU CPU load threshold no
MEM Memory threshold, directly linked to the SWAP column no
SWAP Swap size threshold no
DISK Disk space threshold no
UPTIME Alert threshold on reboot no
NB-PROCESS Threshold for the number of concurrent processes no
running on the machine
PROCESS For monitoring the active processes on the machine. no
Multiple processes are separated by a comma.
PING Network latency threshold no

253
 Field Description Required
SERVICES List of Windows startup services to monitor on the no
device. Multiple services are separated by a comma
ADM For monitoring one or more administration ports on the no
device Multiple ports are separated by a comma If a
new port is entered, it is added to the port defined by
default (based on type)
TCP For monitoring TCP ports Same as ADM but no default no
value is defined based on type
NOTIFICATION-PERIOD Period during which alerts can be sent no
HARDWARE Hardware the monitored system is installed on no
Currently: ESX, HP, Dell, aws
VMANAGEMENT Refers to the top-level entity for monitoring VMware no
(vCenter or ESX)
CI Value of the check_interval in minutes no
NE Value of the notifications_enabled boolean no
PROCEDURE Link to adequate procedure no
SATELLITE Hostname of the depending satellite (the satellite's line no
must be registered before the poller's line)

REMARKS
Some specifics regarding the format of these values are noted hereafter:
 The nomon (or no-mon) value can be used to disable monitoring of the indicator when the
type requires it or when monitoring is not possible or desired
 Some columns do not have a default value:
ALIAS
GROUP
DEPEND
SW:PORT
PROCESS
SERVICES
HARDWARE
VMANAGEMENT
HANDLER
 If the value of the IP column is not defined, the IP address is resolved based on the value
entered in the NAME field (through a DNS request)
 If a value is entered in the SECONDARY column, a service PING-<ip> is automatically
created on the host. All thresholds set in the PING column will then apply to all the
secondary PING-<ip>. However, they will have no effect on thresholds defined in the
SERVICES section if a PING service template is defined in it.
 If the value of the NAME column is not defined, the name is resolved based on the IP address
entered (through a DNS request)
 In the PROCEDURE column, you can enter the adequate procedure itself (dokuwiki syntax
applies), or an URL that will link to a detailed procedure (e.g. a wiki page) using either a
url-encode syntax (e.g. replace spaces with %20) or the syntax [[url|link name]].
Thresholds can be set as WARNING/CRITICAL. If several indicators are monitored simultaneously
(e.g., CPU, DISK), the threshold for each indicator are separated by spaces, and the default threshold
is identified by an asterisk *.
 For detailed examples, see FROM PLUGINS TO TEMPLATES: Host Templates

254
 6 MONITORING ADMINISTRATION
On Windows hosts, VMEM can stand for both Windows virtual memory, and the memory allocated
by a hypervisor. To avoid conflict, you must use only the MEM field, which will create both the
classic MEM indicator and the Windows-specific VMEM indicator.

The NOTIFICATION-PERIOD field may either define a period or indicate the name of a time-period
defined in the web interface.
 See USING POM WEB INTERFACE: Configuration – Periods
Defining notification periods in the web interface offers all the capabilities of time-periods,
whereas defining them in the spreadsheet file is a bit more limited in the sense that you can only
specify hours for one group each day. For more complex notification periods, you will need to
define them in the web interface and then process them in the spreadsheet file.
The format of the notification-period field is as follows:
<ddd>-<ddd> <hh:mm>-<hh:mm> [<hh:mm>-<hh:mm> .. <hh:mm>-<hh:mm>]
<ddd>-<ddd> indicates a range of 1 to 7 days: mon, tue, wed, thu, fri, sat, sun (Example: mon-
fri)
<hh:mm>-<hh:mm> indicates a range of hours (Example: 07:30-18:30)
You can therefore have several time periods defined on the same range of days.
To exclude a time-period, you have to define its “complement” on one day.
Example: to exclude the time-period from 0:49 to 0:58 :
 mon-sun 0:58-0:49 WRONG – will not work since the period falls in two days
 mon-sun 0:00-0:49 0:58-24:00 CORRECT
To deactivate notifications, simply use the standard never time-period.

The TIMEZONE field allows you to get correct alert times when a host is located in a different

6.1 SPREADSHEET FILE

timezone than yours. The required format is <REGION>/<CITY>, and the full list of available
values can be viewed, sorted by region directories, at: /usr/share/zoneinfo/posix.
This full list is also found in the drop-down box when setting a user’s timezone in the WUI.
 See USING POM WEB INTERFACE: Configuration – Users
POM will automatically adjust timeperiods when a timezone is set, especially in the case where a
period falls in two consecutive days as a result of timezone modification.
Example:
If timezone is set for a city that has a +1h difference,
08:00-24:00
will become
09:00-24:00
00:00-01:00

VIRTUALIZATION CONTEXT SPECIFIC COLUMNS

In a virtualization context, some specific columns can be used in a HOSTS section.
 See INTEGRATION: Monitoring a Virtualized Infrastructure

255
6.1.6 SERVICES SECTION

The SERVICES header is used to create a section for defining applications.

This type of section adds a specific service (or combination of services) to a host declared in the
HOSTS section.
The definitions in these columns are more flexible because the application parameters are
dependent on the applications themselves.

LIST OF COLUMNS
SERVICES
Switch # HEADER SERVICES (alias SERVICE, APPLI,
APPLICATION, APPLICATIONS)

Field Description Required

HOSTNAME (alias HOST) Host affiliated with this application ( NAME yes
column in a HOSTS section)
NAME Name of the service as it will appear on the yes
Events tab in the UI
TEMPLATE Name of the template (set of POM yes/no
indicators). Used exclusively with CC.
CC (alias CHECK-COMMAND) Name of the check command to execute. yes/no
Used exclusively with TEMPLATE.
DESCRIPTION Information about the application being no
monitored
CI (alias CHECK-INTERVAL) Value of the check_interval in minutes no
NE (alias NOTIFICATIONS-ENABLED) Value of the notifications_enabled no
boolean
<field> Service or command parameters; depends on n/a
the TEMPLATE or CC columns
Other columns are used for the application parameters or to define the TEMPLATE.
 For more info, see FROM PLUGINS TO TEMPLATES
In the particular case of a template that requires authentication, you can choose between two
methods:
 Use USER and PASSWORD columns
 (RECOMMENDED) Use a CREDENTIALS (alias CREDENTIAL) column, where you set
the credential created in the WUI configuration wizard. In this field, credentials can be
combined (separated by a comma , ), but you can only set one credential per type
 For more info, see USING POM WEB INTERFACE: Configuration – Credentials
The list of arguments that can be used for a CC is the list of commands available in the web
interface (Configuration > Objects > Commands).
 See FROM PLUGINS TO TEMPLATES: Check Commands

256
 6 MONITORING ADMINISTRATION
6.1.7 SITES SECTION

A SITES section can be used either to give detailed coordinates of a site previously registered in a
SITE column of a HOSTS section, or to define components of sites in a multisite environment

LIST OF COLUMNS
SITES
Switch # HEADER SITES (alias SITE)

Field Description Required

SITE (alias NAME) Name of the SITE yes
ID Shortened name of the site no
ADDRESS Postal address (used by GoogleMaps API) yes/no
LATITUDE Latitude, in geocode format (used by GoogleMaps API) yes/no
LONGITUDE Longitude, in geocode format (used by GoogleMaps API) yes/no
TEMPLATE "default" yes/no
NETWORK Network (CIDR formatted) for hosts in the site yes/no
GROUPS Group (used to create Geographical Maps) yes/no
@XXX Custom column in a syntax using models no

Important Note: LATITUDE and LONGITUDE columns have priority over the ADDRESS column

For further information and examples of the syntax used:

 See POM-MULTISITE

6.1 SPREADSHEET FILE

 See also POM WEB INTERFACE: Maps Tab - Geographical Maps

The default spreadsheet file provided with POM also features examples of use in context.

257
6.1.8 META SECTION

METAs (for meta-indicators) are used to monitor the availability of core business applications.

LIST OF COLUMNS
META
Switch # HEADER META

Field Description Required

NAME Name of the META yes
TYPE Relation type (OR, AND, NOR, NAND, XOR, NXOR, APP) no
COMPONENTS META components no
MAP Automatically generates an application graph (yes/no) no

The idea behind a META is to be able to monitor a group of services that make up the components
of a particular application. These components are linked by logical operators to create a new
component. The new component will become a new monitoring point.
Several types of Boolean logical operators can be used:
 OR returns an OK state if only one of its components is OK
 AND returns an OK state if all its components are OK
 NOR (NOT OR) becomes CRITICAL if only one of its components is OK
 NAND (NOT AND) becomes CRITICAL if all components are OK
 XOR returns a CRITICAL state if all components are OK or all components are CRITICAL
 NXOR (NOT XOR) returns a CRITICAL state if all components ar not in a same state (OK or
CRITICAL)
 APP is a variant of the AND META, dedicated to high-value applications. It works exactly like
an AND operator, but helps you quickly distinguish an important application from other
METAs of lesser importance in your architecture.
A NAND or NOR operator can be used as a NOT operator if it has only one component.

Important note: it is recommended not to exceed 40 components in a META. Higher numbers will
possibly impede computation times.

<wa>/<cr> syntax
You can now configure a new type of meta-indicator in the TYPE column of a META section, using
the threshold syntax <wa>/<cr>.
 If only <wa> components of the site are in OK state, the meta switches to WARNING state
 If only <cr> components are OK, the meta switches to CRITICAL state
 An UNKNOWN state can then only appear in the event of an internal error.
Examples:
6/4: My store is equipped with 8 cash registers. If only 6 are functional, the meta goes to
WARNING state. When only 4 are OK, it goes to CRITICAL.

258
 6 MONITORING ADMINISTRATION
5/3: Monitoring requests on this specific site are dispatched to 7 servers. If 6 or 7 servers are OK,
the meta is in OK state. It goes to WARNING if only 4 or 5 servers remain functional, CRITICAL if 3
or less servers are functional.

The meta-indicators created with this syntax will feature icons of this form
 For more info on meta-indicators, see MONITORING ADMINISTRATION: Spreadsheet file – META

In a Multisite context, META definition can involve a particular syntax.

 For more info, see POM-MULTISITE

6.1 SPREADSHEET FILE

259
Example:
Let’s take, for example, an email application for which you want to monitor the overall state of
operation. The mail architecture is composed of the following elements :
 Two redundant Exchange mail servers (pa-mail-sto1 and pa-mail-sto2)
 One Exchange web server for thin client usage (pa-mail-access)
 Two redundant relay servers for incoming mail (pa-mail-relay-in1 and pa-mail-relay-in2)
 Two redundant relay servers for outgoing mail (pa-mail-relay-out1 and pa-mail-relay-out2)
 One remote access server (pa-rt-ipub)
Let’s identify the email services running on these servers:
 On pa-mail-sto{1|2}, if the store{1|2}.exe process is running, the service is being delivered
 On pa-mail-access, we want to be sure that we can connect to [Link] and
that the SMTP and IMAP ports are available
 On pa-mail-relay-in{1|2}, if the exim-in{1|2} process is running, the service is being
delivered
 On pa-mail-relay-out{1|2}, if the exim-out{1|2} process is running, the service is being
delivered
 If the pa-rt-ipub server answers to ping requests, we consider it to be a sufficient validation

From this analysis, we can divide our mail service into 4 basic blocks:

Mail-Store
([Link] on pa-mail-sto1) OR ([Link] on pa-mail-sto2)

Mail-Access
(web access) AND (SMTP port) AND (IMAP port on pa-mail-access)

Relay-IN
(exim-in1 on pa-mail-relay-in1) OR (exim-in2 on pa-mail-relay-in2)

Relay-OUT
(exim-out1 on pa-mail-relay-out1) OR (exim-out2 on pa-mail-relay-out2)

We can also link (Mail-Store) AND (Mail-Access), since they both are an “Exchange” type.

One last connection needs to be established to define the email application we want to monitor.
For the email application to be functional, all of the previous elements must be functional,
including the pa-rt-ipub server. So there is an AND link between each of them, which lets us
describe the email application as such:

Mail
(Mail-Store) AND (Mail-Access) AND (Relay-IN) AND (Relay-OUT) AND (pa-rt-ipub ICMP response)

260
 6 MONITORING ADMINISTRATION
Once the previous steps have been completed, filling out the spreadsheet file is easy.
Here's the example we used to monitor the availability of the “Mail” application:

There are several points worth noting:

 In order for a service to be used as a component, a META must be declared. This means that
the order of the rows in which they are declared is important. For instance, we could not
have used the ‘Mail-Store” and “Mail-Access” METAs as components of the “Exchange”
META if we had not declared them in the two previous rows.
 The “COMPONENTS” field of the “Mail-Access” record is empty. This means that the
monitoring points for this record are defined elsewhere, in this case, in the “SERVICES”
worksheet
 Registering a Windows service or process requires the following format: <server>:SVC-
<service> where SVC-<service> refers to the service or process as generated by POM. You
can therefore make things easier and avoid data entry errors by copying and pasting this
name directly from the “Events” tab in the web interface.
 Multiple components are separated by a comma (“COMPONENTS” column)
The created links will then be represented as a graph (more precisely, a tree). The top of the tree
represents the application monitored by the interconnected components.
If the 'MAP’ field has the value of 'yes’, the graph is generated in the form of a map whose icon

6.1 SPREADSHEET FILE

appears in the 'Maps’ tab of the POM web interface.

META - Graphical representation. Each sub-tree represents a META:

The components can be green (OK state) or red (CRITICAL state).

261
Some nodes in the tree feature a blue + sign . Clicking on such a node will display the
corresponding sub-tree:

262
 6 MONITORING ADMINISTRATION
RENDERING MODES
The rendering mode is filled in the MAP column of the spreadsheet file.
Rendering mode syntax is of the form KEY//MODE=VALUE.

Available keys are:

 TB (Top to Bottom). The tree is represented from top to bottom, with root element on top.
This mode is used mainly on METAs with a low number of elements, as it can quickly
become too large.
 LR (Left to Right). The tree is represented from left to right, with root element on the left.
This mode is well adapted to METAs with a high number of sub-elements.
 NT (Neato / Network). The tree is represented with root element at the center, and branches
spreading around it. This mode is handy for highly loaded sub-trees.

The following table lists available parameters that can be applied to keys in order to adapt their
appearance.
PARAMETER VALUE Comment Syntax example
maxdepth [1,n] Integer. Sets the tree max depth. E.g.: 2 will LR//maxdepth=3
only display the core and elements of the
next rank
maxchild [1,n] Integer. Sets the maximum number of child TB//maxchild=10
nodes to display, regardless of their rank
size 24 Sets icon size LR//size=32
32
overlap true Sets how overlapping is managed. true TB//overlap=false
false enables overlapping, while false prevents it

6.1 SPREADSHEET FILE

voronoi
scalexy
compress
prism
nodesep [0.001,[Link]] Floating decimal. Sets distance (in inches) TB//nodesep=0.5
between two nodes of the same rank.
Default value is 0.1
ranksep [0.001,[Link]] Floating decimal. Sets distance (in inches) LR//ranksep=0.8
between two ranks. Default value is 0.4
headport n Cardinal point where the spline to the next NT//headport=c
ne node must be anchored. Note: this mode is
e not normally used.
se
s
sw
w
nw
c
_

263
PARAMETER VALUE Comment Syntax example
tailport n Cardinal point where the spline to the NT//tailport=c
ne previous node must be anchored. Note: this
e mode is not normally used.
se
s
sw
w
nw
c
_
splines true Sets appearance of the splines. Curved (true), NT//splines=polyline
false straight (false) or polyline
polyline
show_in_lists 0 or 1 If set to 0, map will not appear in the Map TR/show_in_lists=0
Index of the Maps tab (nor in the available
maps for the 360° tab’s Maps widget)

Hereafter are examples of different rendering modes applied to the same data:

TB mode rendering

LR mode rendering

264
 NT mode rendering

265
6.1 SPREADSHEET FILE 6 MONITORING ADMINISTRATION
6.1.9 APPLIPERF SECTION

The APPLIPERF section allows you to define an APM (Application Performance Management). An
APM lets you assemble all the components of an application delivery chain, and set the expected
availability and performance levels for each component, using a weighing scheme based on its
criticality.

An APM is defined directly in the spreadsheet file. The results can be visualized in an Availability
Graph widget or in a report based on the APM Report template.

When filling the spreadsheet file, the principle is then to list monitoring points to which a
reference value is allocated (generally a response time, or an execution time) along with a specific
weight (relative to other monitoring points). All monitoring points with the same application name
will define the APM.

Example for the “Mail internal” APM :

LIST OF COLUMNS
APPLIPERF
Commutateur # HEADER APPLIPERF

Field Description Required

APPLICATION Application name. All elements of the same application must Yes
have the same value.
HOSTNAME Equivalent to NAME column of the HOSTS section Yes
RRD-DATABASE Name of the RRD database containing the data. See below for Yes
usage of the list-ds command
RRD-DS Name of the DS (Data Source) containing the data. See below Yes
MODE Way the value is compared to the nominal value. Allowed Yes
operators are <= and >=
NOMINAL Reference value. Unit depends on the chosen DS Yes
WEIGHT Weight of the defined element, relative to other elements of Yes
the same application
DESCRIPTION Short text description of the element’s role in the application Yes

266
 6 MONITORING ADMINISTRATION
USAGE OF THE LIST-DS COMMAND

Important note: do not attempt to run the command without any argument, as it would freeze focus for
several minutes.

In the following example, we try to list all RRD databases and their DS for the host named zinc.
The hostname is used as argument. The command returns the hostname, then, for each RRD
database on the machine, the filename of the RRD database, followed by DS names separated by
spaces. For a given RRD database, we will choose the DS that will return the desired metrics.
Example :
 The line [Link]: v tells us that the RRD database is named CLOCK-diff and
the only available DS is v
 The line DISK-_.rrd: pct size tells us that in the RRD database named DISK-_ , two
DS are available: pct and size. We will therefore choose one DS or the other, depending
on whether we want to measure a percentage or a size

[root@pomsrv ~]# list-ds srv01

srv01
| [Link]: v
| [Link]: v
| [Link]: v
| [Link]: v
| [Link]: v
| [Link]: v
| [Link]: v
| [Link]: v
| DISK-_.rrd: pct size
| DISK-_dev_shm.rrd: pct size
| DISK-_var.rrd: pct size
| EVENT-act_logs.rrd: v
| EVENT-disa_evt.rrd: v
| EVENT-dtime_evt.rrd: v

6.1 SPREADSHEET FILE

| EVENT-tot_evt.rrd: v
| EVENT-tot_logs.rrd: v
| [Link]: load1 load15 load5
| [Link]: v
| [Link]: v
| [Link]: v
| [Link]: nb
| NETWORK-eth0_2_.rrd: inb inp outb outp
| [Link]: pl rta
| [Link]

267
6.1.10 LOGMATCH SECTION

OVERVIEW
Starting with version 2.7, POM MonitoringTM added a major feature to the log centralization system:
the ability to be notified when a particular log line is received by the POM server.

Note: A “log line” can refer to either a log in syslog format or an SNMP trap sent by a host.

Logs are essential for device management, but they are meant to be seen early enough to be able
to take proper action. The POM platform's log centralization functionality provides easy access to
thousands of log lines, by filtering them.

But when so many lines are coming in with each passing second, finding the important ones can
sometimes be time-consuming. Log alerts tackle the problem differently: we usually have a good
idea of what an important log line (one that indicates a serious problem) looks like. Instead of
having to go look for the line, POM allows you to describe the general pattern of the line, based on
criteria you define, and will notify you via email whenever the platform receives a log line that fits
that pattern.
The advantage is obvious: you are notified within seconds of a problem occurring.

ALERT CHARACTERISTICS
Alerts triggered when a log line is received are somewhat different than monitoring alerts. These
differences are explained below:
 The alert is generated immediately, as soon as logmatch processes the log line. There is
therefore no associated state (SOFT or HARD)
 The alert threshold level is CRITICAL
 The alert appears as the EVENT service, which is a virtual service associated with most hosts
registered in POM
 The alert is attached to the hostname of the host sending the log line
 The name of the rule is indicated in the TAG column and is shown in the Service column on
the Events tab next to the EVENT/ character string. Example: if TAG = trap, the name shown
is EVENT/trap
 The alert description is provided by the DESCRIPTION column and appears in the Status
Information column, preceded by the number of log lines sent by the host matching the rule

268
 6 MONITORING ADMINISTRATION
PROCESSING A LOG LINE
The POM platform comes with a syslog server, making it possible for any host to centralize its logs
in POM.
The syslog server is configured so that log lines are processed through 3 separate paths:
 The line is archived in a dedicated file in a location reserved specifically for the host that
sent the log line
 If the severity level of the log is >= NOTICE, words that are longer than 3 characters are
indexed, and the line is saved in a PostgreSQL database. This database will be used to
display the logs on the “Logs” tab in the web interface.
 If the severity level of the log is >= INFO, the logmatch tool processes the log line to check
whether it matches one of the rules declared in the [Link] file. If there is a match, and
if the name of the host sending the log line is the same as a host registered in POM, an alert
is triggered and is allocated to the host's EVENT service.

Path of a log line through POM:

6.1 SPREADSHEET FILE

Keep in mind that a number of criteria must be met before a log line received by POM triggers an
alert:
 The host sending the log line must be registered in POM
 The name of the host indicated in the log must be identical (case sensitive) to the name
registered in POM. If the name is not exactly the same, the ALIAS column can be used to
indicate the name specified in the log (usually the “hostname” of the host sending the log
line).
 There must be a rule in the [Link] file describing the line being received by the server

Important note: Rules in the [Link] file are checked one by one to look for a match in the log line.
The process stops when it finds a match. In other words, if the first rule matches, the subsequent rules
will be ignored. This is an important point to keep in mind if you want to create several rules that differ
slightly: if the first rule is too general, the subsequent, more precise rules will never be looked at.

269
LIST OF COLUMNS
The LOGMATCH section, appearing by default on the LOGMATCH worksheet in the [Link] file,
allows you to create patterns that describe the logs lines you wish to monitor.
LOGMATCH
Switch # HEADER LOGMATCH

Field Description Required

TAG The name of the rule. It will be displayed next to the word yes
EVENT on the Events tab in the web UI
DESCRIPTION Description of the rule that triggers the alert. This information no
will appear on the Events tab in the web UI
HOSTNAME Restricts rule checking to only the name of the host specified no
here. Only one name is allowed
PROGRAM Restricts searching to only the name of the program specified no
here. Multiple names are separated by a comma
MESSAGE Rule to describe the matching string to detect in the log. Regular yes
expressions are supported.

REGULAR EXPRESSIONS
The specific regular expression dialect used in POM is named PCRE (Perl Compatible Regular
Expressions) and is, as the name suggests, compatible with regular expressions of the Perl
programming language. It is rather flexible and extensively documented.

Detailed description is available here .

For the most common uses of POM, you will find hereafter some basics about regular expressions
and associated patterns.

Important points:
 The section preceding a pattern is not taken into account when a search is performed. As an
example, if a log contains the string “Authentication error for user jsmith”,
we will aim at representing the string jsmith – subject to change – with a regular
expression. Patterns like user ([a-z]+) or for user ([a-z]+) will work, regardless
of the beginning of the string. This behavior mitigates the rigidity of regular expressions,
that normally require strict matching.
 Parentheses around a pattern allow matching with DESCRIPTION column content in the form
$1, $2, etc. $1 stands for the 1st set of parentheses, $2 for the 2nd one, etc.

270
 6 MONITORING ADMINISTRATION
Metacharacters
\ Quote the next character. Useful when searching for a plus + or a dot . , since
they are part of the PCRE language
^ Outside brackets : match the beginning of the string. As 1st character in brackets:
exclude everything else in these brackets. ^Error stands for a string beginning
with the word Error, whereas [^0-9] stands for all characters
$ Match the end of the string
. Match any character
(pattern) Grouping and memorizing : $1 will contain the string matching the pattern
(?:pattern) Grouping without memorizing
[] Character class. E.g.: [0-9] any decimal number, [0-9A-F] any hexadecimal
number.
| Alternation (logical OR)

Quantifiers
* Match 0 or more times
+ Match 1 or more times
? Match 1 or 0 times
{n} Match exactly n times
{n,} Match at least n times
{n,m} Match at least n but no more than m times

6.1 SPREADSHEET FILE

Escape sequences
\t Tab
\s Space
\d Numerical character

Pattern examples
[ˆ\s]+ String of non-space characters, i.e: any word
[a-z]+ String of lower-case letters
\d+ Continuous string of numerical characters, i.e.:
positive integer number
-?(\d+(\.\d*)?|(\d*(\.\d+)?)) Any decimal number
.+ Any string of at least 1 character
\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3} IPv4 address in dot-decimal format
(\d{1,3}\.){3}\d{1,3}\. IPv4 address in dot-decimal format. More concise
version than the previous one, but presents a
drawback as it contains parentheses

271
6.1.11 RETENTION SECTION

The RETENTION section is used to set how long the data stored in the logs are kept, based on the
elements appearing on the Logs tab in the web interface.

These retention rules will be used to determine whether or not the daily log purge is applied to the
hosts specified in each row in the file (in both the archives and the real-time index). The TYPE and
KEY columns are used to determine whether or not a host is allowed to have the logs it sends
purged.
RETENTION
Switch # HEADER RETENTION

Field Description Required

TYPE Restriction based on type. Possible types category, host, group and yes/no
default
KEY Filter for selecting the data to store yes/no
ARCHIVES Number of days to keep archive file data no
REALTIME Number of days to keep real-time index data no

Important points:
 There must be one and only one “default” row.
 The rules are processed in the order in which they appear in the spreadsheet file, with the
exception of the “default” rule, which is always processed last
 If a host's logs are set to be purged, this host will be excluded from the subsequent rules.
This means that if a host is described in two different rules, only the first rule will be
processed.
 If the TYPE (<> default) column is populated, then the KEY column must also be
populated.
 For any other type of row other than the default row, if the ARCHIVES or REALTIME
columns are empty, then the values from the default row will be applied.
 If no value is set for the ARCHIVES or REALTIME columns in the default row, it means
there is “no rule” (logs will never be purged).

272
 6 MONITORING ADMINISTRATION
6.1.12 RELOADING CONFIGURATION DATA MANUALLY

The spreadsheet compilation script pomgen generates the configuration only if a change has been
made in one of the spreadsheet files.

AUTOMATIC POMGEN
You can allow it to run every minute, as was the case in previous POM versions, by setting the
parameter pomgen-enable-crond to yes in the Advanced configuration entry of the web
interface configuration menu.
 See POM WEB INTERFACE: Configuration - Advanced

POMGEN FROM THE WEB INTERFACE

You can run the pomgen tool from the Events tab, by a simple ctrl+click on the Reload button.

The pomgen pop-up will appear, click Run pomgen. If the configuration generation is a success, a
6.1 SPREADSHEET FILE
green line will notify you.

Note: If the configuration generation fails and you get a FATAL error message, POM will keep running
the last valid configuration.

273
POMGEN FROM A COMMAND-LINE SESSION
You can also run the pomgen tool from a command-line session over an SSH connection to the
server (on Windows systems, use a terminal emulator such as xterm or PuTTY ). Once connected
with administrator privileges, execute the command pomgen -fi.
Available options for pomgen:
-f sets POMGEN_FORCE=1
-i sets POMGEN_INSTALL=1
-l sets POMGEN_NAGIOS_RELOAD=1 (uses ‘reload’ for nagios instead of
‘restart’)
-v or –vv increase verbosity to level 1 and 2 respectively

Verbosity levels:
 Level 0 displays only WARNING and ERROR messages
 Level 1 displays also INFO messages
 Level 2 displays also DEBUG messages

Examples:
## standard reload, no message if all is OK
## errors are clearly indicated with their level of severity
[admin@pom ~]$ pomgen -fi

## reload in verbose mode, all steps are listed with processing times
[admin@pom ~]$ pomgen -fiv
INFO -- [main] Processing file: /etc/pom/gen/default/[Link]
INFO -- [bench] Elapsed time on /etc/pom/gen/default/[Link]: 0.000 sec
INFO -- [main] Processed with success: /etc/pom/gen/default/[Link]
...
INFO -- [main] Processed with success: /etc/pom/gen/default/[Link]
INFO -- [bench] Elapsed time on /opt/pom/bin/pomgen: 12.380 sec

A FATAL return message means that an error has been encountered while trying to generate the
new configuration. It can mean that one of the spreadsheet files contains errors, or that an instance
of the pomgen tool is already running. In the latter case, you will get the following error message:
FATAL -- [acquire_lock] Could not acquire lock: /var/tmp/[Link]

Note: If the configuration generation fails and you get a FATAL error message, POM will keep running
the last valid configuration.

274
 6.2 EVENT-HANDLER

275
6.2 EVENT-HANDLER 6 MONITORING ADMINISTRATION
6.2.1 OVERVIEW

An advanced feature, called event-handler, lets you execute a command whenever an event occurs.
More specifically, as soon as a host or service status changes, POM can execute a command using a
set of variables that provide information about the service and host.
The advantage of such a functionality is the ability to automatically perform routine tasks that you
would usually do manually when certain alerts are received.

Note: POM now comes with a set of predefined event-handlers that you just have to declare in the
adequate section of the spreadsheet file.

Other, specific event-handlers have to be defined using the old method.

Note: Setting up this functionality should be carefully thought through, and the script should be
properly checked, especially if it involves restarting services or hosts.

This feature requires knowledge of scripting in Linux (or at least how to handle arguments,
regardless of the language) and understanding how to create check commands in POM.

The event-handler is usually called in the following situations:

 A service or host enters a SOFT state (alert status has not yet been confirmed)
 A service or host enters a HARD state (alert status has been confirmed)
 A service or host returns to an OK state from either a SOFT or HARD state
You therefore need to make sure that your script will only run in the desired situation.

LOCATION OF EVENT-HANDLERS
Event-handlers location follows the same rules as plugins. They are located in three distinct
directories, depending on their origin:

Event-handlers installed by POM – developed by the Nagios Team

/usr/lib64/nagios/plugins/eventhandlers

Event-handlers installed by POM - developed or customized by POM MonitoringTM

/opt/pom/plugins

Event-handlers specifically created by/for the POM user

/etc/pom/local/plugins

276
 6 MONITORING ADMINISTRATION
6.2.2 SET UP

Support for the event-handler functionality in POM is provided for hosts in the HOSTS section and
for services in the SERVICES section in the HANDLER column of the spreadsheet file.
 For Windows services automatic restart event-handlers, see this specific and simple procedure in 6.2.4

To run a script whenever an alert is triggered due to a status change:

1. Set up a script
 Create or download the script
 Check the script from the command line to make sure it works (e.g., restarts a service)
 Make sure the script only runs when the arguments passed to it follow the correct logic.

2. Create a check command that calls the script using the expected parameters

For a host:
 The HOSTSTATE variable returns the host status (UP, DOWN or UNREACHABLE)
 The HOSTSTATETYPE variable returns the type of alert status (SOFT or HARD)
 The HOSTATTEMPT variable returns the check attempt number in SOFT status

For a service:
 The SERVICESTATE variable returns the host status (UP, DOWN or UNREACHABLE)
 The SERVICESTATETYPE variable returns the type of alert status (SOFT or HARD)
 The SERVICEATTEMPT variable returns the check attempt number in SOFT status

3. Create a symbolic link to the script with the desired triggering parameters

6.2 EVENT-HANDLER
 The link name will be of the form:
<script name>.<state type>.<check attempt>.<state>
With this simple step, you avoid having to describe the various possible cases in the script itself.

4. Declare the command as an event object in the spreadsheet file

For a host:
 Locate the HOSTS section in which the host is declared
 Add a HANDLER column to this section
 Enter the name of the previously declared command in the HANDLER column of the row in
which the host is declared

For a service:
 Declare the service in the SERVICES section
 Add a HANDLER column to this section
 Enter the name of the previously declared command in the HANDLER column
The script will run whenever the status of the host/service changes

There are many different variables that can be passed to the script through an event-handler, but
some only apply in a given context (service or host).

277
6.2.3 LIST OF MACROS AVAILABLE WITH AN EVENT-HANDLER

The following list is based on the Nagios documentation. It lists all the macros available with an
event-handler.
Macro name Service macro Host macro
$HOSTNAME$ Yes Yes
$HOSTDISPLAYNAME$ Yes Yes
$HOSTALIAS$ Yes Yes
$HOSTADDRESS$ Yes Yes
$HOSTSTATE$ Yes Yes
$HOSTSTATEID$ Yes Yes
$LASTHOSTSTATE$ Yes Yes
$LASTHOSTSTATEID$ Yes Yes
$HOSTSTATETYPE$ Yes Yes
$HOSTATTEMPT$ Yes Yes
$MAXHOSTATTEMPTS$ Yes Yes
$HOSTEVENTID$ Yes Yes
$LASTHOSTEVENTID$ Yes Yes
$HOSTPROBLEMID$ Yes Yes
$LASTHOSTPROBLEMID$ Yes Yes
$HOSTLATENCY$ Yes Yes
$HOSTEXECUTIONTIME$ Yes Yes
$HOSTDURATION$ Yes Yes
$HOSTDURATIONSEC$ Yes Yes
$HOSTDOWNTIME$ Yes Yes
$HOSTPERCENTCHANGE$ Yes Yes
$HOSTGROUPNAME$ Yes Yes
$HOSTGROUPNAMES$ Yes Yes
$LASTHOSTCHECK$ Yes Yes
$LASTHOSTSTATECHANGE$ Yes Yes
$LASTHOSTUP$ Yes Yes
$LASTHOSTDOWN$ Yes Yes
$LASTHOSTUNREACHABLE$ Yes Yes
$HOSTOUTPUT$ Yes Yes
$LONGHOSTOUTPUT$ Yes Yes
$HOSTPERFDATA$ Yes Yes

278
 6 MONITORING ADMINISTRATION
Macro name Service macro Host macro
$HOSTCHECKCOMMAND$ Yes Yes
$HOSTACTIONURL$ Yes Yes
$HOSTNOTESURL$ Yes Yes
$HOSTNOTES$ Yes Yes
$TOTALHOSTSERVICES$ Yes Yes
$TOTALHOSTSERVICESOK$ Yes Yes
$TOTALHOSTSERVICESWARNING$ Yes Yes
$TOTALHOSTSERVICESUNKNOWN$ Yes Yes
$TOTALHOSTSERVICESCRITICAL$ Yes Yes
$HOSTGROUPALIAS$ Yes Yes
$HOSTGROUPMEMBERS$ Yes Yes
$HOSTGROUPNOTES$ Yes Yes
$HOSTGROUPNOTESURL$ Yes Yes
$HOSTGROUPACTIONURL$ Yes Yes
$SERVICEDESC$ Yes No
$SERVICEDISPLAYNAME$ Yes No
$SERVICESTATE$ Yes No
$SERVICESTATEID$ Yes No
$LASTSERVICESTATE$ Yes No
$LASTSERVICESTATEID$ Yes No

6.2 EVENT-HANDLER
$SERVICESTATETYPE$ Yes No
$SERVICEATTEMPT$ Yes No
$MAXSERVICEATTEMPTS$ Yes No
$SERVICEISVOLATILE$ Yes No
$SERVICEEVENTID$ Yes No
$LASTSERVICEEVENTID$ Yes No
$SERVICEPROBLEMID$ Yes No
$LASTSERVICEPROBLEMID$ Yes No
$SERVICELATENCY$ Yes No
$SERVICEEXECUTIONTIME$ Yes No
$SERVICEDURATION$ Yes No
$SERVICEDURATIONSEC$ Yes No
$SERVICEDOWNTIME$ Yes No
$SERVICEPERCENTCHANGE$ Yes No
$SERVICEGROUPNAME$ Yes No

279
Macro name Service macro Host macro
$SERVICEGROUPNAMES$ Yes No
$LASTSERVICECHECK$ Yes No
$LASTSERVICESTATECHANGE$ Yes No
$LASTSERVICEOK$ Yes No
$LASTSERVICEWARNING$ Yes No
$LASTSERVICEUNKNOWN$ Yes No
$LASTSERVICECRITICAL$ Yes No
$SERVICEOUTPUT$ Yes No
$LONGSERVICEOUTPUT$ Yes No
$SERVICEPERFDATA$ Yes No
$SERVICECHECKCOMMAND$ Yes No
$SERVICEACTIONURL$ Yes No
$SERVICENOTESURL$ Yes No
$SERVICENOTES$ Yes No
$SERVICEGROUPALIAS$ Yes Yes
$SERVICEGROUPMEMBERS$ Yes Yes
$SERVICEGROUPNOTES$ Yes Yes
$SERVICEGROUPNOTESURL$ Yes Yes
$SERVICEGROUPACTIONURL$ Yes Yes
$CONTACTGROUPALIAS$ Yes Yes
$CONTACTGROUPMEMBERS$ Yes Yes
$TOTALHOSTSUP$ Yes Yes
$TOTALHOSTSDOWN$ Yes Yes
$TOTALHOSTSUNREACHABLE$ Yes Yes
$TOTALHOSTSDOWNUNHANDLED$ Yes Yes
$TOTALHOSTPROBLEMS$ Yes Yes
$TOTALHOSTPROBLEMSUNHANDLED$ Yes Yes
$TOTALSERVICESOK$ Yes Yes
$TOTALSERVICESWARNING$ Yes Yes
$TOTALSERVICESCRITICAL$ Yes Yes
$TOTALSERVICESUNKNOWN$ Yes Yes
$TOTALSERVICEPROBLEMS$ Yes Yes
$LONGDATETIME$ Yes Yes
$SHORTDATETIME$ Yes Yes
$DATE$ Yes Yes

280
 6 MONITORING ADMINISTRATION
Macro name Service macro Host macro
$TIME$ Yes Yes
$TIMET$ Yes Yes
$ISVALIDTIME:$ Yes Yes
$NEXTVALIDTIME:$ Yes Yes
$MAINCONFIGFILE$ Yes Yes
$STATUSDATAFILE$ Yes Yes
$DOWNTIMEDATAFILE$ Yes Yes
$RETENTIONDATAFILE$ Yes Yes
$OBJECTCACHEFILE$ Yes Yes
$TEMPFILE$ Yes Yes
$TEMPPATH$ Yes Yes
$LOGFILE$ Yes Yes
$RESOURCEFILE$ Yes Yes
$COMMANDFILE$ Yes Yes
$HOSTPERFDATAFILE$ Yes Yes
$SERVICEPERFDATAFILE$ Yes Yes
$PROCESSSTARTTIME$ Yes Yes
$EVENTSTARTTIME$ Yes Yes
$ADMINEMAIL$ Yes Yes
$ADMINPAGER$ Yes Yes

6.2 EVENT-HANDLER
$ARGn$ Yes Yes
$USERn$ Yes Yes

281
6.2.4 EXAMPLE – RESTART A WINDOWS SERVICE

In the following service event-handler example, we define an event-handler to restart the

SPOOLER service on a monitored Windows machine.
POM is now fitted with a predefined event-handler for such a situation, that will activate on the 2nd
SOFT CRITICAL state, and all we have to do is declare the handler in the spreadsheet file.

DECLARE THE EVENT-HANDLER IN THE SPREADSHEET FILE

In the SERVICES section, declare the Spooler service using the SVC template.
 For more info, see SVC SERVICE TEMPLATE
Then declare the dedicated event-handler command in a HANDLER column.

HOSTNAME TEMPLATE NAME SERVICE_NAME HANDLER CREDENTIALS WIN_SVC

winsrv01 SVC Spooler Print Spooler handler-win-svc-long-name-start cred-wmi-01 Spooler

Important: For an event-handler, CREDENTIALS must be of type WMI. Therefore, in the HOSTS section,
at least two kinds of credentials (separated by a comma , ) will have to be declared: an SNMP
credential and a WMI one.

282
 6 MONITORING ADMINISTRATION
6.3 HOW-TO: MONITORING ADMINISTRATION

283
6.3.1 MONITORING A DEVICE VIA SSH

Using SNMP protocol to monitor a system is not always possible. In this particular case - and if the
target host's system allows it - SSH version 2, a protocol supported by many operating systems,
may be used instead.
While SSH will be a privileged method when monitoring certain system types (e.g. AIX servers), it
will globally be a good choice for other Unix/Linux-type systems.
Monitoring via SSH requires the use of encryption keys, and generating them is the sole step you
need to perform in order to get your POM server ready.
Preparing target hosts will be rendered easier if a SSH server is already installed and configured,
since you will only need to create an account dedicated to monitoring, and authorize the POM
server's public key.
Following instructions describe the most simple and common case encountered, but many other
variants are possible.

GENERAL PRINCIPLE
SSH (for Secure Shell) is a secured communication protocol in that it encrypts the data circulating
between two machines.
Plugins developed by POM MonitoringTM to specifically monitor AIX servers use the SSH protocol to
establish a secure link based on encryption keys exchange.
A preliminary step must therefore be performed on the POM server: generating a public/private key
pair.
You will, in a second time, need to register the consequently generated public key in the list of
authorized keys for a dedicated account on target servers you wish to monitor.

284
 6 MONITORING ADMINISTRATION
GENERATING SSH ENCRYPTION KEYS
On the POM server, the user account used for monitoring being nagios, you will therefore need to
switch to this account to generate the keys, using the command ssh-keygen -t rsa -b
2048.
[admin@pom ~]$ sudo su - nagios

-sh-4.1$ ssh-keygen -t rsa -b 2048

Generating public/private rsa key pair.
Enter file in which to save the key (/var/log/nagios/.ssh/id_rsa):
Created directory '/var/log/nagios/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /var/log/nagios/.ssh/id_rsa.
Your public key has been saved in /var/log/nagios/.ssh/id_rsa.pub.
The key fingerprint is:
[Link] nagios@[Link]
The key's randomart image is:
+--[ RSA 2048]----+
| .+.. o . ..o|
| ..= + . = o.+.|
| . .E* . . . +. |
| o . . |
| . . S . |
| . o . |
| o . |
| . |
| |
+-----------------+

This command creates a key pair, which is then stored in the .ssh directory.
-sh-4.1$ ls -al .ssh/
total 6
drwx------ 2 nagios nagios 1024 Aug 27 11:31 .
drwxr-xr-x 4 nagios nagios 1024 Aug 27 11:35 ..
-rw------- 1 nagios nagios 1675 Aug 27 11:31 id_rsa
-rw-r--r-- 1 nagios nagios 405 Aug 27 11:31 id_rsa.pub

6.3 HOW-TO: MONITORING ADMINISTRATION

285
REGISTERING THE PUBLIC KEY ON TARGET SERVER
This step allows the POM server to connect with the target server by simple key exchange, without
having to enter any password.
[admin@pom ~]$ sudo su - nagios

h-4.1$ ssh-copy-id system@target-srv

The authenticity of host 'target-srv ([Link])' can't be established.
RSA key fingerprint is [Link].
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'target-srv,[Link]' (RSA) to the list of known hosts.
system@target-srv's password:

Now try logging into the machine, with "ssh 'system@target-srv'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

Checking as suggested

-sh-4.1$ ssh system@target-srv

Linux debian 2.6.32-5-686 #1 SMP Mon Sep 23 [Link] UTC 2013 i686

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent

permitted by applicable law.

286
 6 MONITORING ADMINISTRATION
6.3.2 MODIFYING ALERT PARAMETERS

Most basic parameters of the monitoring core in POM can be modified by adding a +<parameter>
column to the corresponding host or service in the spreadsheet file.
 For more info, see MONITORING ADMINISTRATION: Spreadsheet File – Defining Nagios Commands

NEVER ALERT ON A HOST OR A SERVICE

To disable notifications for a specific host or service, add the column +enable_notifications
to its definition in the spreadsheet file and set it to 0

MODIFY CHECKS FREQUENCY

To modify the interval between each check attempt on a host or service, add the column
+retry_interval to its definition in the spreadsheet file and set it to the desired number of
minutes

MODIFY SOFT STATE DURATION

To modify the duration of a SOFT state on a host or service, add the column
+max_check_attempts to its definition in the spreadsheet file and set it to the desired number
of check attempts before switching to HARD state

6.3 HOW-TO: MONITORING ADMINISTRATION

287
6.3.3 SETTING UP NOTIFICATIONS

Notifications in POM can be of different nature. The most common form for POM users is the visual
notification which can be read directly in the event tray.
This section focuses on other types of notifications, such as mail or SMS notifications. Once you
master the basics, you will be able to consider any other kind of notification.

POM uses a notification system to send alerts whenever a problematic event occurs.
In this approach, alerts are emitted at a precise moment in the monitoring timeline, a moment
which is indicator-specific and depends on the host and/or service settings.

 See also MONITORING ADMINISTRATION: Spreadsheet file – HOSTS section

 And MONITORING ADMINISTRATION: Spreadsheet file – SERVICES section

Prior to activating mail notifications in POM, several steps must be taken into consideration:
 Setting up the mail gateway (SMTP relay)
 Setting up the users
 Setting up the profile allocated to users
And to limit the amount of alerts received:
 Setting up dependencies (DEPEND column of the HOSTS section)
 Notification periods
 Fine tuning of profiles
 See USING POM WEB INTERFACE: Configuration

Important note: when alerts are concerned, more is not always better. Upon receiving too many alerts,
recipients will lose confidence in the seriousness of these alerts, which they may decide to redirect to a
folder they will quickly ignore. It is therefore recommended not to activate automatic mail notifications
if the event tray still features a large amount of settings-related alerts.

288
 6 MONITORING ADMINISTRATION
CHANGING NOTIFICATION MAILS SENDER ADDRESS
You must edit the file /etc/pom/[Link]

[root@p50 ~]# cat /etc/pom/[Link]

#############################################################################
# Parameters common to all backends
#############################################################################
# LANGUAGE=fr_FR
# WEBHOST=$HOSTNAME

#############################################################################
# Parameters specific to the mail backend
#############################################################################
# MAIL_FROM_NAME=POM
# MAIL_FROM_EMAIL=pom@$HOSTNAME

#############################################################################
# Parameters specific to the smsorange backend
#############################################################################
# SMSORANGE_KEY=
Uncomment variables by deleting the # in front of them, and alter values to suit your needs.

Parameters common to all backends

 LANGUAGE defines, as the name implies, the language of the message. Available values are:
fr_FR : French (France)
en_US : English (United States)
de_DE : German (Germany)
 WEBHOST provides a link to the web interface of the emitting POM server

Parameters specific to the mail backend

 MAIL_FROM_NAME defines the name displayed for the e-mail sender, default value being
POM
 MAIL_FROM_EMAIL defines the sender's displayed e-mail address, default value is

6.3 HOW-TO: MONITORING ADMINISTRATION

pom@$HOSTNAME where $HOSTNAME is the host name for the emitting POM server

Note: Many mail systems forbid the emission of messages if the sender's address does not fit the general
form of the company e-mail addresses. Solving this issue is often as simple as adapting the contents of
[Link]

Parameters specific to other backends

As an example here, the SMSORANGE_KEY global variable can be set, and used to emit SMS
messages via an Orange gateway (/opt/pom/lib/alert/[Link]).

289
SMS
Sending SMS follows the same logic as sending e-mails. You just have to choose SMS-sending
commands when setting up the users
 See USING POM WEB INTERFACE: Configuration

Important note: For the time being, only the host-alert-smstools and service-alert-
smstools commands are available by default.

Example: night watch profile

We will need to define a fictive user who will be allowed to emit SMS messages, then allocate his
user account to a profile linked to hosts that will only send alerts during night-time, say from 8 PM
to 8 AM.
We assume that the corresponding time period has already been created.
We create the Night_watch profile, for which we will carefully select the hosts sending alerts.

290
 6 MONITORING ADMINISTRATION
Creation of the user
 The user is associated to the Night_watch profile
 For host and service alerts, we choose the SMS-sending commands
 Specific time-periods are used, in order to limit the amount of SMS sent

Installing a GSM modem

6.3 HOW-TO: MONITORING ADMINISTRATION

Hereafter is the procedure for installing a GSM modem in order to send SMS notifications from
POM.

Note: The POM server must, of course, be a physical (non-virtual) machine, to which the aforementioned
modem is connected.

An example of modem usable with POM can be the Maestro EVO 100 by Maestro-wireless, on
which POM MonitoringTM ran conclusive tests.

Connection
Connect the modem with a DB-25 (RS-232) connector. If the server is not equipped with such a
connector, it is possible to connect via USB, using a DB25-USB adaptor.

Smstools
To send SMS, we will use the smstools package, available on a large number of Linux distributions.
[root@pomsat-cba ~]# yum install smstools
...
Installed:
smstools.x86_64 0:3.1.15-3.el6

Complete!
This quick installation on your POM server enables the smsd service and related commands, such
as smssend, which is dedicated to sending SMS.

291
Checking smsd service configuration
We will then edit the file /etc/[Link] to enter the PIN code of the GSM modem's SIM card.
For more info on this configuration file, see smstools editor's website
[root@pom-mon ~]# cat /etc/[Link]
# Example [Link]. Read the manual for a description

devices = GSM1
logfile = /var/log/smsd/[Link]
loglevel = 7
user = smstools
infofile = /var/run/smsd/[Link]
pidfile = /var/run/smsd/[Link]
# 3.1.5 introduced smart logging
# once your configuration is OK, set log level lower (5 is good in most cases)
smart_logging = yes

[GSM1]
device = /dev/ttyS0
incoming = no
pin = 1111

# optional
baudrate = 115200

Making the service run on startup

[root@pom-mon ~]# chkconfig --add smsd

Starting the service

[root@pom-mon ~]# service smsd start
Starting smsd: [ OK ]

Checking configuration by sending a SMS to a known number.

[root@pom-mon ~]# sudo -u smstools smssend 0788442211
Text: sms emission test sms via smstools
--
Text: sms emission test sms via smstools
To: 0788442211
[root@pomsat-cba ~]# echo $?
0

Checking logs to make sure everything went as planned.

We open the file /var/log/smsd/[Link] mentioned in the configuration file.

FAIL - This message means smstools was run by a user other than smstools:
2015-02-19 [Link],3, smsd: Cannot handle /var/spool/sms/outgoing/send_7nTDYN: Access
denied. Check the file and directory permissions.

SUCCESS - These messages mean the SMS has been correctly sent
2015-02-19 [Link],5, smsd: Moved file /var/spool/sms/outgoing/send_ANYcQd to
/var/spool/sms/checked
2015-02-19 [Link],6, GSM1: I have to send 1 short message for
/var/spool/sms/checked/send_ANYcQd
2015-02-19 [Link],6, GSM1: Sending SMS from to 0788442211
...
2015-02-19 [Link],5, GSM1: SMS sent, Message_id: 223, To: 0788442211, sending time 7
sec.
2015-02-19 [Link],6, GSM1: Deleted file /var/spool/sms/checked/send_ANYcQd

292
 6 MONITORING ADMINISTRATION
CREATING A CUSTOMIZED NOTIFICATION COMMAND
Default emission commands in POM are handy for most cases, but might be insufficient for very
specific uses. We will see below, with an example, how to create a customized notification
command.
The structure of a notification relies on three basic elements:
 A backend, which performs the notification dispatch (see [Link])
 A template that describes the content and format of the message sent
 A check command, which will appear in the user settings of the POM web interface
configuration page
Important note: elements required for the creation of a new command will have to be stored in specific
directories, unaffected by updates of the POM system.
 Backends must be stored in the directory /etc/pom/local/alert and must be named
with a .inc extension
 Templates must be stored in /etc/pom/local/alert and must have a .tpl extension.
A template name must be of the form
{sms|mail}.{host|service}.{ack|alert}.[<lang>].tpl
 Check_commands must be stored in /etc/pom/local/nagios/ and must have a .cfg
extension

Example with mail2sms

If you subscribe to a service like mail2sms (mail to SMS), you will need POM to send specifically
formatted mails that will trigger the SMS dispatch.
The general principle is sending to a specific address a short e-mail containing the phone number
(e.g. 0788442211@[Link])
The adequate line command to perform this task is the mail command available on many

6.3 HOW-TO: MONITORING ADMINISTRATION

Unix/Linux distributions, including CentOS, on which the POM system is based.
Message templates are also already included in the POM system, and can be found at
/opt/pom/lib/alert/sms.*.tpl.
As described earlier, these templates provide the content and formatting of the message.
Example:
[root@p50 alert]# cat /opt/pom/lib/alert/[Link]
Host @@NAGIOS_HOSTNAME@@ @@NAGIOS_HOSTSTATE@@: @@NAGIOS_OUTPUT@@

An example of message received by the mail2sms gateway will then look like this :
Host p50 srv-ad1: Host is unreachable

The template being managed by POM, we will need to create the two other required elements: a
backend and a check command

293
Backend
We will create a backend named mail2sms, that will use the mail command to send a SMS
message.
[root@p50 alert]# cat /etc/pom/local/alert/[Link]
##
## Copyright (c) 2015 POM Monitoring. All rights reserved.
## Licensed computer software. Property of POM Monitoring.
## See /opt/pom/POM_Monitoring_EULA.txt for terms of use
##

TEMPLATE=sms
DATE_FORMAT[fr_FR]="%d/%m/%Y %H:%M:%S"
DATE_FORMAT[en_US]="%Y-%m-%d %H:%M:%S"

# $1: phone number

function init() {
[[ -n "${MAIL2SMS_MY_DOMAIN}" ]] || fatal "Parameter MAIL2SMS_MY_DOMAIN is not
defined"
has-nagios-arg "$1" || fatal "Missing phone number argument"
NAGIOS_CONTACTPAGER=$1
}

function process() {
resolve-template
mail "${NAGIOS_CONTACTPAGER}@${MAIL2SMS_MY_DOMAIN}" <<< "$REPLY"
}
 TEMPLATE : refers to template (name of the form sms.*.tpl)
 DATE_FORMAT[] : Chosen date format.
 init : Required function. It will run preliminary settings checks. In the present case, it will
also feed into the NAGIOS_CONTACTPAGER variable, that contains the phone number to
use in the e-mail address.
 process : Required function. It performs the dispatch.
o call to function resolve-template matches the content of the TEMPLATE variable
with an existing template
o the dispatch is performed by the mail command, installed by default on the POM
server

294
 6 MONITORING ADMINISTRATION
Check command
A check command is required, in order to:
 communicate to POM's notification tool all the arguments it needs
 make the host-alert-mail2sms and service-alert-mail2sms commands appear
when creating / modifying a user account
[root@p50 alert]# cat /etc/pom/local/nagios/[Link]
define command {
command_name host-alert-mail2sms
command_line /opt/pom/bin/pomalert \
"$CONTACTNAME$" \
"$CONTACTGROUPNAME$" \
"$_CONTACTLANGUAGE$" \
"$NOTIFICATIONTYPE$" \
"$NOTIFICATIONAUTHORNAME$" \
"$NOTIFICATIONCOMMENT$" \
"$HOSTNAME$" \
"$HOSTALIAS$" \
"$HOSTADDRESS$" \
"$HOSTSTATE$" \
"" \
"" \
"$LASTHOSTSTATECHANGE$" \
"$LASTHOSTCHECK$" \
"$HOSTOUTPUT$" \
"$_HOSTNOTES$" \
"$_HOSTPOM_SITE$" \
mail2sms \
"$CONTACTPAGER$"
}

define command {
command_name service-alert-mail2sms
command_line /opt/pom/bin/pomalert \
"$CONTACTNAME$" \
"$CONTACTGROUPNAME$" \
"$_CONTACTLANGUAGE$" \
"$NOTIFICATIONTYPE$" \
"$NOTIFICATIONAUTHORNAME$" \
"$NOTIFICATIONCOMMENT$" \

6.3 HOW-TO: MONITORING ADMINISTRATION

"$HOSTNAME$" \
"$HOSTALIAS$" \
"$HOSTADDRESS$" \
"$HOSTSTATE$" \
"$SERVICEDESC$" \
"$SERVICESTATE$" \
"$LASTSERVICESTATECHANGE$" \
"$LASTSERVICECHECK$" \
"$SERVICEOUTPUT$" \
"$_HOSTNOTES$" \
"$_HOSTPOM_SITE$" \
mail2sms \
"$CONTACTPAGER$"
}
 The host-alert-mail2sms command will be used in case of an incident on the host
 The service-alert-mail2sms command will be used in case of an incident on a service
 In either case, the mail2sms backend will be the one used.
 The various macros (i.e. "variables") will be adpated to context, be it host or service.

Modifying notification rules

We may not want to receive a notification whenever a WARNING alert occurs, nor be notified when
a monitoring point goes back to an OK state.
This POM setting is global and can be modified in the /etc/pom/gen/[Link] file.

295
The variables to be modified are NAGIOS_HOST_ESCALATION_OPTIONS and
NAGIOS_SERVICE_ESCALATION_OPTIONS. Uncomment them by removing the # in front of them,
and list the desired options.
Variable Option Comment
NAGIOS_HOST_ESCALATION_OPTIONS d (down) Host does not respond
u (unreachable) One of the host's parents does
not respond
r (recovery) Host goes back to OK state
NAGIOS_SERVICE_ESCALATION_OPTIONS w (warning) WARNING severity state
u (unknown) UNKNOWN state
c (critical) CRITICAL severity state
r (recovery) Return to OK state

In the following example, notification is disabled on WARNING alerts for services, and on returns
to OK state for hosts.

############################################################
# Nagios configuration
############################################################

# NAGIOS_BASE_HOST=generic-host
# NAGIOS_BASE_SERVICE=generic-service
# NAGIOS_MAINCFG=/etc/nagios/[Link]
# NAGIOS_FALLBACK_HANDLER=true
# NAGIOS_NOMON_HOST_CC=check-host-nomon

NAGIOS_HOST_ESCALATION_OPTIONS=d,u
NAGIOS_SERVICE_ESCALATION_OPTIONS=u,c,r
# NAGIOS_META_ESCALATION_OPTIONS=w,u,c,r

296
 6 MONITORING ADMINISTRATION
6.3.4 SETTING UP SCENARIOS

OVERVIEW
Web scenarios are scripts that allow us to check the health of a website.
These scripts are based on the check_scenario plugin developed by POM MonitoringTM.
The plugin includes a set of macro-functions that facilitate the main steps of connecting to a
website.
 A Web scenario is a simplified bash script that makes use of the functionalities provided by
the check_scenario plugin.
 The browser used by the scenario, cURL, is a text-based web browser that can impersonate
other browsers such as IE or Firefox
 Connection times and downloaded data volume are monitored along the browsing and are
used to generate performance graphs
 A scenario is composed of several steps, each of which can be set to trigger alerts on specific
thresholds.
 Writing a plugin is considered difficult and requires good knowledge of HTTP protocol and
Web technical particularities.

USAGE
A scenario is set up by allocating a SCENARIO template to a SERVICES section of the spreadsheet
file.
A website then becomes a monitoring point as any other, that can be associated with any host
registered in POM

6.3 HOW-TO: MONITORING ADMINISTRATION

 For more info on adding monitoring points, see MONITORING ADMINISTRATION: Spreadsheet file
 For more info on the SCENARIO template settings, see SCENARIO Service Template

CREATION
Creating a web scenario is a rather technical procedure and might be disconcerting at first.
A web scenario is a bash script, which means it takes advantage of all this programming language's
possibilities in addition to the functionnalities offered by the check_scenario plugin.
Even if knowing the basics of bash may save some time on elementary syntax problems, it is not
necessary to be a bash expert to create web scenarios. However, you will find, at the end of this
section, some useful links in case you want to perfect your knowledge of bash.
 See USEFUL LINKS

297
Important requirements:
 Scenario files must be stored in the /etc/pom/scenarios/ directory
 Scenario files must have a .scn extension (e.g. [Link])
 It is highly recommended that you test a scenario in command line all along its
development. These tests must be run prior to registering the scenario in the spreadsheet
file and generating a new POM configuration.

Hereafter are a few tips than can help you speed up the scenario creation process:
 Open two line command terminals on POM and work in the /etc/pom/scenarios/
directory. One terminal to edit the scenario, the other to test it.
 In the 1st terminal, create a basic script and save it as [Link] using the vim editor.
#!/usr/bin/env check_scenario
id 1-homepage
get /
 In the 2nd terminal, test the script:
[admin@p50 scenarios]$ /opt/pom/plugins/check_scenario -H [Link] -u
[Link] -s ./[Link]
WEB-SCENARIO OK - (1-homepage) Expected values OK| time=.031 size=256 objs=1
 Then run the script again in debug mode, which lists all steps performed by the script:
[admin@p50 scenarios]$ /opt/pom/plugins/check_scenario -H [Link] -u
[Link] -s ./[Link] -D
+ clean-all 1
+ [[ -z 1 ]]
+ [[ 1 == 0 ]]
+ trap output-status EXIT
+ ERROR_STATE=0
+ exit_status=0
+ VHOST=[Link]
+ FOLLOW_VHOST=1
+ baseurl [Link]
+ learn-url [Link]
+ OIFS='
'
+ IFS=$'\020'
...
++ SIZE_DOWNLOAD=258
++ (( OVERALL_SIZE += SIZE_DOWNLOAD ))
++ (( OVERALL_OBJS += 1 ))
++ sed -i -e 's/\r//' /tmp/check_scenario.[Link]
++ [[ -n '' ]]
++ [[ -r /tmp/check_scenario.[Link] ]]
++ [[ -n '' ]]
++ [[ -n '' ]]
++ no-message
++ MSG=
++ unset POSTDATA GETDATA QUERYSTRING
++ [[ -n '' ]]
+ no-message
+ MSG=
+ '[' 0 == 0 ']'
+ reason 'Expected values OK'
+ [[ Expected values OK == \-\a ]]
+ REASON='(1-homepage) Expected values OK'
+ MSG=
+ no-message
+ MSG=
+ exit 0
+ output-status
+ local RET=0
+ echo -n 'WEB-SCENARIO OK - (1-homepage) Expected values OK|'
WEB-SCENARIO OK - (1-homepage) Expected values OK|+ '[' 0 = 0 ']'
+ echo -n ' time=.023 size=258 objs=1'
time=.023 size=258 objs=1+ echo

298
 6 MONITORING ADMINISTRATION
To help us understand the results, 2 files are at our disposal
 /tmp/check_scenario.[Link] contains headers for the server response
[admin@p50 scenarios]$ cat /tmp/check_scenario.[Link]
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Location: [Link]
Content-Length: 258
Date: Thu, 22 Jan 2015 [Link] GMT
Server: GFE/2.0
Alternate-Protocol: 80:quic,p=0.02
 /tmp/check_scenario.[Link] contains the source code of the target html
page
[admin@p50 scenarios]$ cat /tmp/check_scenario.[Link]
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="[Link]
</BODY></HTML>
In these two files, 27344.12034 is a unique identifier that will change each time the script is run,
you will therefore need to read the debug info to obtain the identifier corresponding to a specific
test.

With this basic script and this initial test, we know what the next step must be: follow the
redirection provided in the header info, run the script again and so on until the script reaches the
desired homepage.
This simple example shows why it is recommended to run tests all along the script development,
and to build it step by step.

When the information provided by the debug mode and the check_scenario plugin is not sufficient
to know how to adapt the script to a particular situation, advanced functionalities provided by

6.3 HOW-TO: MONITORING ADMINISTRATION

modern browsers such as Chrome or Firefox can come in handy.
On Chrome and Firefox, the debug console is activated by the keyboard shortcut [ctrl] + [shift] + [j]

299
EXAMPLES

Homepage
This fairly simple scenario's purpose is to check the presence of the homepage when accessing the
Zimbra mail system of the French Free ISP
#!/usr/bin/env check_scenario

# line command test run

# /opt/pom/plugins/check_scenario -u [Link] -s
/etc/pom/scenarios/[Link] -D

# define an id for this first section

id 1-homepage
# try the root url
get /

# we should find the authentication form in the page returned

expect-output '<form action="/[Link]" method="post">'

# give stats on this first id section

stats

# alert on specific thresholds for the whole test

# warning if total time is greater or equal to 10 seconds
warning time-total ">=" 10.0
# critical if total time is greater or equal to 20 seconds
critical time-total ">=" 20.0

Rent payment website

This scenario checks that an online rent payment website is up and running.
Note: this scenario features a specific scripting problem in that an error exists in one of the
webpages' html code.
We go around this error by correcting the inadequate html code with the command line text
processing tool sed.
#!/usr/bin/env check_scenario

# authentication information
_USER='special_user'
_PASS='very_special_password'

# simulate IE browser - not required here

#user-agent "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"

# forget invalid certificate error for autosigned servers

INSECURE=1

# do not connect through a proxy - the site is requested from our lan
no-proxy

# connection to homepage
id 1-homepage

# get / is not a good choice with this site, it does not work
# instead the browser console gave us the real requested URL
# ${HOST_ADDR} is an auto global variable
# note: the target is urlencoded
# try to connect a redirected page
get
"/residents/?login&service=https%3A%2F%2F${HOST_ADDR}%2Fresidents%2F%3Fserver%3D1:43"

# jump to next location

get-location

# confirm we reached the right page

expect-output 'click, customer area</div>'

# at this step the first stage is validated: connection to the main address

300
 6 MONITORING ADMINISTRATION
# next step is to check we can authenticate to the site

# stats keyword provide information for this particular section

stats

id 2-authentication

# after a long search of failed tries, it appears that structure of the page
# returned is not correct, it contains several errors
# Among others, one <div> tag is closed with </ddiv>, whitch is not correct
# we use sed to correct that typo
# note: $OUTPUT contains the page returned by the web server
# correct bugs in html structure
sed -i 's@</ddiv@</div>@g' $OUTPUT

# the place of
# search for lt value
# first element with id login, fifth div element, first input element
# store the value of parameter 'value' in variable __LT
__expr='//*[@id="login"]/div[5]/input[1]'
store-value-xpath __LT "$__expr" value

# search for jsessionid value

# get the first link element in head structure
# store the value of parameter 'href' in variable __ID
store-value-xpath __ID '/html/head/link[1]' href

# clean the value, only keep jessionid value

# remove everything before and including 'jsessionid='
__ID=${__ID##*jsessionid=}

# post username and password

# all input fields must be given, even temporary $__TL value

__action='/case_residentsFH/login?service=https%3A%2F%2F'${HOST_ADDR}'%2Fresidents%2F%3F
server%3D1'

post "$__action"
"username=${_USER}&password=${_PASS}&warn=true&lt=${__LT}&_eventId=submit&submit=LOGIN"

# next location is stored in header, memorize it

store-location
get "$LOCATION"

6.3 HOW-TO: MONITORING ADMINISTRATION

# next link is found in return page
# direct connect to it
get /residents/[Link]/accueil-connecte

# confirm we reached the right page

expect-output 'paiement de votre loyer en ligne'

stats

# check 'rent payment' page

id 3_rent_payment

# url is found in a link of the last page we got

get '/residents/[Link]/online-services/payment'

# confirm we reached the right page

expect-output '<li class="active"><span>Pay my rent online</span>'

stats

# alert on specific thresholds for the whole test

# warning if total time is greater or equal to 10 seconds

warning time-total ">=" 10.0

# critical if total time is greater or equal to 20 seconds

critical time-total ">=" 20.0

301
HELP
The check_scenario plugin help provides the majority of the commands used in creating scenarios
[admin@p50 scenarios]$ /opt/pom/plugins/check_scenario --help
Usage: check_scenario [options] FILENAME
-h,--help show this help
-D,--debug debug mode
-v,--verbose verbose mode
-u,--url URL use this as base URL
-k,--insecure allow ssl connexion without valid certs
-N,--name NAME use this as scenario name
-s,--scenario FILE scenarios scripts
-H,--hostname host name or address to check
--set define internal values

Script format:
message "my message" forced message for next operation error
cookie NAME VALUE add client cookie
no-cookie remove all client cookie
follow-location internaly follow Location:
no-follow-location disable following location internaly
id NAME define step in script (for output)
if-modified-since DATE If-Modified-Since date for get-requisities
baseurl URL define base URL for next relative requests
no-headers reset headers
think-time TIME wait TIME (ms)
header HEADER VALUE prepare headers to add in futurs requests
store-urlencode VNAME VALUE urlencode a value
post URL [QUERY-STRING] post URL
no-referer reset referer
vhost HOSTNAME set hostname to present to web server
port PORT set non standard port
get URL [QUERY-STRING] send URL with GET method
get-location send last location as URL
get-next send next determined request as URL
post-next send next determined request as URL (POST)
critical INDICE OPERATOR VALUE check INDICE
warning INDICE OPERATOR VALUE check INDICE
- time time getting object (s)
- namelookup time for name lookup (s)
- connect time connecting server (s)
- header time sending headers (s)
- start time receiving first byte (s)
- download download size (bytes)
- running time getting all objects since last id (s)
- all-time overall time getting all objects (s)
- all-objects overall number of objects
- all-size overall download size of all objects
query-string DATA set QUERY-STRING for all futur usage
no-query-string reset QUERY-STRING
post-data DATA set DATA for all futur usage
no-post-data reset DATA used by POST
get-requisities get all sub objects
store-value NAME VALUE expect and store value
store-value-xapth NAME MATCH VALUE expect and store value
store-value-xapth-html NAME MATCH VALUE expect and store value (html)
store NAME VALUE same as store-value
store-next VALUE store as NEXT request
store-header NAME VALUE expect and store header
store-location store special header Location:
expect-return RETURN... expect return code
expect-output STRING expect STRING in returned data
expect-header NAME VALUE expect header NAME with VALUE
expect-location [-r] VALUE expect header Location: value
expect-value PSEUDO-XPATH expect value defined with pseudo-xpath
ex: input@name=password:value
a@name=next:href
request-form [FORMNAME] use form data in next get/post request

302
 6 MONITORING ADMINISTRATION
USEFUL LINKS

HTTP protocol
[Link]
[Link]
[Link]
[Link]

cURL
[Link]

Bash basics
[Link]
[Link]
[Link]

6.3 HOW-TO: MONITORING ADMINISTRATION

303
6.3.5 SETTING UP SERVER DOWNTIMES VIA HTTP REQUESTS

OVERVIEW
You can set host downtimes using HTTP requests via cURL.
The API used for this feature is located at [Link]
For each downtime definition or deletion, only a single HTTP request is necessary.
If the request succeeds, a 200 code is returned, if it fails, a 400 code is returned.

SYNTAX AND PARAMETERS

The typical syntax used is as follows:
[root@pomsrv ~]# curl -X POST -d "<parameters>" [Link] && printf "\n"
Where parameters must follow the syntax parameter01=value01&parameter02=value02...
Available parameters are:
Parameter Default Value Description Required
pom_auth_username N.A. POM user name Yes
pom_auth_password N.A. POM user password Yes
fn N.A. Web API function. Value must be downtimes Yes
act N.A. Action. add (add downtime) or del (delete downtime). Yes
See remarks
hostname N.A. Targeted host Yes
start Request time Downtime start time. Timestamp format. See remarks No
duration 3600 Downtime duration, in seconds. See remarks No
end Start+Duration Downtime and time. Timestamp format. See remarks No
downtime_id All downtimes Downtime ID. See remarks No
comment N.A. Comment from request sender No

REMARKS

add action
In an add action, start, duration and end are optional parameters. If all three are used and
are incoherent, an error will be returned.

del action
When using the del action, you can either:
 use no time parameter. All downtimes on the host will then be deleted
 use start, end and duration parameters. They will be then be used as filters to delete
specific downtimes
 use the downtime_id parameter. Only the specific downtime will be deleted

304
 6 MONITORING ADMINISTRATION
REQUIREMENTS
Make sure the following requirements are verified:
 Your request includes all required parameters
 The timestamp does not correspond to a date in the past
 The POM user used for authentication exists and is allowed to perform HTTP requests
 The targeted host exists
 Once sent, your request has been taken into account (within 30 seconds before timeout)

EXAMPLES OF USE
Adding a downtime (with a comment):
[root@pomsrv ~]# curl -X POST -d
"pom_auth_username=user01&pom_auth_password=password01&fn=downtimes&act=add&hostname=ser
ver01&comment=THIS IS A COMMENT" [Link] && printf "\n"

{"success":true,"result":{"start":1461151254,"end":1461154854,"duration":3600,"downtime_
id":62}}

Adding several downtimes with different durations:

[root@pomsrv ~]# for i in 1 2 3 4; do curl -X POST -d
"pom_auth_username=user02&pom_auth_password=password02&fn=downtimes&act=add&hostname=ser
ver02&start=1561142159&duration=$i" [Link] ; done

{"success":true,"result":{"start":1561142159,"end":1561142160,"duration":1,"downtime_id"
:44}}
{"success":true,"result":{"start":1561142159,"end":1561142161,"duration":2,"downtime_id"
:46}}
{"success":true,"result":{"start":1561142159,"end":1561142162,"duration":3,"downtime_id"
:47}}
{"success":true,"result":{"start":1561142159,"end":1561142163,"duration":4,"downtime_id"

6.3 HOW-TO: MONITORING ADMINISTRATION

:48}}

Error returned when adding the same downtime twice:

[root@pomsrv ~]# curl -X POST -d
"pom_auth_username=user03&pom_auth_password=password03&fn=downtimes&act=add&hostname=ser
ver03&start=1561068821&end=1661068822" [Link] && printf "\n"

{"success":true,"result":{"downtime_id":24}}

[root@pomsrv ~]# curl -X POST -d

"pom_auth_username=user03&pom_auth_password=password03&fn=downtimes&act=add&hostname=ser
ver03&start=1561068821&end=1661068822" [Link] && printf "\n"

{"success":false,"message":"downtime period already exists"}

Error returned if start, end and duration parameters are incoherent:

[root@pomsrv ~]# curl -X POST -d
"pom_auth_username=user04&pom_auth_password=password04&fn=downtimes&act=add&hostname=ser
ver04&start=1561142159&end=1561142160&duration=2" [Link] && printf "\n"

{"success":false,"message":"'start', 'end' and 'duration' parameters do not match"}

305
Deleting all downtimes on a host:
[root@pomsrv ~]# curl -X POST -d
"pom_auth_username=user05&pom_auth_password=password05&fn=downtimes&act=del&hostname=ser
ver05" [Link] && printf "\n"

{"success":true,"result":null}

Deleting a specific downtime using start and end parameters:

[root@pomsrv ~]# curl -X POST -d
"pom_auth_username=user06&pom_auth_password=password06&fn=downtimes&act=del&hostname=ser
ver06&start=1561068821&end=1661068821" [Link] && printf "\n"

{"success":true,"result":null}

Deleting a specific downtime using its id:

[root@pomsrv ~]# curl -X POST -d
"pom_auth_username=user07&pom_auth_password=password07&fn=downtimes&act=del&hostname=ser
ver07&downtime_id=24" [Link] && printf "\n"

{"success":true,"result":null}

Deleting specific downtimes by filtering on duration values:

[root@pomsrv ~]# curl -X POST -d
"pom_auth_username=user08&pom_auth_password=password08&fn=downtimes&act=del&hostname=ser
ver08&duration=1" [Link] && printf "\n"

{"success":true,"result":{"downtime_ids":[54,55,56,57]}}

306
 7 MONITORING TEMPLATES
7 MONITORING
TEMPLATES

307
 7.1

308
HOST MONITORING TEMPLATES

7.1 HOST MONITORING TEMPLATES 7 MONITORING TEMPLATES

 7 MONITORING TEMPLATES
OVERVIEW
Host monitoring templates, or simply Host templates, are ready-to-use declarations to set a target
device as a monitoring point, using the fitting check commands.
POM’s host templates configuration files can be found in the following directory:
/opt/pom/lib/gen/host

Host templates are registered in POM by entering the adequate info in a HOSTS section in the
configuration spreadsheet file.
 See MONITORING ADMINISTRATION: Spreadsheet File – HOSTS Section

CATEGORIES
Host monitoring templates available in POM can be divided in 5 main categories. Click on one of
these following to be redirected to the full list of available templates in the corresponding
category:

 SYSTEMS & HARDWARE

Templates to monitor servers, computers, printers, etc.

 NETWORK, INTERNET & REMOTE ACCESS

Templates to monitor network switches, routers, remote access cards, load balancers, etc.

 SECURITY
Templates to monitor firewalls or secured gates.

7.1 HOST MONITORING TEMPLATES

 STORAGE
Templates to monitor mass storage devices and related assets.

 VIRTUALIZATION
Templates to monitor virtualization devices.

309
 7 MONITORING TEMPLATES
7.1.1 FULL LIST OF HOST TEMPLATES

TEMPLATE Description Aliases From

ver.
AIX AIX server - any version 4.0
AIX SSH AIX server - any version - requesting 5.0
through ssh protocol
ALOHA HAproxy Aloha load balancer any
ARUBA Aruba 3000 wi-fi mobility controller ARUBA 3200 5.0
AS400 IBM AS/400 system type 4.1
AS400-WBEM IBM As400 system type (WBEM) 5.2
ASA Cisco ASA firewall - any version any
ASTARO Astaro firewall - any version any
AWS Amazon Web Services VM monitoring 5.4
BARRACUDA Barracuda Spam Firewall 5.0
BLUECOAT Bluecoat Proxy appliance BLUECOAT-SG 5.0
BLUECOAT-PROXYSG
BLUECOAT-AV Bluecoat ProxyAV appliance BLUECOAT-PROXYAV 5.0
BROCADE Brocade network switch 5.3
CCM Cisco Call Manager any
CHECKPOINT Checkpoint firewall any
EMC EMC SAN (Storage Area Network) any
ESX VMWARE ESX system - version greater any
than 4
F5-BIGIP F5 BIG-IP Local Traffic Manager BIGIP 5.3
FORTIGATE Fortinet Fortigate firewall - all versions FORTINET 5.3

7.1 HOST MONITORING TEMPLATES

except 200b FORTIGATE 100D
FORTIGATE 310B
FORTIGATE 200B Fortinet Fortigate 200b firewall 5.3
H3C H3C network switch any
HP-5130 HP 5130 series network switch HP5130 5.3
HP-P2000 MSA HP P2000 Modular Smart Array 5.0
Systems
IBM- IBM BladeCenter server IBM-BLADE 5.0
BLADECENTER
IDRAC Integrated Dell Remote Access Controller 4.1
(iDRAC) management interface
ILO HP ILO (Integrated Lights-Out) any
management interface
IP Basic reachability test - any host any
IRONPORT Ironport firewall any

311
TEMPLATE Description Aliases From
ver.
JUNIPER EX Juniper EX Series network switch JUNIPER SRX 5.0
JUNIPER SA Juniper SA Series network switch 5.0
LINUX Linux system - any distribution any
LINUX NRPE Linux NRPE (Nagios Remote Plugin 5.0
Extractor)
LINUX-UCD Linux system statistics (UCD) UCD
LIVEBOX Router to access Orange professional any
network
NETAPP Netapp SAN (Storage Area Network) any
NETASQ NetASQ security appliance 5.3
NETSCALER Citrix NetScaler Gateway - secure access any
gateway
NORTEL Nortel network switch SW-NORTEL any
OPENFILER OpenFiler SAN/NAS 5.2
PALO-ALTO Palo Alto firewall PALOALTO 5.0
PIX Cisco PIX firewall any
POLYCOM Polycom server 4.1
POLYCOM-HDX Polycom HDX desktop device 4.1
POM POM any
POM-BASE POM-Base POM-SAT 5.0
POM-SATELLITE
POM-HA POM-HA (High Availability) 4.1
PRINTER Printer and copier device any
QNAP Qnap NAS (Network Attached Storage) any
RIVERBED Riverbed bandwidth optimization device any
ROUTER Router device - any brand any
SCANGAULE Scangaule and AKPC SensorProbe devices any
SNMP (DEFAULT) Basic SNMP protocol 5.0
SNMP-5.3 Linux host with NetSNMP version 5.3+ RH30 5.0
RH40
RH50
FEDORA8
FEDORA 8
FEDORA9
FEDORA 9
SNMP-5.5 Linux host with NetSNMP version 5.5+ RH60 5.0
SSH Basic SSH protocol 5.0
STONEGATE McAfee/Stonegate firewall appliance 5.0

Back to Host Templates categories

312
 7 MONITORING TEMPLATES
TEMPLATE Description Aliases From
ver.
SW-3COM 3com network switch 3COM any
SW-CISCO Cisco network switch CISCO C2960 5.0
SW-HP HP network switch any
SW-NORTEL-8600 Nortel 8600 Series network switch NORTEL-8600 5.0
SYNOLOGY Synology NAS 5.0
UCOPIA Ucopia wi-fi access portal any
UPS UPS (Uninterruptible Power Supply) APC any
device - any brand
UPS-HP HP UPS (Uninterruptible Power Supply) any
device
UTM UTM (Unified Threat Management) device FORMILUX any
- any brand
VTL VTL (Virtual Tape Library) device any
W2000 Windows 2000 system any
WIN Windows system - any version greater WXP any
than Windows 2000 XP
W2003
W2008
W2008R2
W2012R2
W2012
WIN-AGENT Windows agent AGENT WINDOWS
WIN-WMI Windows system (via WMI) - any version WXP-WMI any
greater than Windows 2000 W2003-WMI
W2008-WMI
W2008R2-WMI
W2012-WMI

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

313
7.1.2 SYSTEMS & HARDWARE

TEMPLATE Description Aliases From

ver.
AIX AIX server - any version 4.0
AIX SSH AIX server - any version - requesting 5.0
through ssh protocol
AS400 IBM AS/400 system type 4.1
AS400-WBEM IBM As400 system type (WBEM) 5.2
HP-P2000 MSA HP P2000 Modular Smart Array 5.0
Systems
IBM-BLADECENTER IBM BladeCenter server IBM-BLADE 5.0
LINUX Linux system - any distribution any
LINUX NRPE Linux NRPE (Nagios Remote Plugin 5.0
Extractor)
LINUX-UCD Linux system statistics (UCD) UCD
POLYCOM Polycom server 4.1
POLYCOM-HDX Polycom HDX desktop device 4.1
POM POM any
POM-BASE POM-Base POM-SAT 5.0
POM-SATELLITE
POM-HA POM-HA (High Availability) 4.1
PRINTER Printer and copier device any
SCANGAULE Scangaule and AKPC SensorProbe devices any
UPS UPS (Uninterruptible Power Supply) device APC any
- any brand
UPS-HP HP UPS (Uninterruptible Power Supply) any
device
W2000 Windows 2000 system any
WIN Windows system - any version greater than WXP any
Windows 2000 XP
W2003
W2008
W2008R2
W2012R2
W2012
WIN-AGENT Windows agent AGENT WINDOWS
WIN-WMI Windows system (via WMI) - any version WXP-WMI any
greater than Windows 2000 W2003-WMI
W2008-WMI
W2008R2-WMI
W2012-WMI

Back to Host Templates categories

314
 7 MONITORING TEMPLATES
AIX

AIX server - any version

Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
CPU snmp CPU warn/crit (e.g: 120/300) CRITICAL=80
WARNING=75
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
ERRPT ssh ERRPT
EVENT EVENT
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=100
WARNING=80
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g:"FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
SPOOL ssh SPOOL
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600

7.1 HOST MONITORING TEMPLATES

crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

315
AIX SSH

AIX Server – any version – Requesting through SSH protocol

Indicator Protocol Column name Syntax Default threshold
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
CLOCK ssh CLOCK warn/crit (e.g: 120/300) CRITICAL=300
WARNING=180
DISK ssh DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%) PORT=22

*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
ERRPT ssh ERRPT
EVENT EVENT
LOAD ssh CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
PORT=22
MEM ssh MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
PORT=22
NB-PROCESS ssh NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=100
WARNING=80
PORT=22
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
RTA-WARNING=200
warn/crit warn%/crit% num
(e.g: 200/500 5%/10% 1)
SPOOL ssh SPOOL
SWAP ssh SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70%
WARNING=50%
PORT=22
UPTIME ssh UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

316
 7 MONITORING TEMPLATES
AS400

IBM AS/400 system type

Indicator Protocol Column name Syntax Default threshold
ASP telnet ASP warn/crit (e.g: 120/300) CRITICAL=80
WARNING=75
CPU telnet CPU warn/crit (e.g: 120/300) CRITICAL=80
WARNING=75
JOBQ telnet JOBQ warn/crit (e.g: 120/300) CRITICAL=20
WARNING=10
JOBS telnet JOBS warn/crit (e.g: 120/300) CRITICAL=1300
WARNING=1000
LOGIN telnet LOGIN
MEM telnet MEM warn/crit (e.g: 120/300) CRITICAL=80
WARNING=75
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
PRB telnet PRB warn/crit (e.g: 120/300) CRITICAL=3
WARNING=1
SBS telnet SBS warn/crit (e.g: 120/300) CRITICAL=3
WARNING=1
TCP telnet AS400-TCP warn/crit (e.g: 120/300) CRITICAL=1
WARNING=1
WAIT telnet WAIT warn/crit (e.g: 120/300) CRITICAL=3
WARNING=1

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

317
AS400-WBEM

IBM AS/400 system type (via WBEM)

Indicator Protocol Column name Syntax Default threshold
ADM-WBEM wbem ADM val,val.. (e.g: 22,443,8080)
CLOCK wbem CLOCK warn/crit (e.g: 120/300) CRITICAL=300
WARNING=180
CPU wbem CPU warn/crit (e.g: 120/300) CRITICAL=80
WARNING=75
DISK wbem DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
NETWORK wbem NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME wbem UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)
JOB-UNASSIGN wbem JOB-UNASSIGN warn/crit (e.g: 120/300) CRITICAL=0
WARNING=0
JOB-WAIT wbem JOB-WAIT warn/crit (e.g: 120/300) CRITICAL=0
WARNING=0
NB-JOB wbem NB-JOB warn%/crit% (e.g: 80%/90%) CRITICAL=80%
WARNING=70%
SBS wbem SBS

Back to Host Templates categories

318
 7 MONITORING TEMPLATES
HP-P2000

MSA HP P2000 Modular Smart Array Systems

Indicator Protocol Column Syntax Default threshold
name
ADM-HTTP tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=6.0
WARNING=4.0
PORT=80
CONTROLLER http CONTROLLER
DISK-IO http DISK-IO
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
STATUS http STATUS
VDISK-IO http VDISK-IO
VDISK-R- http VDISK-R-
LATENCY LATENCY
VDISK-W- http VDISK-W-
LATENCY LATENCY
VOLUME-IO http VOLUME-IO

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

319
IBM-BLADECENTER

IBM BladeCenter server

Other values providing the same indicators: IBM-BLADE

Indicator Prot. Column name Syntax Default threshold

ADM-HTTPS http,tcp ADM-HTTPS val,val.. CRITICAL=6.0
(e.g: 22,443,8080) WARNING=4.0
PORT=443
ADM-SNMP snmp ADM val,val..
(e.g: 22,443,8080)
Blades-Comm Blades-Comm CRITICAL=0:0
Blades-Count Blades-Count
Blower-Speed-1 Blower-Speed-1 WARNING=0:95
Blower-Speed-2 Blower-Speed-2 WARNING=0:95
Blowers-Count Blowers-Count CRITICAL=2:2
EVENT EVENT
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
Power-Count Power-Count CRITICAL=4:4
Switches-Count Switches-Count CRITICAL=4:4
System-Ethernet-Backplane System-Ethernet- CRITICAL=0:0
Backplane
System-State System-State CRITICAL=1:
WARNING=255:
System-Temp-Ambient System-Temp-Ambient CRITICAL=15.00:24.00
WARNING=16.00:22.00
System-Temp-MM System-Temp-MM CRITICAL=23.00:60.00
WARNING=25.00:45.00
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non
Persistent”)

Back to Host Templates categories

320
 7 MONITORING TEMPLATES
LINUX

Linux system - any distribution

Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
CLOCK snmp CLOCK warn/crit (e.g: 120/300) CRITICAL=300
WARNING=180
CPU-STAT snmp CPU-STAT warn/crit (e.g: 120/300) CRITICAL=
WARNING=
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=100
WARNING=80
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)

7.1 HOST MONITORING TEMPLATES

SWAP snmp SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70%
WARNING=50%
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

321
LINUX NRPE

Linux NRPE (Nagios Remote Plugin Extractor)

Indicator Protocol Column name Syntax Default threshold
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=16,8,4
WARNING=8,4,2
PORT=5666
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
PORT=5666
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=100
WARNING=80
PORT=5666
NRPE NRPE PORT=5666
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
SWAP snmp SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70%
WARNING=50%
PORT=5666
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=@0:600
crit/NP (e.g: 600/NP) WARNING=@0:600
NP (NP stands for “Non Persistent”) PORT=5666
ZOMBIE ZOMBIE CRITICAL=100
WARNING=80
PORT=5666

Back to Host Templates categories

322
 7 MONITORING TEMPLATES
LINUX-UCD

Linux System Statistics (UCD)

Other values providing the same indicators: UCD

Indicator Protocol Column name Syntax Default threshold

ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
CLOCK snmp CLOCK warn/crit (e.g: 120/300) CRITICAL=300
WARNING=180
CPU-STAT snmp CPU-STAT warn/crit (e.g: 120/300) CRITICAL=
WARNING=
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=100
WARNING=80
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500

7.1 HOST MONITORING TEMPLATES

warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
PROC snmp PROC <process1>,<process2>...
SWAP snmp SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70%
WARNING=50%
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

323
POLYCOM

Polycom server
Indicator Protocol Column name Syntax Default threshold
ADM-HTTP tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=6.0
WARNING=4.0
PORT=80
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
EVENT EVENT
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
SWAP snmp SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70%
WARNING=50%
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

324
 7 MONITORING TEMPLATES
POLYCOM-HDX

Polycom HDX desktop device

Indicator Protocol Column Syntax Default threshold
name
ADM-HTTP tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=6.0
WARNING=4.0
PORT=80
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
EVENT EVENT
IP-NETWORK http IP-NETWORK
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
MICROPHONE http MICROPHONE
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
REMOTE- http REMOTE-
BATTERY BATTERY
SWAP snmp SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70%
WARNING=50%
TIME-SERVER http TIME-SERVER
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

325
POM

POM
Indicator Prot. Column name Syntax Default threshold
ADM-HTTPS http, ADM val,val.. (e.g: 22,443,8080) CRITICAL=6.0
tcp WARNING=4.0
PORT=443
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
CLOCK snmp CLOCK warn/crit (e.g: 120/300) CRITICAL=300
WARNING=180
CPU-STAT snmp CPU-STAT warn/crit (e.g: 120/300) CRITICAL=
WARNING=
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
DISK-IO http DISK-IO
EVENT EVENT
LICENSE snmp LICENSE
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=400
WARNING=300
NAGIOS-HEALTH snmp NAGIOS-HEALTH warn/crit (e.g: 100/200) CRITICAL=40
WARNING=20
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
NTP ntp NTP IP address
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
PROC-crond snmp PROC-crond <process1>,<process2>...
PROC-mysqld snmp PROC-mysqld <process1>,<process2>...
PROC-nagios snmp PROC-nagios <process1>,<process2>...
PROC- snmp PROC- <process1>,<process2>...
postmaster postmaster
PROC-perf2rrd snmp PROC-perf2rrd <process1>,<process2>...
PROC-snmpd snmp PROC-snmpd <process1>,<process2>...
PROC-snmptrapd snmp PROC-snmptrapd <process1>,<process2>...
PROC-syslog-ng snmp PROC-syslog-ng <process1>,<process2>...
SWAP snmp SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70%
WARNING=50%
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)
X509 https X509 warn/crit (e.g: 120/300) CRITICAL=45
WARNING=60
PORT=443

Back to Host Templates categories

326
 7 MONITORING TEMPLATES
POM-BASE

POM-Base

Other values providing the same indicators: POM-SAT, POM-SATELLITE

Indicator Prot. Column name Syntax Default threshold

ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
ADM-SSH ssh ADM-SSH val,val.. (e.g: 22,443,8080) PORT=22
CLOCK snmp CLOCK warn/crit (e.g: 120/300) CRITICAL=300
WARNING=180
CPU-STAT snmp CPU-STAT warn/crit (e.g: 120/300) CRITICAL=
WARNING=
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
DISK-IO http DISK-IO
EVENT EVENT
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=400
WARNING=300
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
NTP ntp NTP IP address
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%

7.1 HOST MONITORING TEMPLATES

warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
PROC-crond snmp PROC-crond <process1>,<process2>...
PROC-nagios snmp PROC-nagios <process1>,<process2>...
PROC-snmpd snmp PROC-snmpd <process1>,<process2>...
PROC-snmptrapd snmp PROC-snmptrapd <process1>,<process2>...
PROC-syslog-ng snmp PROC-syslog-ng <process1>,<process2>...
SWAP snmp SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70%
WARNING=50%
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

327
POM-HA

POM-HA (High Availability)

Indicator Protocol Column name Syntax Default threshold
ADM-HTTPS http,tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=6.0
WARNING=4.0
PORT=443
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
CLOCK snmp CLOCK warn/crit (e.g: 120/300) CRITICAL=300
WARNING=180
CPU-STAT snmp CPU-STAT warn/crit (e.g: 120/300) CRITICAL=
WARNING=
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=400
WARNING=300
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
NTP ntp NTP IP address
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
SWAP snmp SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70%
WARNING=50%
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)
X509 https X509 warn/crit (e.g: 120/300) CRITICAL=45
WARNING=60
PORT=443

Back to Host Templates categories

328
 7 MONITORING TEMPLATES
PRINTER

Printer and copier device

Indicator Protocol Column name Syntax Default threshold
ADM-HTTP tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=6.0
WARNING=4.0
PORT=80
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
PAPER snmp PAPER warn%/crit% (e.g: 10%/5%) CRITICAL=5%
See remarks WARNING=10%
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
TONER snmp TONER warn%/crit% (e.g: 10%/5%) CRITICAL=5%
See remarks WARNING=10%
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

REMARKS: FORMER SYNTAX ISSUES

In prior versions of the PRINTER template, the syntax used in PAPER and TONER columns was of
the type key/warn%/crit%

Be sure that your spreadsheet file does not use this old syntax anymore for the PRINTER template,
otherwise you will get an error when trying to generate the configuration with the pomgen tool.

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

329
SCANGAULE

Scangaule and AKPC SensorProbe devices

Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
HUMIDITY snmp HUMIDITY warn/crit (e.g: 120/300) CRITICAL=90
WARNING=80
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
TEMP snmp TEMP lowarn:hiwarn/locrit:hicrit (e.g: 16:22/15:24) CRITICAL=15:24
WARNING=16:22
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

330
 7 MONITORING TEMPLATES
UPS

UPS (Uninterruptible Power Supply) device - any brand

Other values providing the same indicators: APC

Indicator Protocol Column name Syntax Default threshold

ADM-HTTP tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=6.0
WARNING=4.0
PORT=80
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
EVENT EVENT
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPS snmp UPS
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

331
UPS-HP

HP UPS (Uninterruptible Power Supply) device

Indicator Protocol Column name Syntax Default threshold
ADM-HTTP tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=6.0
WARNING=4.0
PORT=80
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
EVENT EVENT
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPS snmp UPS
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

332
 7 MONITORING TEMPLATES
W2000

Windows 2000 system

Indicator Protoco Column name Syntax Default threshold
l
ADM-RDP tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=3
WARNING=1.5
PORT=3389
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CLOCK snmp CLOCK warn/crit (e.g: 120/300) CRITICAL=300
WARNING=180
CPU snmp CPU warn/crit (e.g: 120/300) CRITICAL=80
WARNING=75
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=100
WARNING=80
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)
VMEM VMEM CRITICAL=95%
(DEPRECATED) (DEPRECATED) WARNING=90%

EXCLUDED INTERFACES : WINDOWS HOSTS EXCEPTION

In the particular case of Windows hosts, most network interfaces are virtual interfaces that are

7.1 HOST MONITORING TEMPLATES

seldom or never used. POM now excludes these Interfaces by default.
Where, on other hosts, leaving the PORT column empty will select all interfaces (by using the
implicit filter * ), on Windows hosts, leaving the PORT column empty will exclude some interfaces
by using a more complex implicit filter.
This default filter is declared by the following line in the file /etc/pom/gen/[Link] :
IFACE_SNMP_WINDOWS_DEFAULT_FILTER="*, !WAN Miniport*, !Miniport*WAN*,
!Miniport*Moniteur*, !*QoS*,!*WFP*, !*LightWeight*, !RAS *, !* RAS, !*-0000"

Therefore, one must use great caution when declaring specific values in the NETWORK column of a
Windows host in the HOSTS section, since anything written in that column will overwrite the
default filter.
A way around this issue Is to declare values you want to enter in the SERVICES section instead.
For example, say you want to enter */80%/90% in the NETWORK column of a Windows host in
the HOSTS section. Instead, simply go to the SERVICES section, and in a NETWORK template for
this Windows host, declare 80% in the WARNING column and 90% in the CRITICAL column. This
way, the default interface filter will not be overwritten.

Back to Host Templates categories

333
WIN

Windows system - any version greater than Windows 2000

Other values providing the same indicators: WXP, XP, W2003, W2008, W2008R2, W2012R2, W2012

Indicator Protoco Column name Syntax Default threshold

l
ADM-RDP tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=3
WARNING=1.5
PORT=3389
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CLOCK snmp CLOCK warn/crit (e.g: 120/300) CRITICAL=300
WARNING=180
CPU snmp CPU warn/crit (e.g: 120/300) CRITICAL=80
WARNING=75
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=100
WARNING=80
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)
VMEM snmp VMEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
(DEPRECATED) (DEPRECATED) WARNING=90%

EXCLUDED INTERFACES : WINDOWS HOSTS EXCEPTION

 See previous page

Back to Host Templates categories

334
 7 MONITORING TEMPLATES
WIN-AGENT

Windows Agent

Other values providing the same indicators: Agent Windows

Indicator Protocol Column name Syntax Default threshold

CLOCK snmp CLOCK warn/crit (e.g: 120/300) CRITICAL=300
WARNING=180
CPU snmp CPU warn/crit (e.g: 120/300) CRITICAL=80
WARNING=75
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=100
WARNING=80
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=90%
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=80%
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G)
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

335
WIN-WMI

Windows system (via WMI) - any version greater than Windows 2000

Other values providing the same indicators: WXP-WMI, W2003-WMI, W2008-WMI, W2008R2-WMI,
W2012-WMI

Indicator Protocol Column name Syntax Default threshold

ADM-RDP tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=3
WARNING=1.5
PORT=3389
CLOCK wmi CLOCK warn/crit (e.g: 120/300) CRITICAL=300
WARNING=180
CPU wmi CPU warn/crit (e.g: 120/300) CRITICAL=90%
WARNING=80%
DISK wmi DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
MEM wmi MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NB-PROCESS wmi NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=100
WARNING=80
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
SWAP wmi SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70%
WARNING=50%
UPTIME wmi UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

EXCLUDED INTERFACES : WINDOWS HOSTS EXCEPTION

 See W2000 Host Template

Back to Host Templates categories

336
 7 MONITORING TEMPLATES
7.1.3 NETWORK, INTERNET & REMOTE ACCESS

TEMPLATE Description Aliases From

ver.
ALOHA HAproxy Aloha load balancer any
ARUBA Aruba 3000 wi-fi mobility controller ARUBA 3200 5.0
BLUECOAT Bluecoat Proxy appliance BLUECOAT-SG 5.0
BLUECOAT-PROXYSG
BLUECOAT-AV Bluecoat ProxyAV appliance BLUECOAT-PROXYAV 5.0
BROCADE Brocade network switch 5.3
CCM Cisco Call Manager any
F5-BIGIP F5 BIG-IP Local Traffic Manager BIGIP 5.3
H3C H3C network switch any
HP-5130 HP 5130 series network switch HP5130 5.3
IDRAC Integrated Dell Remote Access Controller 4.1
(iDRAC) management interface
ILO HP ILO (Integrated Lights-Out) any
management interface
IP Basic reachability test - any host any
JUNIPER EX Juniper EX Series network switch JUNIPER SRX 5.0
JUNIPER SA Juniper SA Series network switch 5.0
LIVEBOX Router to access Orange professional any
network
NORTEL Nortel network switch SW-NORTEL any
RIVERBED Riverbed bandwidth optimization device any
ROUTER Router device - any brand any
SNMP (DEFAULT) Basic SNMP protocol 5.0

7.1 HOST MONITORING TEMPLATES

SNMP-5.3 Linux host with NetSNMP version 5.3+ RH30 5.0
RH40
RH50
FEDORA8
FEDORA 8
FEDORA9
FEDORA 9
SNMP-5.5 Linux host with NetSNMP version 5.5+ RH60 5.0
SSH Basic SSH protocol 5.0
SW-3COM 3com network switch 3COM any
SW-CISCO Cisco network switch CISCO C2960 5.0
SW-HP HP network switch any
SW-NORTEL-8600 Nortel 8600 Series network switch NORTEL-8600 5.0

Back to Host Templates categories

337
TEMPLATE Description Aliases From
ver.
UCOPIA Ucopia wi-fi access portal any

Back to Host Templates categories

338
 7 MONITORING TEMPLATES
ALOHA

HAproxy Aloha load balancer

Indicator Protocol Column name Syntax Default threshold
ADM-HTTP tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=0.4
WARNING=0.2
PORT=4444
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
EVENT EVENT
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g:"FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

339
ARUBA

Aruba 3000 series wi-fi mobility controller

Other values providing the same indicators: Aruba 3200

Indicator Protocol Column name Syntax Default threshold

ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
EVENT EVENT
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)
USER-GLOB USER-GLOB

Back to Host Templates categories

340
 7 MONITORING TEMPLATES
BLUECOAT

Bluecoat Proxy appliance

Other values providing the same indicators: Bluecoat-SG, Bluecoat-ProxySG

Indicator Protocol Column name Syntax Default threshold

ADM-HTTPS http,tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=5
WARNING=2
PORT=8082
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CPU snmp CPU warn/crit (e.g: 120/300) CRITICAL=90
WARNING=80
DISK snmp DISK warn%/crit% (e.g: 80%/90%) CRITICAL=90
WARNING=80
EVENT EVENT
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=90
WARNING=80
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

341
BLUECOAT-AV

Bluecoat ProxyAV appliance

Other values providing the same indicators: Bluecoat-ProxyAV

Indicator Protocol Column name Syntax Default threshold

ADM-HTTPS tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=5
WARNING=2
PORT=8082
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CPU snmp CPU warn/crit (e.g: 120/300)
EVENT EVENT
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=90
WARNING=80
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

342
 7 MONITORING TEMPLATES
BROCADE

Brocade network switch

Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g.: 22,443,8080)
PING icmp PING warn/crit (e.g.: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g.: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g.: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g.: 600) CRITICAL=600
crit/NP (e.g.: 600/NP)
NP (NP stands for “Non Persistent”)
TEMP snmp TEMP warn/crit (e.g: 120/300)
FAN snmp FAN lowarn:hiwarn/locrit:hicrit (e.g: 16:22/15:24)
HARDWARE HARDWARE

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

343
CCM

Cisco Call Manager

Indicator Protocol Column name Syntax Default threshold
ADM-HTTPS http,tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=6.0
WARNING=4.0
PORT=443
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=1200
WARNING=1000
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

344
 7 MONITORING TEMPLATES
F5-BIGIP

F5 BIG-IP Local Traffic Manager

Other values providing the same indicators: BIGIP

Indicator Protocol Column Syntax Default threshold

name
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CPU snmp CPU Warn%/crit% (e.g: 80%/90%) CRITICAL=90%
WARNING=80%
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
LOAD snmp LOAD [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=90
WARNING=80
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)
TMM-MEM snmp MEM Warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%

7.1 HOST MONITORING TEMPLATES

Following indicators can only be overriden in the SERVICES section

Indicator Protocol Column name

L4-FASTL4 snmp FASTL4-OPEN
L4-TCP snmp TCP-OPEN
L4-UDP snmp UDP-OPEN
L7-FASTHTTP snmp REQUESTS-PER-SECOND
L7-HTTP snmp REQUESTS-PER-SECOND

Back to Host Templates categories

345
H3C

H3C network switch

Indicator Protocol Column name Syntax Default threshold
ADM-HTTP tcp ADM val,val.. (e.g.: 22,443,8080) CRITICAL=6.0
WARNING=4.0
PORT=80
ADM-SNMP snmp ADM val,val.. (e.g.: 22,443,8080)
EVENT EVENT
PING icmp PING warn/crit (e.g.: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g.: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g.: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g.: 600) CRITICAL=600
crit/NP (e.g.: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

346
 7 MONITORING TEMPLATES
HP-5130

HP 5130 series network switch

Other values providing the same indicators: HP5130

Indicator Protocol Column name Syntax Default threshold

ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CPU snmp CPU Warn%/crit% (e.g: 80%/90%) CRITICAL=80%
WARNING=75%
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)
TEMP snmp TEMP warn/crit (e.g: 120/300)
FAN snmp FAN lowarn:hiwarn/locrit:hicrit (e.g: 16:22/15:24)

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

347
IDRAC

Integrated Dell Remote Access Controller (iDRAC) management interface

Indicator Protocol Column name Syntax Default threshold
ADM-HTTPS http,tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=9.0
WARNING=7.0
PORT=443
EVENT EVENT
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)

Back to Host Templates categories

348
 7 MONITORING TEMPLATES
ILO

HP ILO (Integrated Lights-Out) management interface

Indicator Protocol Column name Syntax Default threshold
ADM-HTTPS http,tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=9.0
WARNING=7.0
PORT=443
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

349
IP

Basic reachability test - any host

Indicator Protocol Column name Syntax Default threshold
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)

Back to Host Templates categories

350
 7 MONITORING TEMPLATES
JUNIPER EX

Juniper EX Series network switch

Other values providing the same indicators: Juniper SRX

Indicator Protocol Column name Syntax Default threshold

ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
EVENT EVENT
LED LED
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

351
JUNIPER SA

Juniper SA Series network switch

Indicator Protocol Column name Syntax Default threshold
ADM-HTTPS http,tcp ADM-HTTPS val,val.. CRITICAL=6.0
(e.g: 22,443,8080) WARNING=4.0
PORT=443
ADM-SNMP snmp ADM val,val..
(e.g: 22,443,8080)
ADM-SSH ssh ADM val,val.. PORT=22
(e.g: 22,443,8080)
CLOCK ssh CLOCK warn/crit CRITICAL=300
(e.g: 120/300) WARNING=180
CPU snmp CPU warn/crit CRITICAL=90
(e.g: 120/300) WARNING=80
DISK snmp DISK */warn%/crit% CRITICAL=90
(e.g: */90%/95%) WARNING=80
*/warn<unit>/crit<unit>
(e.g: */200G/50G%)
*/warn%/crit%
<part>//warn%/crit%
(e.g: */90%/95%
E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit
>
(e.g: */90%/95%
"/var"//500M/100M)
EVENT EVENT
LOGFILE LOGFILE CRITICAL=90
WARNING=80
MEM snmp MEM warn%/crit% CRITICAL=90
(e.g: 80%/90%) WARNING=80
NB-CLUSTER-CONC-USERS snmp NB-CLUSTER-CONC-USERS warn/crit CRITICAL=50
(e.g: 120/300) WARNING=30
NB-CONC-USERS snmp NB-CONC-USERS warn/crit CRITICAL=50
(e.g: 120/300) WARNING=30
NB-MAIL-USERS snmp NB-MAIL-USERS warn/crit CRITICAL=50
(e.g: 120/300) WARNING=30
NB-WEB-USERS snmp NB-WEB-USERS warn/crit CRITICAL=50
(e.g: 120/300) WARNING=30
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
SWAP ssh SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70
WARNING=50
TEMPERATURE snmp TEMPERATURE warn/crit CRITICAL=2
(e.g: 120/300) WARNING=1
TOTAL-HITS snmp TOTAL-HITS warn/crit CRITICAL=
(e.g: 120/300) WARNING=
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non
Persistent”)

Back to Host Templates categories

352
 7 MONITORING TEMPLATES
LIVEBOX

Router to access Orange professional network

Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
BGP snmp BGP
EVENT EVENT
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

353
NORTEL

Nortel network switch

Other values providing the same indicators: SW-Nortel

Indicator Protocol Column name Syntax Default threshold

ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CPU snmp CPU warn/crit (e.g: 120/300) CRITICAL=80
WARNING=75
EVENT EVENT
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

354
 7 MONITORING TEMPLATES
RIVERBED

Riverbed bandwidth optimization device

Indicator Protocol Column name Syntax Default threshold
ADM-HTTPS http,tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=6.0
WARNING=4.0
PORT=443
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CONNECTIO CONNECTIONS
NS
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
RIVERBED snmp RIVERBED
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600

7.1 HOST MONITORING TEMPLATES

crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

355
ROUTER

Router device - any brand

Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
EVENT EVENT
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

356
 7 MONITORING TEMPLATES
SNMP (DEFAULT)

Basic SNMP protocol

Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
PING PING RTA-CRITICAL=500
LOSS-WARNING=80%
LOSS-CRITICAL=90%
RTA-WARNING=200
UPTIME UPTIME CRITICAL=600

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

357
SNMP-5.3

Linux host with NetSNMP version 5.3+

Other values providing the same indicators: RH30, RH40, RH50, Fedora8, Fedora 8, Fedora9, Fedora 9

Indicator Protocol Column name Syntax Default threshold

ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
CLOCK snmp CLOCK warn/crit (e.g: 120/300) CRITICAL=300
WARNING=180
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=100
WARNING=80
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
SWAP snmp SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70%
WARNING=50%
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

358
 7 MONITORING TEMPLATES
SNMP-5.5

Linux host with NetSNMP version 5.5+

Other values providing the same indicators: RH60

Indicator Protocol Column name Syntax Default threshold

ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
CLOCK snmp CLOCK warn/crit (e.g: 120/300) CRITICAL=300
WARNING=180
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=100
WARNING=80
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%

7.1 HOST MONITORING TEMPLATES

warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
SWAP snmp SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70%
WARNING=50%
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

359
SSH

Basic SSH protocol

Indicator Protocol Column name Syntax Default threshold
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
CLOCK ssh CLOCK warn/crit (e.g: 120/300) CRITICAL=300
WARNING=180
DISK ssh DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%) PORT=22
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
LOAD ssh CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
PORT=22
MEM ssh MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
PORT=22
NB-PROCESS ssh NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=100
WARNING=80
PORT=22
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
SWAP ssh SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70%
WARNING=50%
PORT=22
UPTIME ssh UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP) PORT=22
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

360
 7 MONITORING TEMPLATES
SW-3COM

3com network switch

Other values providing the same indicators: 3COM

Indicator Protocol Column name Syntax Default threshold

ADM-HTTP tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=6.0
WARNING=4.0
PORT=80
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
EVENT EVENT
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

361
SW-CISCO

Cisco network switch

Other values providing the same indicators: Cisco C2960

Indicator Protocol Column name Syntax Default threshold

ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CPU snmp CPU-STAT warn/crit (e.g: 120/300) CRITICAL=80
WARNING=75
EVENT EVENT
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

362
 7 MONITORING TEMPLATES
SW-HP

HP network switch
Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CPU snmp CPU warn/crit (e.g: 120/300) CRITICAL=80
WARNING=75
EVENT EVENT
FAN snmp FAN lowarn:hiwarn/locrit:hicrit (e.g: 16:22/15:24) CRITICAL=3:5
WARNING=4
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

363
SW-NORTEL-8600

Nortel 8600 Series network switch

Other values providing the same indicators: Nortel-8600

Indicator Protocol Column name Syntax Default threshold

ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CPU snmp CPU-STAT warn/crit (e.g: 120/300) CRITICAL=80
WARNING=75
EVENT EVENT
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

364
 7 MONITORING TEMPLATES
UCOPIA

Ucopia wi-fi access portal

Indicator Protocol Column name Syntax Default threshold
EVENT EVENT
HTTP http HTTP CRITICAL=0.4
WARNING=0.2
PORT=80
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

365
 7 MONITORING TEMPLATES
7.1.4 SECURITY

TEMPLATE Description Aliases From

ver.
ASA Cisco ASA firewall - any version any
ASTARO Astaro firewall - any version any
BARRACUDA Barracuda Spam Firewall 5.0
CHECKPOINT Checkpoint firewall any
FORTIGATE Fortinet Fortigate firewall - all versions FORTINET 5.3
except 200b FORTIGATE 100D
FORTIGATE 310B
FORTIGATE 200B Fortinet Fortigate 200b firewall 5.3
IRONPORT Ironport firewall any
NETASQ NetASQ security appliance 5.3
NETSCALER Citrix NetScaler Gateway - secure access any
gateway
PALO-ALTO Palo Alto firewall PALOALTO 5.0
PIX Cisco PIX firewall any
STONEGATE McAfee/Stonegate firewall appliance 5.0
UTM UTM (Unified Threat Management) device - FORMILUX any
any brand

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

367
ASA

Cisco ASA firewall - any version

Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CPU snmp CPU warn/crit (e.g: 120/300) CRITICAL=80
WARNING=75
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

368
 7 MONITORING TEMPLATES
ASTARO

Astaro firewall - any version

Indicator Prot. Column name Syntax Default threshold
ADM-HTTPS http,tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=6.0
WARNING=4.0
PORT=444
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=250
WARNING=200
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% WARNING=
(e.g: eth0//80%/90%) PORT=*
warn%/crit%/BW_IN_OUT
(e.g: 80%/90%/1G)
iface//warn%/crit%/BW_IN/BW_OUT
(e.g:FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
PROC-clamd snmp PROC-clamd MIN=
PROC-conntrackd snmp PROC-conntrackd MIN=
PROC-csync2 snmp PROC-csync2 MIN=
PROC-exim snmp PROC-exim MIN=
PROC-ha-daemon snmp PROC-ha-daemon MIN=
PROC-ha-proxy snmp PROC-ha-proxy MIN=
PROC-ha-sysmond snmp PROC-ha-sysmond MIN=
PROC-httpd snmp PROC-httpd MIN=

7.1 HOST MONITORING TEMPLATES

PROC-httpproxy snmp PROC-httpproxy MIN=
PROC-logger snmp PROC-logger MIN=
PROC-mailsec-reporte snmp PROC-mailsec-reporte MIN=
PROC-named snmp PROC-named MIN=
PROC-ntpd snmp PROC-ntpd MIN=
PROC-openvpn snmp PROC-openvpn MIN=
PROC-pfilter-reporte snmp PROC-pfilter-reporte MIN=
PROC-pluto snmp PROC-pluto MIN=
PROC-postgres snmp PROC-postgres MIN=
PROC-service-monitor snmp PROC-service-monitor MIN=
PROC-syslog-ng snmp PROC-syslog-ng MIN=
PROC-ulogd snmp PROC-ulogd MIN=
PROC-vpn-reporter-pl snmp PROC-vpn-reporter-pl MIN=
PROC-websec-reporter snmp PROC-websec-reporter MIN=
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (Non Persistent)

Back to Host Templates categories

369
BARRACUDA

Barracuda Spam Firewall

Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
DISK snmp DISK warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
DOMAIN snmp DOMAIN CRITICAL=
WARNING=
EVENT EVENT
LATENCY snmp LATENCY CRITICAL=
WARNING=
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MESSAGES snmp MESSAGES CRITICAL=
WARNING=
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=PORT=*
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G)
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
QUEUE snmp QUEUE CRITICAL=
WARNING=
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

370
 7 MONITORING TEMPLATES
CHECKPOINT

Checkpoint firewall
Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CHECKPOINT snmp CHECKPOINT
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=100
WARNING=80
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

371
FORTIGATE

Fortinet Fortigate firewall - all versions except 200b

Other values providing the same indicators: Fortinet, Fortigate 100D, Fortigate 310B

Indicator Protocol Column Syntax Default threshold

name
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CPU snmp CPU warn/crit (e.g: 120/300) CRITICAL=95
WARNING=90
MEM snmp MEM warn/crit (e.g: 80/90) CRITICAL=95
WARNING=90
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)
ANTI-VIRUS snmp ANTI-VIRUS
HA-PEER snmp HA-PEER
IDS snmp IDS
NB-SESSIONS snmp NB-SESSIONS
VPN snmp VPN

Back to Host Templates categories

372
 7 MONITORING TEMPLATES
FORTIGATE 200B

Fortinet Fortigate 200b firewall

Indicator Protocol Column Syntax Default threshold
name
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CPU snmp CPU warn/crit (e.g: 120/300) CRITICAL=95
WARNING=90
MEM snmp MEM warn/crit (e.g: 80/90) CRITICAL=95
WARNING=90
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)
ANTI-VIRUS snmp ANTI-VIRUS
IDS snmp IDS
NB-SESSIONS snmp NB-SESSIONS

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

373
IRONPORT

IronPort firewall
Indicator Protocol Column name Syntax Default threshold
ADM-HTTPS http,tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=6.0
WARNING=4.0
PORT=83
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
EVENT EVENT
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

374
 7 MONITORING TEMPLATES
NETASQ

NetASQ security appliance

Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CLOCK snmp CLOCK warn/crit (e.g: 200/500) CRITICAL=300
WARNING=180
CLUSTER snmp CLUSTER
DISK DISK CRITICAL=95%
WARNING=90%
HA-LINK snmp HA-LINK
LOAD snmp LOAD
MEM snmp MEM CRITICAL=95%
WARNING=90%
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non
Persistent”)
DROP-RATE snmp DROP-RATE
ICMP-RATE snmp ICMP-RATE
TCP-CONNECTIONS snmp TCP-CONNECTIONS
TCP-RATE snmp TCP-RATE
UDP-CONNECTIONS snmp UDP-CONNECTIONS
UDP-RATE snmp UDP-RATE

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

375
NETSCALER

Citrix NetScaler Gateway - secure access gateway

Indicator Protocol Column name Syntax Default threshold
ADM-HTTP tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=6.0
WARNING=4.0
PORT=80
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
AUTH AUTH CRITICAL=
WARNING=
CACHE CACHE CRITICAL=
WARNING=
CPU snmp CPU-STAT warn/crit (e.g: 120/300) CRITICAL=80%
WARNING=75%
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit% <part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
DNS DNS CRITICAL=
WARNING=
EVENT EVENT
HTTP HTTP CRITICAL=
WARNING=
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
SERVICEGROUP SERVICEGROUP CRITICAL=
WARNING=
TCP TCP CRITICAL=
WARNING=
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)
VSERVER VSERVER CRITICAL=
WARNING=
WAF WAF CRITICAL=
WARNING=

Back to Host Templates categories

376
 7 MONITORING TEMPLATES
PALO-ALTO

Palo Alto firewall

Other values providing the same indicators: PaloAlto

Indicator Protocol Column name Syntax Default threshold

ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CLUSTER snmp CLUSTER
CPU snmp CPU warn/crit (e.g: 120/300) CRITICAL=80
WARNING=75
EVENT EVENT
NETSTATS snmp NETSTATS
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

377
PIX

Cisco PIX firewall

Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CPU snmp CPU warn/crit (e.g: 120/300) CRITICAL=80
WARNING=75
EVENT EVENT
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

378
 7 MONITORING TEMPLATES
STONEGATE

McAfee/Stonegate firewall appliance

Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CLUSTER snmp CLUSTER
CONN snmp CONN CRITICAL=
WARNING=
CPU snmp CPU warn%/crit% (e.g: 80%/90%) CRITICAL=80%
WARNING=75%
DISK snmp DISK warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
EVENT EVENT
FIREWALL snmp FIREWALL
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING PING RTA-CRITICAL=500
LOSS-WARNING=80%
LOSS-CRITICAL=90%
RTA-WARNING=200
SWAP snmp SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70%
WARNING=50%
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

379
UTM

UTM (Unified Threat Management) device - any brand

Other values providing the same indicators: Formilux

Indicator Protocol Column name Syntax Default threshold

ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
EVENT EVENT
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

380
 7 MONITORING TEMPLATES
7.1.5 STORAGE

TEMPLATE Description Aliases From

ver.
EMC EMC SAN (Storage Area Network) any
NETAPP Netapp SAN (Storage Area Network) any
OPENFILER OpenFiler SAN/NAS 5.2
QNAP Qnap NAS (Network Attached Storage) any
SYNOLOGY Synology NAS 5.0
VTL VTL (Virtual Tape Library) device any

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

381
EMC

EMC SAN (Storage Area Network)

Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=100
WARNING=80
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

382
 7 MONITORING TEMPLATES
NETAPP

Netapp SAN (Storage Area Network)

Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
CPU snmp CPU warn/crit (e.g: 120/300) CRITICAL=90
WARNING=80
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
FAN snmp FAN warn/crit (e.g: 120/300) CRITICAL=2
WARNING=1
HWDISK snmp HWDISK warn/crit (e.g: 120/300) CRITICAL=2
WARNING=1
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
POWER snmp POWER warn/crit (e.g: 120/300) CRITICAL=2
WARNING=1
TEMP snmp TEMP warn/crit (e.g: 120/300) CRITICAL=2

7.1 HOST MONITORING TEMPLATES

WARNING=2
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

383
NETAPP-CLUSTER

Netapp Cluster SAN (Storage Area Network)

Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
EVENT EVENT
FAN snmp FAN warn/crit (e.g: 120/300) CRITICAL=2
WARNING=1
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5”//80%/90%/10M/20M)
PINGf icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
POWER snmp POWER warn/crit (e.g: 120/300) CRITICAL=2
WARNING=1
TEMP snmp TEMP warn/crit (e.g: 120/300) CRITICAL=2
WARNING=2
COMPRESS snmp COMPRESS
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

COMPRESS: Provides the percentage of compression savings in a volume, which is

((compr_saved/(compr_saved + used)) * 100). This is only returned for volumes.

Back to Host Templates categories

384
 7 MONITORING TEMPLATES
OPENFILER

OpenFiler SAN/NAS
Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
ADM-SSH ssh ADM val,val.. (e.g: 22,443,8080) PORT=22
CLOCK snmp CLOCK warn/crit (e.g: 120/300) CRITICAL=300
WARNING=180
CPU-STAT snmp CPU-STAT warn/crit (e.g: 120/300) CRITICAL=
WARNING=
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=100
WARNING=80
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)

7.1 HOST MONITORING TEMPLATES

SWAP snmp SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70%
WARNING=50%
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

385
QNAP

Qnap NAS (Network Attached Storage)

Indicator Prot. Column name Syntax Default threshold
ADM-HTTP tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=6.0
WARNING=4.0
PORT=8080
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
CPU snmp CPU warn/crit (e.g: 120/300) CRITICAL=80
WARNING=75
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
FAN snmp FAN warn/crit (e.g: 120/300) CRITICAL=1300
WARNING=700
HWDISK snmp HWDISK warn/crit (e.g: 120/300) CRITICAL=60
WARNING=50
NB-PROCESS snmp NB-PROCESS warn/crit (e.g: 120/300) CRITICAL=250
WARNING=200
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT PORT=*
(e.g: 80%/90%/1G)
iface//warn%/crit%/BW_IN/BW_OUT
(e.g:FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
PROC-iscsi-logd snmp PROC-iscsi-logd <process1>,<process2>... MIN=
PROC-iscsid snmp PROC-iscsid <process1>,<process2>... MIN=
PROC-nfsd snmp PROC-nfsd <process1>,<process2>... MIN=
PROC-nfsd4 snmp PROC-nfsd4 <process1>,<process2>... MIN=
PROC-portmap snmp PROC-portmap <process1>,<process2>... MIN=
PROC-proftpd snmp PROC-proftpd <process1>,<process2>... MIN=
PROC-QNAP- snmp PROC-QNAP- <process1>,<process2>... MIN=
fileio fileio
PROC-qsmartd snmp PROC-qsmartd <process1>,<process2>... MIN=
PROC-qsyslogd snmp PROC-qsyslogd <process1>,<process2>... MIN=
PROC-rsyncd snmp PROC-rsyncd <process1>,<process2>... MIN=
PROC-smbd snmp PROC-smbd <process1>,<process2>... MIN=
PROC-winbindd snmp PROC-winbindd <process1>,<process2>... MIN=
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

386
 7 MONITORING TEMPLATES
SYNOLOGY

Synology NAS (Network Attached Storage)

Indicator Protocol Column name Syntax Default threshold
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
HARDWARE HARDWARE CRITICAL=
WARNING=
LOAD snmp CPU [Link]/[Link] (e.g: 2.00/5.00) CRITICAL=5.00
WARNING=2.00
MEM snmp MEM warn%/crit% (e.g: 80%/90%) CRITICAL=95%
WARNING=90%
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
SWAP snmp SWAP warn%/crit% (e.g: 80%/90%) CRITICAL=70%
WARNING=50%
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)

7.1 HOST MONITORING TEMPLATES

NP (NP stands for “Non Persistent”)

Back to Host Templates categories

387
VTL

VTL (Virtual Tape Library) device

Indicator Protocol Column name Syntax Default threshold
ADM-HTTP tcp ADM val,val.. (e.g: 22,443,8080) CRITICAL=6.0
WARNING=4.0
PORT=80
ADM-SNMP snmp ADM val,val.. (e.g: 22,443,8080)
DISK snmp DISK */warn%/crit% (e.g: */90%/95%) CRITICAL=95%
*/warn<unit>/crit<unit> WARNING=90%
(e.g: */200G/50G%)
*/warn%/crit% <part>//warn%/crit%
(e.g: */90%/95% E://97%/99%)
*/warn%/crit%
<part>//warn<unit>/crit<unit>
(e.g: */90%/95% "/var"//500M/100M)
EVENT EVENT
NETWORK snmp NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME snmp UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)

Back to Host Templates categories

388
 7 MONITORING TEMPLATES
7.1.6 VIRTUALIZATION

TEMPLATE Description Aliases From

ver.
AWS Amazon Web Services VM monitoring 5.4
ESX VMWARE ESX system - version greater than 4 any

7.1 HOST MONITORING TEMPLATES

Back to Host Templates categories

389
AWS

Amazon Web Services VM monitoring

For more info on AWS infrastructures monitoring in POM:

 See INTEGRATION: Monitoring a Virtualized Infrastructure (AWS)

Back to Host Templates categories

390
 7 MONITORING TEMPLATES
ESX

VMWARE ESX system - version greater than 4

Indicator Protocol Column name Syntax Default threshold
CLOCK https CLOCK warn/crit (e.g: 120/300) CRITICAL=300
WARNING=180
CONFIG https CONFIG
CPU https CPU warn/crit (e.g: 120/300) CRITICAL=85%
WARNING=75%
DISK-LATENCY https DISK-LATENCY kernel//4/6 KERNEL-CRITICAL=6
device//15/20 KERNEL-WARNING=4
queue//0/0 DEVICE-WARNING=15
DEVICE-CRITICAL=20
QUEUE-CRITICAL=0
QUEUE-WARNING=0
MEM https MEM warn%/crit% (e.g: 80%/90%) CRITICAL=85%
WARNING=75%
NETWORK https NETWORK warn%/crit% (e.g: 80%/90%) CRITICAL=
iface//warn%/crit% (e.g: eth0//80%/90%) WARNING=
warn%/crit%/BW_IN_OUT (e.g: 80%/90%/1G) PORT=*
iface//warn%/crit%/BW_IN/BW_OUT
(e.g: FastEthernet0/5"//80%/90%/10M/20M)
PING icmp PING warn/crit (e.g: 200/500) RTA-CRITICAL=500
warn/crit warn%/crit% LOSS-WARNING=80%
(e.g: 200/500 5%/10%) LOSS-CRITICAL=90%
warn/crit warn%/crit% num RTA-WARNING=200
(e.g: 200/500 5%/10% 1)
UPTIME https UPTIME crit (e.g: 600) CRITICAL=600
crit/NP (e.g: 600/NP)
NP (NP stands for “Non Persistent”)
VMFS https VMFS warn%/crit%//inc=<regex>/exc='regex' CRITICAL=95%
(e.g: 75%/85%//inc=.+/exc=’ˆ$’) WARNING=90%
warn%/crit%//exc=<regex>
(e.g: 75%/85%//exc=Local|local)

7.1 HOST MONITORING TEMPLATES

*/exc=<regex> (e.g: */exc=.+)

For more info on ESX systems monitoring in POM:

 See INTEGRATION: Monitoring a Virtualized Infrastructure (VMWare)

391
393
7.2 SERVICE MONITORING TEMPLATES

7.2 SERVICE MONITORING TEMPLATES 7 MONITORING TEMPLATES

OVERVIEW
Service monitoring templates, or simply Service templates, are ready-to-use declarations to set a
target service as a monitoring point, using the fitting check commands.
POM’s service templates configuration files can be found in the following directory:
/opt/pom/lib/gen/service

Service templates are registered in POM by entering the adequate info in a HOSTS or a SERVICES
section in the configuration spreadsheet file.
 See MONITORING ADMINISTRATION: Spreadsheet File – HOSTS Section
 See MONITORING ADMINISTRATION: Spreadsheet File – SERVICES Section

CATEGORIES
Service monitoring templates available in POM can be divided in 4 main categories. Click on one of
these following to be redirected to the full list of available templates in the corresponding
category:

 SYSTEM INDICATORS
Templates to monitor system status data.

 TCP/IP & NETWORK SERVICES

Templates to monitor network-oriented services, applications & protocols.

 DATABASES
Templates to monitor databases status & health.

 APPLICATIONS & SOFTWARE

Templates to monitor specific applications & software.

394
 7 MONITORING TEMPLATES
MULTISERVICE TEMPLATES
Some service templates are actually an aggregation of several basic service templates. They are
then, rightly so, called multiservice templates.
Hereafter is a list of these meta-templates and the service templates they include:
TEMPLATE Description Embedded From
service templates ver.
AD Windows Active Directory state AD-NTP any
AD-SYSVOL-SHARED
AD-FMSO-ROLES
AD-REPLSUM
AD-LDAP
AD-LDAP-AUTH
AD-LDAP-AUTH-SSL
AD-LDAP-AUTH-TLS
ESX-CL Check of a VMWARE cluster CL-CPU any
CL-MEM
CL-CONFIG
ESX-VC Check of a VMWARE V-Center VC-CPU any
VC-MEM
VC-VMFS
VC-IO
VC-CONFIG
VC-DISK-LATENCY
ORACLE Check Oracle databases ORAMEM 5.0
ORASID
ORATBS

7.2 SERVICE MONITORING TEMPLATES

395
 7 MONITORING TEMPLATES
7.2.1 FULL LIST OF SERVICE TEMPLATES

TEMPLATE Description Protocols From

ver.
AD Windows Active Directory state any
ADM Control of device administration port availability any
AWS-ALARM Check the status of an AWS account's alarms https 5.4
AWS-BILLING Get the estimated charges from an account on AWS https 5.4
CLOCK NTP synchronisation with POM server snmp,ssh 4.0
CPU CPU Load average, as seen by the operating system snmp,ssh any
DB2 Check DB2 databases 4.1
DC-SYNC Domain Controller synchronization via WMI wmi 5.2
DHCP Check of IP address providing capacity dhcp any
DISK Filling rate of each disk or partition snmp,ssh any
DNS Dynamic name resolution dns any
ERRPT AIX system error log data detection ssh 4.1
ESX-CL Check of a VMWARE cluster any
ESX-SNAPSHOTS Number of snapshots in a VMWARE virtual any
infrastructure
ESX-VC Check of a VMWARE V-Center any
ESX-VC-VMFS VMWare VMFS (disks) from a VCenter point of view 4.0
ESX-VMFS VMWare VMFS (disks) from an ESX point of view 4.0
FTP FTP server availability ftp any
FTP-AGE File age via FTP 4.1
FTPS FTPS (FTP Secure) server availability ftps any
HTTP Connection to a web site. The site is separate from http any
the host which the monitoring point is associated to
HTTPS Connection to a web site. The site is separate from https any
the host which the monitoring point is associated to
IF-ERROR Number of network errors snmp 5.3

7.2 SERVICE MONITORING TEMPLATES

IMAP IMAP service on a mail server imap 4.0
IMAPS IMAPS (IMAP over SSL) service on a mail server imaps 4.0
LDAP Availability of LDAP server (AD, OpenLDAP or else) any
LDAPS Availability of LDAP server via SSL any
LDAPTLS Availability of LDAP server (AD, OpenLDAP or else) any
via STARTTLS
LICENSE POM license validity 5.2
LOAD Load indicates the number of running tasks on a snmp,ssh any
given period (1min, 5min, 15min). On a single
processor machine, a load of 1 means that the CPU
has been busy during 100% of its time.
MEM Memory (RAM) use rate, output in both percentage snmp,ssh any
and byte
MSSQL Monitoring of Microsoft SQL databases any
MSSQLREPL MSSQL database replication any
MYSQL MYSQL database server 4.0

Back to Service Templates categories

397
TEMPLATE Description Protocols From
ver.
NB-PROCESS Number of processes running on the device any
NETWORK Availability and load of network interfaces on target 5.0
devices
NRPE Service monitoring with a deported Nagios agent nrpe any
OFFICE365 Microsoft Office365 connectivity 5.2
ORACLE Check Oracle databases 5.0
PING Latency and data loss check during the connection to icmp any
a device
POM-DISCOVERY POM Discovery tool state 5.2
POP POP service on a mail server pop any
POPS POP over STARTTLS service on a mail server pops any
POSTGRESQL Check Postgresql databases 4.1
PROC Process availability any
PROCESS-AGE Process age 5.1
PROXY Check of a proxy server by requesting a web site, or any
check of an URL response via a proxy server
RADIUS Radius authentication server availability any
ROBOCOPY Robocopy transfer log file analysis via Samba smb any
SCENARIO Web site browsing with validation steps and global any
duration
SCHEDULED-JOB Scheduled job execution state 5.2
SFTP SFTP server availability sftp 4.1
SMB Check disk free space in a SMB share smb 4.0
SMB-DIR Alert on number of files or age of oldest file via SMB smb 4.1
SMTP Check an SMTP server state with an SMTP request smtp any
SMTPTLS Check an SMTP server state with an SMTP over smtp any
STARTTLS request
SNMP Fetch status information from an OID snmp 5.2
SSH SSH server connectivity any
SVC Windows service activation state any
SWAP Swap (page file) use rate, output in both percentage 4.0
and byte
TCP Check a TCP port is listening and test a string in the any
reply
UPTIME Uptime check to detect the device restart snmp,ssh any
VOLUME-WMI Monitoring of disk drives by volume ID via WMI wmi 5.4
WEB Check HTTP return codes on a target URL
WINEXE Run an application on a Windows server 4.1
WSRPE WSRP (Web Services for Remote Portlets) service any
X509 Check of X.509 certificate validity 4.0

Back to Service Templates categories

398
 7 MONITORING TEMPLATES
7.2.2 SYSTEM INDICATORS

TEMPLATE Description Protocols From

ver.
ADM Control of device administration port availability any
CLOCK NTP synchronisation with POM server snmp,ssh 4.0
CPU CPU Load average, as seen by the operating system snmp,ssh any
DISK Filling rate of each disk or partition snmp,ssh any
ERRPT AIX system error log data detection 4.1
LOAD Load indicates the number of running tasks on a given snmp,ssh any
period (1min, 5min, 15min). On a single processor
machine, a load of 1 means that the CPU has been busy
during 100% of its time.
MEM Memory (RAM) use rate, output in both percentage and snmp,ssh any
byte
NB-PROCESS Number of processes running on the device any
NRPE Service monitoring with a deported Nagios agent nrpe any
PROC Process availability any
PROCESS-AGE Process age 5.1
SWAP Swap (page file) use rate, output in both percentage and 4.0
byte
UPTIME Uptime check to detect the device restart snmp,ssh any
VOLUME-WMI Monitoring of disk drives by volume ID via WMI wmi 5.4

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

399
ADM

Control of device administration port availability

The access port default value is related to the device. Connection tests are run on default and
given ports. These ports usually are dedicated for administration but any open port on the device
may be given.

METROLOGY
State Output
OK tcp/3389 open
tcp/RDP open

HOSTS SECTION
Column Format Def. val. Comment
ADM TELNET,80,.. depends on More than one port may be given, separated by a
the host comma. Values can be either a port number or a
template protocol name (eg. 22 or SSH)

Back to Service Templates categories

400
 7 MONITORING TEMPLATES
CLOCK

NTP synchronisation with POM server

METROLOGY
State Output
OK CLOCK OK: Tue Feb 24 [Link] CET 2015, 0 secs diff
WARNING CLOCK WARNING: Tue Feb 24 [Link] CET 2015, 209 secs diff
CRITICAL CLOCK CRITICAL: Tue Feb 24 [Link] CET 2015, 735 secs diff

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name

7.2 SERVICE MONITORING TEMPLATES

TEMPLATE CLOCK N.A Mandatory
NAME text N.A Monitoring point name
WARNING integer 180 Warning threshold on diff time (seconds)
CRITICAL integer 300 Critical threshold on diff time (seconds)
TIMEOUT integer 2 Seconds before connection times out

EXAMPLE OF USE IN CONTEXT – SERVICES

HOSTNAME TEMPLATE NAME WARNING CRITICAL TIMEOUT
srv-app1 CLOCK SRV-APP1-CLOCK 60 120 3

Back to Service Templates categories

401
CPU

CPU Load average, as seen by the operating system

Windows systems do not provide load information. Instead, the percentage of processors use is
available. There are as many measure points as virtual processors, but alerts and output rely on the
percentage of processors use average.

Note: Data are collected via SNMP protocol, thus SNMP server must be correctly setup on monitored
devices.

METROLOGY
State Output
OK CPU: avg:18%, 27% 9%
>> CPU use = 18% is the average of the two CPUs found, which are 27% and 9%
used
UNKNOWN ERR: Timeout: No Response from [Link]
>> No answer from the device, the CPU state is not available, thus the
UNKNOWN state

HOSTS SECTION
Column Format Def. val. Comment
CPU warn%/crit% depends on CPU use average - non Unix/Linux devices. The given
the host threshold applies to the average of all CPU use.
template

Back to Service Templates categories

402
 7 MONITORING TEMPLATES
DISK

Filling rate of each disk or partition

METROLOGY
State Output
OK DISK: /=83%=12.7GB, /Debian=53%=8.09GB, /home=20%=31.3GB,
/vm=65%=67.1GB, /download=78%=23.9GB

HOSTS SECTION
Column Format Def. val. Comment
DISK see remarks */90%/95% Input format is slightly different for Unix/Linux and
for Windows (see remarks)

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

403
REMARKS – HOSTS SECTION

Formats :
{DD|*}/WARN(%|<unit>)/CRIT(%|<unit>)
[[DD]/WARN(%|<unit>)/CRIT(%|<unit>) …
[DD]/WARN(%|<unit>)/CRIT(%|<unit>)]

{WP:|*}/WARN(%|<unit>)/CRIT(%|<unit>)
[[WP:]/WARN(%|<unit>)/CRIT(%|<unit>) ..
[WP:]/WARN(%|<unit>)/CRIT(%|<unit>)]

 DD stands for a Unix/Linux partition

 WP: stands for a Windows partition
 <unit> stands for the unit (nothing or o(octet/byte) K(Kilo) M(Mega) G(Giga) T(Tera))
 DD (or WP:), if given, set a specific threshold on a partition or a disk. The value may be given
in percent (%) of used space or in space left (<unit>).
 An auto-discovery operation of existing partitions is run in the first place, in order to
generate cache and reduce the number of requests. Removable devices (CD-ROM, floppies),
read-only and virtual RAM partitions are ignored.
 If an alert arises, faulty partitions are surrounded with stars (**) in output and their free left
space is shown.

Examples :
*/90%/95% W:/97%/99% Percent of used space threshold of 90% (warning) and 95% (critical) for all
partitions except for W: , for which threshold are 97% and 99%
*/90%/95% W:/50G/10G Percent of used space threshold of 90% (warning) and 95% (critical) for all
partitions except for W: , for which left space threshold are 50G and (warning) and 10G (critical)
*/90%/95% "!/var*" Percent of used space threshold of 90% (warning) and 95% (critical). All disks
will be monitored except those matching the pattern /var*.

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Machine name
NAME text N.A Monitoring point name
TEMPLATE See remarks N.A Mandatory value. See remarks
PARTITION text * Optional. See remarks
WARNING decimal See remarks Optional
CRITICAL decimal See remarks Optional
RESERVED decimal 0 Optional. Reserved disk percentage. See remarks
INCLUDE regex N.A. Optional. Included elements. See example
EXCLUDE regex N.A. Optional. Excluded elements. See example
LABEL text N.A. Optional. Label. See example

Back to Service Templates categories

404
 7 MONITORING TEMPLATES
REMARKS – SERVICES SECTION

TEMPLATE column
By specifying DISK in the TEMPLATE column, POM will automatically use the protocol associated
with the host (e.g.: SNMP for most Unix/Linux hosts).
 See Host Monitoring Templates
In case you would like to use another protocol than the default one, please contact our technical
support team.

PARTITION column
Default value is * (all partitions). Partitions can be excluded using the ! wildcard
You can use - as a key for default thresholds.
PARTITION WARNING CRITICAL
* 90% 95%
Everything is monitored, with thresholds of 90% (WARNING) and 95% (CRITICAL)
PARTITION WARNING CRITICAL
-,C:,D:,E: 90%,,,50% 95%,,,70%
For drives C: and E:, thresholds aren't specified, therefore the thresholds used are the ones
corresponding to - in the PARTITION column (90%,95%). For drive E:, thresholds are 50%,70%. With
this syntax, a Z: network drive would NOT be monitored as would be the case with the use of *.

RESERVED column
Sets the percentage of disk space reserved for nodes management on ext2, ext3 & ext4 partitions
If left empty or set to 0, 5% of disk space will be reserved by default

EXAMPLES OF USE IN CONTEXT – SERVICES

SNMP
HOSTNAME TEMPLATE NAME PARTITION WARNING CRITICAL RESERVED
srv-01 DISK SRV-01-DISK * 90% 95% 0

7.2 SERVICE MONITORING TEMPLATES

Note: SNMP server must be correctly configured on monitored devices

ESX (vCenter host)

HOSTNAME TEMPLATE NAME INCLUDE EXCLUDE WARNING CRITICAL
vc-01 ESX-VC-VMFS Ds0 Datastorage0 75% 90%
vc-01 ESX-VC-VMFS Ds1 Datastorage1 75% 90%
vc-01 ESX-VC-VMFS VC-01-DISK 75% 90%

ESX (ESX host)

HOSTNAME TEMPLATE NAME INCLUDE EXCLUDE WARNING CRITICAL
srv-esx-01 ESX-VMFS Ds0 Datastorage0 75% 90%
srv-esx-01 ESX-VMFS Ds1 Datastorage1 75% 90%
srv-esx-01 ESX-VMFS SRV-ESX-01-DISK 75% 90%

BLUECOAT, JUNIPER SA
HOSTNAME TEMPLATE NAME LABEL WARNING CRITICAL
prx-01 DISK PRX-01-DISK DISK 80% 90%
sw-jun-02 DISK SW-JUN-02-DISK diskFullPercent 80% 90%

Back to Service Templates categories

405
ERRPT

AIX system error log data detection

METROLOGY
State Output
UNKNOWN ERRPT UNKNOWN: You didn't give all mandatory options

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE ERRPT N.A Mandatory
NAME text N.A Monitoring point name
PORT integer N.A. Port number
USER text N.A. User name
WARNING integer 1 Warning threshold
CRITICAL integer 1 Critical threshold

EXAMPLE OF USE IN CONTEXT – SERVICES

HOSTNAME TEMPLATE NAME PORT USER WARNING CRITICAL
srv-aix-01 ERRPT SRV-AIX-01-ERRPT 22

Back to Service Templates categories

406
 7 MONITORING TEMPLATES
LOAD

Load indicates the number of running tasks on a given period (1min, 5min, 15min).
On a single processor machine, a load of 1 means that the CPU has been busy
during 100% of its time.

Note: Data are collected via SNMP protocol, thus SNMP server must be correctly setup on monitored
devices.

METROLOGY
State Output
OK LOAD OK: load1: 0.00, load5: 0.05, load15: 0.05

HOSTS SECTION

7.2 SERVICE MONITORING TEMPLATES

Column Format Def. val. Comment
CPU warn/crit depends on Values are formated as the output of uptime unix
(2 ranges the host command
decimal) template

REMARKS – HOSTS
Threshold applies on all processors. For Unix/Linux devices, the checked value is the average of
the second of the three output values. For Cisco devices, the checked value is the first of the three
output values.

Note: The column used is CPU, thus the same as for the template CPU, but with a different input syntax.

Back to Service Templates categories

407
SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Machine name
NAME text N.A Monitoring point name
TEMPLATE LOAD N.A Mandatory value
TYPE text linux Optional. Possible values are: linux asa cisco hp
nortel qnap
WARNING decimal 2.00 Optional
CRITICAL decimal 5.00 Optional

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME WARNING CRITICAL
srv-02 LOAD SRV-02-LOAD 1 3

REMARKS – SERVICES
Threshold applies on all processors.
For Unix/Linux devices, the checked value is the average of the second of the three output values.
For Cisco devices, the checked value is the first of the three output values.

Back to Service Templates categories

408
 7 MONITORING TEMPLATES
MEM

Memory (RAM) use rate, output in both percentage and byte

Note: Data are collected via SNMP protocol, thus SNMP server must be correctly setup on monitored
devices.

METROLOGY
State Output
OK MEM OK - 73% = 2.74GB used
UNKNOWN MEM UNKNOWN: Can't request host or bad return values
>> Connection error with target device
MEM UNKNOWN - FATAL: no value returned
>> Plugin not adapted to target device (probable host setting problem)

7.2 SERVICE MONITORING TEMPLATES

HOSTS SECTION
Column Format Def. val. Comment
MEM warn%/crit% depends on Threshold for the use of the device RAM
the host
template

Back to Service Templates categories

409
NB-PROCESS

Number of processes running on the device

An important raise in this number may reveal a problem.

Note: Data are collected via SNMP protocol, thus SNMP server must be correctly setup on monitored
devices.

METROLOGY
State Output
OK NB-PROCESS OK: nbproc: 124
WARNING NB-PROCESS WARNING: nbproc: 133 (130/150)
CRITICAL NB-PROCESS CRITICAL: nbproc: 160 (130/150)

HOSTS SECTION
Column Format Def. val. Comment
NB-PROCESS warn/crit depends on the Thresholds should be set depending on the use of
host template the monitored device

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Machine name
NAME text N.A Monitoring point name
TEMPLATE NB-PROCESS N.A Mandatory value
TYPE text linux Optional. Possible values are: linux aix cisco win
WARNING decimal 80 Optional
CRITICAL decimal 100 Optional

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME WARNING CRITICAL
srv-03 NB-PROCESS SRV-03-NB-PROCESS 50 80

Back to Service Templates categories

410
 7 MONITORING TEMPLATES
NRPE

Service monitoring with a deported Nagios agent

NRPE (Nagios Remote Plugin Executor) allows you to remotely execute plugins on other
Linux/Unix machines, thus allowing you to monitor remote machine metrics (disk usage, CPU load,
etc.). NRPE can also communicate with some of the Windows agent addons like NSClient++, so you
can check metrics on remote Windows machines as well

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Machine Name
TEMPLATE NRPE N.A Mandatory value
NAME text N.A Monitoring point name
PORT integer 5666 Port
TIMEOUT time 20 Timeout in seconds
COMMAND text N.A NRPE Remote command
ARG1 text/decimal N.A First command argument, let empty if the argument
is hardcoded in the remote [Link] or not exist
ARG2 text/decimal N.A Second command argument, let empty if the

7.2 SERVICE MONITORING TEMPLATES

argument is hardcoded in the remote [Link] or not
exist
ARG3 text/decimal N.A Third command argument, let empty if the
argument is hardoced in the remote [Link] or not
exist
ARGX text/decimal N.A Add columns if more arguments exist
SSL 0 N.A Optional. Use this column with value 0 to deactivate
SSL for the connection to the remote Linux host
(SSL will be used by default)
WARNING See remarks Depends on See remarks
COMMAND
CRITICAL See remarks Depends on See remarks
COMMAND

Back to Service Templates categories

411
REMARKS

Installation of NRPE
You have to install the NRPE daemon and the Nagios plugins on the remote host.
With a distribution based on Red Hat:
# sudo yum install nrpe
# sudo yum install nagios-plugins-all

With a distribution based on Debian:

# sudo apt-get install nagios-nrpe-server
# sudo apt-get install nagios-plugins
Then edit the file /etc/nagios/[Link] to set the address of your POM server. You also can set the
TCP port (by default 5666)
...
server_port=5666
allowed_hosts=[Link]
...
In the same file, define the plugins you will use. You can use hardcoded command arguments or
variable command arguments that you will be able to set in the spreadsheet file.
...
# The following examples use hardcoded command arguments...
command[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c 10
#command[check_load]=/usr/lib/nagios/plugins/check_load -w 15,10,5 -c 30,25,20
#command[check_disk]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% -p /dev/sda1
command[check_zombie_procs]=/usr/lib/nagios/plugins/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/lib/nagios/plugins/check_procs -w 150 -c 200
...
# The following examples use variables command arguments...
#command[check_users]=/usr/lib/nagios/plugins/check_users -w $ARG1$ -c $ARG2$
command[check_load]=/usr/lib/nagios/plugins/check_load -w $ARG1$ -c $ARG2$
command[check_disk]=/usr/lib/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
#command[check_procs]=/usr/lib/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$

Note: You have to restart the service nagios-nrpe-server after modification of the configuration

EXAMPLES OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME COMMAND ARG1 ARG2 PORT
dc-01 NRPE NRPE LOAD check_load 80 95
dc-02 NRPE NRPE USERS check_users
dc-03 NRPE NRPE DISK check_disk 5667
dc-03 NRPE NRPE ZOMBIE check_zombie_procs
dc-03 NRPE NRPE PROCS check_procs

Back to Service Templates categories

412
 7 MONITORING TEMPLATES
PROC

Process availability

Note: Data are fetched via SNMP protocol, thus SNMP server must be correctly setup on monitored
devices.

For each given process, a service named PROC-<process_name> will be created. The check is based
on the process name only, without any path information. Two process names must be separated by
a comma ,. Each process leads to a new service.
As an example, the values havp, syslog-ng, mingetty tty1 would lead to the following
services:
PROC-havp
PROC-syslog-ng
PROC-mingetty

METROLOGY
State Output
OK Process: PROC-exim-in1 is active with 1 pid: 3231

7.2 SERVICE MONITORING TEMPLATES

HOSTS SECTION
Column Format Def. val. Comment
PROC process1, process2, … N.A Comma separated list of process names to be
monitored

Back to Service Templates categories

413
SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Server name as recorded in HOSTS section
NAME text N.A Facultatif. Monitoring point name
TEMPLATE PROC N.A Mandatory value
PROCESS text N.A Mandatory. Name of monitored process, possibly with
its argument set (see remarks below)
MIN integer 1 Minimal number of process instances
MAX integer 1 Maximal number of process instances
ARGS text N.A Filter if multiple entries for the process. See remarks

REMARKS
Processes list may be generated by POM with the list-snmp-process command line tool.

ARGS column
This column allows you to filter results if the monitored process has several occurences. See
example below.

EXAMPLES OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME PROCESS ARGS
srv-mysql PROC MYSQL mysqld
srv-app1 PROC myApp java [Link]

Back to Service Templates categories

414
 7 MONITORING TEMPLATES
PROCESS-AGE

Process age

METROLOGY
State Output
OK PROCESS-AGE OK: All process are below the limited age
WARNING PROCESS-AGE WARNING: **Age of N processes are in warning (older than Xmin)**
CRITICAL PROCESS-AGE CRITICAL: **Age of N processes are critical (older than X min)**
PROCESS-AGE CRITICAL: **No process matched**

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Server name as recorded in HOSTS section
NAME text N.A Optional. Monitoring point name
TEMPLATE PROCESS-AGE N.A Mandatory value
PROCESS text N.A Mandatory. Name of monitored process, possibly
with its argument set (see remarks below)
ARGS text N.A. Optional. Arguments
WARNING integer 60 Optional. Warning process age (in minutes)
CRITICAL integer 60 Optional. Critical process age (in minutes)

REMARKS
Processes list may be generated by POM with the list-snmp-process command line tool.

7.2 SERVICE MONITORING TEMPLATES

EXAMPLES OF USE IN CONTEXT - SERVICES
HOSTNAME TEMPLATE NAME PROCESS ARGS WARNING CRITICAL
srv-pom-01 PROCESS-AGE POM-PROC-AGE Word 120 300
srv-pom-01 PROCESS-AGE POM-PROC-AGE Word -v foo 120 300
srv-pom-01 PROCESS-AGE POM-PROC-AGE Wor* -v foo 120 300

Back to Service Templates categories

415
SWAP

Swap (page file) use rate, output in both percentage and byte

Note: Data are collected via SNMP protocol, thus SNMP server must be correctly setup on monitored
devices.

METROLOGY
State Output
OK SWAP OK - 6% = 67.06MB used
UNKNOWN SWAP UNKNOWN: Can't request host or bad return values
>> The plugin can not request the target device

HOSTS SECTION
Column Format Def. val. Comment
SWAP warn%/crit% depends on Threshold for the use of the device swap (page file on
the host some OS)
template

Back to Service Templates categories

416
 7 MONITORING TEMPLATES
UPTIME

Uptime check to detect the device restart

Note: Data are collected via SNMP protocol, thus SNMP server must be correctly setup on monitored
devices.

METROLOGY
State Output
OK UPTIME OK: System UP since 14 days 22 hours 38 minutes 14 seconds
CRITICAL UPTIME CRITICAL: System UP since 2 minutes 57 seconds
>> Alert caused by uptime, lower than threshosld (600 sec = 10 min)
UNKNOWN UPTIME UNKNOWN: Failed to get uptime
>> Alert raised by unreachability of the host

7.2 SERVICE MONITORING TEMPLATES

HOSTS SECTION
Column Format Def. val. Comment
UPTIME integer[/NP] NP depends on the host template

Back to Service Templates categories

417
REMARKS

Hint: Reload instead of restart

On Linux and Windows systems, an SNMP service restart resets the uptime, thus an alert is raised.
On Linux systems, a service reload instead of a service restart is a turnaround to this problem.

Default behavior
Important: The default behavior is to keep the uptime critical state persistent. Thus any unattended
alert causes a permanent reminder to be present in the event view. To change this behavior, type
in NP (for “Non Persistent”) in the UPTIME cell, or <value>/NP if you set <value> to override
the default threshold.

Back to Service Templates categories

418
 7 MONITORING TEMPLATES
VOLUME-WMI

Monitoring of disk drives by volume ID, via WMI

Notes: this template is particularly useful when a drive size exceeds 2 terabytes. It allows you to
monitor any disk drive by registering its volume ID rather than its drive letter. This template will
generate a classic DISK service.

METROLOGY
State Output
OK DISK: /=83%=12.7TB, /Debian=53%=8.09TB, /home=20%=31.3TB,
/vm=65%=67.1TB, /download=78%=23.9TB
UNKNOWN DISK UNKNOWN: No Matching Disk for : [volume ID]
DISK UNKNOWN: Could not get volume information

7.2 SERVICE MONITORING TEMPLATES

HOSTS SECTION
Column Format Def. val. Comment
CREDENTIALS Text N.A Authentication credentials - wmi type

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Machine name
NAME text N.A Monitoring point name. See remarks
TEMPLATE VOLUME-WMI N.A Mandatory value
FILE-SYSTEM text !CDFS File system
PARTITION text *,!\\* Volume Name
WARNING percentage 90% Optional
CRITICAL percentage 95% Optional

Back to Service Templates categories

419
EXAMPLE OF USE IN CONTEXT - SERVICES
HOSTNAME TEMPLATE NAME PARTITION
srv-01 VOLUME-WMI SRV-01-VOL-WMI *{124cb4cc-4332-11e1-af3b-b482fe8b9238}
srv-01 VOLUME-WMI SRV-01-C C:

REMARKS

NAME column
Although this column is optional, we recommend that you enter a name that will remind you, in
the Events tab of the WUI, that you are looking at a VOLUME-WMI template rather than a basic
DISK service.

Important note: Keep in mind that, if you left value empty in a NAME column, as the VOLUME-WMI
template creates a DISK service, any threshold you define for the VOLUME-WMI template will
overwrite the threshold defined for the host, in a DISK column of a HOSTS section.

Back to Service Templates categories

420
 7 MONITORING TEMPLATES
7.2.3 TCP/IP & NETWORK SERVICES

TEMPLATE Description Protocols From

ver.
DHCP Check of IP address providing capacity dhcp any
DNS Dynamic name resolution dns any
FTP FTP server availability ftp any
FTP-AGE File age via FTP 4.1
FTPS FTPS (FTP Secure) server availability ftps any
HTTP Connection to a web site. The site is separate from the host http any
which the monitoring point is associated to
HTTPS Connection to a web site. The site is separate from the host https any
which the monitoring point is associated to
IF-ERROR Number of network errors snmp 5.3
IMAP IMAP service on a mail server imap 4.0
IMAPS IMAPS (IMAP over SSL) service on a mail server imaps 4.0
LDAP Availability of LDAP server (AD, OpenLDAP or else) any
LDAPS Availability of LDAP server via SSL any
LDAPTLS Availability of LDAP server (AD, OpenLDAP or else) via any
STARTTLS
NETWORK Availability and load of network interfaces on target devices 5.0
PING Latency and data loss check during the connection to a icmp any
device
POP POP service on a mail server pop any
POPS POP over STARTTLS service on a mail server pops any
PROXY Check of a proxy server by requesting a web site, or check any
of an URL response via a proxy server
RADIUS Radius authentication server availability any
SFTP SFTP server availability sftp 4.1
SMTP Check an SMTP server state with an SMTP request smtp any
SMTPTLS Check an SMTP server state with an SMTP over STARTTLS smtp any

7.2 SERVICE MONITORING TEMPLATES

request
SNMP Fetch status information from an OID snmp 5.2
SSH Service monitoring via SSH any
TCP Check a TCP port is listening and test a string in the reply any
WEB Check HTTP return codes on a target URL
WSRPE WSRP (Web Services for Remote Portlets) service availability any

Back to Service Templates categories

421
DHCP

Check of IP address providing capacity

Either the POM server must be in the same broadcast domain of the DHCP server, or a system
allowing DHCP information to be retrieved by POM must be set.

METROLOGY
State Output
OK OK: Received 2 DHCPOFFER(s), 1 of 1 requested servers responded, max lease
time = 3600 sec.

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A DHCP server name as given in the HOSTS section
NAME text N.A Monitoring point name
TEMPLATE DHCP N.A mandatory value
MAC MAC address [Link] MAC address given with the request. The format is
format 02:03 a list of 6 two-digit hexadecimal numbers, where
: is the delimiter
OFFER-IP IPv4 decimal N.A Expected IP address for a static allocation
format
TIMEOUT numeric N.A DHCPOFFER timeout (sec.)
IFACE text N.A Name of the system network interface to be used

REMARKS
The IP address given in OFFER-IP field should fit the MAC address given in MAC field. These two
informations are required to check an IP address static allocation.

EXAMPLE OF USE IN CONTEXT – SERVICES

HOSTNAME TEMPLATE NAME MAC OFFER-IP IFACE TIMEOUT
srv-01 DHCP SRV-01-DHCP [Link] [Link] eth0 5

Back to Service Templates categories

422
 7 MONITORING TEMPLATES
DNS

Dynamic name resolution

The check-dns check command is used. The underlying plugin is check_dig, provided by the Nagios
Plugin Development Team. A DNS request is run on port 53 of the server.

METROLOGY
State Output
OK DNS OK - 0.018 seconds response time ([Link]. 3600 IN A [Link])
>> The DNS server answered within 0.018 seconds, and has found an type A
record, associating the domain ''[Link]'' with the address [Link] and a
3600 seconds TTL value.
DNS OK - 0.007 seconds response time ([Link]. 256 IN A
[Link])
>> The DNS server answered within 0.007 seconds, and has found an type A
record, associating the domain ''[Link]'' with the address
[Link] and a 256 seconds TTL value.
WARNING DNS WARNING - 0.011 seconds response time ([Link].
293 IN A [Link]
>> The DNS server answered within 0.011 seconds (hence the warning
status),but has found a record of IN type associating ''gmail-smtp-
[Link]'' domain with the IP address [Link] and a TTL value of
293 seconds
CRITICAL CRITICAL - Plugin timed out while executing system call
>> The plugin did not get an answer within the time given in ''TIMEOUT''

7.2 SERVICE MONITORING TEMPLATES

Note: On the graph, m stands for millisecond.

Back to Service Templates categories

423
SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A DNS server name, as defined in a HOSTS section
NAME text N.A Monitoring point name
TEMPLATE DNS N.A Mandatory value
TYPE A | MX A Record type
REQUEST [Link] N.A Domain to run the request on
WARNING integer 300 Warning answer time threshold, in millisecond.
Minimal value = 10
CRITICAL integer 500 Critical answer time threshold, in millisecond.
Minimal value = 10
EXPECT text N.A. Expected string

REMARKS

Operating principle:
The plugin requests the target DNS server to return the records of the TYPE column for the
REQUEST domain.
The answer validity is based on:
 The fact that an answer is received
 The server answer time (WARNING, CRITICAL and TIMEOUT columns)

EXAMPLES OF USE IN CONTEXT – SERVICES

HOSTNAME TEMPLATE NAME TYPE REQUEST WARNING CRITICAL
srv-01 DNS SRV-01-DNS A [Link] 50 100
srv-02 DNS SRV-02-DNS MX [Link] 100 200

Back to Service Templates categories

424
 7 MONITORING TEMPLATES
FTP

FTP server availability

METROLOGY
State Output
OK FTP OK - 0.031 second response time on port 21 [220 ProFTPD 1.3.4a Server
(ProFTPD) [[Link]]
WARNING FTP WARNING - 0.319 second response time on port 21 [220 ProFTPD 1.3.4a
Server (ProFTPD) [[Link]]
CRITICAL FTP CRITICAL - 0.620 second response time on port 21 [220 ProFTPD 1.3.4a
Server (ProFTPD) [[Link]]

SERVICES SECTION

7.2 SERVICE MONITORING TEMPLATES

Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE FTP N.A Mandatory
NAME text/text N.A Monitoring point name
PORT integer 21 Port
WARNING decimal 0.3 Warning threshold on response time (seconds)
CRITICAL decimal 0.5 Critical threshold on response time (seconds)

EXAMPLE OF USE IN CONTEXT – SERVICES

HOSTNAME TEMPLATE NAME PORT WARNING CRITICAL
srv-ftp-01 FTP SRV-FTP-01 21 0.2 0.4

Back to Service Templates categories

425
FTP-AGE

File age via FTP

METROLOGY
State Output
OK AGE OK: found N files with time constraint
WARNING AGE WARNING: found N files with warning time constraint
CRITICAL AGE CRITICAL: found N files with critical time constraint
UNKNOWN AGE UNKNOWN - Timeout after [TIMEOUT] seconds
AGE UNKNOWN - Failed to list files from [PATH]

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE FTP-AGE N.A Mandatory
NAME text/text N.A Monitoring point name
PORT integer 21 Port
PATH text / Path of the directory to monitor
INCLUDE text .* Files to include (regular expression)
EXCLUDE text ^$ Files to exclude (regular expression)
TIMEOUT integer N.A. Timeout in seconds
WARNING age N.A. Warning threshold on file age (prefixed by + or -)
CRITICAL age N.A. Critical threshold on file age (prefixed by + or -)

EXAMPLES OF USE IN CONTEXT – SERVICES

HOSTNAM TEMPLATE NAME PATH INCLUD EXCLUD WARNING CRITICAL USER PASSWD
E E E
srv-ftp-01 FTP-AGE backup / [Link] +1d +2d monitor m0nit0r

srv-ftp-02 FTP-AGE restart /run .+\.pid$ -10m monitor m0nit0r

Back to Service Templates categories

426
 7 MONITORING TEMPLATES
FTPS

FTPS (FTP Secure) server availability

METROLOGY
State Output
OK FTP OK - 0.031 second response time on port 21 [220 ProFTPD 1.3.4a Server
(ProFTPD) [[Link]]
WARNING FTP WARNING - 0.319 second response time on port 21 [220 ProFTPD 1.3.4a
Server (ProFTPD) [[Link]]
CRITICAL FTP CRITICAL - 0.620 second response time on port 21 [220 ProFTPD 1.3.4a
Server (ProFTPD) [[Link]]

SERVICES SECTION

7.2 SERVICE MONITORING TEMPLATES

Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE FTPS N.A Mandatory
NAME text/text N.A Monitoring point name
PORT integer 990 Port
WARNING decimal 0.3 Warning threshold on response time (seconds)
CRITICAL decimal 0.5 Critical threshold on response time (seconds)

EXAMPLE OF USE IN CONTEXT – SERVICES

HOSTNAME TEMPLATE NAME PORT WARNING CRITICAL
srv-ftp-01 FTPS SRV-FTP-01 990 0.2 0.4

Back to Service Templates categories

427
HTTP

Connection to a web site. The site is separate from the host which the monitoring
point is associated to.

METROLOGY
State Output
OK HTTP OK: HTTP/1.1 200 OK - 60537 bytes in 0.110 second response time
WARNING HTTP WARNING: HTTP/1.1 200 OK - 32603 bytes in 0.478 second response time
>> Reply 200 OK but the response time exceeds the threshold
HTTP WARNING: HTTP/1.1 404 Not Found - 452 bytes in 0.016 second response
time
>> Response time OK but reply 404 Not Found
CRITICAL HTTP CRITICAL: HTTP/1.1 200 OK - 32603 bytes in 0.574 second response time
>> Reply 200 OK but the response time exceeds the threshold

Back to Service Templates categories

428
 7 MONITORING TEMPLATES
SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device Name
TEMPLATE HTTP N.A Mandatory value
NAME text N.A Monitoring point name
VHOST text N.A IP address or vhost
PORT integer 80 Port
PATH text N.A Path to folder or file
AUTH text N.A AuthUser:password for basic authentication
METHOD text GET HTTP Method see remarks
FOLLOW text sticky HTTP Redirect see remarks
WARNING integer 0.2 Warning threshold on response time (seconds)
CRITICAL integer 0.4 Critical threshold on response time (seconds)

REMARKS

Available HTTP methods

GET, POST, OPTIONS, HEAD, TRACE, PUT, DELETE, CONNECT

Available HTTP redirect options

ok, warning, critical, follow, sticky, stickyport

EXAMPLES OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME VHOST PORT PATH METHOD FOLLOW
srv-app1 HTTP acme [Link] 80 GET

7.2 SERVICE MONITORING TEMPLATES

srv-app2 HTTP ws [Link] /[Link] follow

srv-app3 HTTP wh [Link] 8000 HEAD

Back to Service Templates categories

429
HTTPS

Connection to a web site. The site is separate from the host which the monitoring
point is associated to

METROLOGY
State Output
OK HTTP OK: HTTP/1.1 200 OK - 60537 bytes in 0.110 second response time
WARNING HTTP WARNING: HTTP/1.1 200 OK - 32603 bytes in 0.478 second response time
>> Reply 200 OK but the response time exceeds the threshold
HTTP WARNING: HTTP/1.1 404 Not Found - 452 bytes in 0.016 second response
time
>> Response time OK but reply 404 Not Found
CRITICAL HTTP CRITICAL: HTTP/1.1 200 OK - 32603 bytes in 0.574 second response time
>> Reply 200 OK but the response time exceeds the threshold

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device Name
TEMPLATE HTTP N.A Mandatory value
NAME text N.A Monitoring point name
VHOST text N.A IP address or vhost
PORT integer 80 Port
PATH text N.A Path to folder or file
AUTH text N.A AuthUser: password for basic authentication
METHOD text GET HTTP Method see remarks
FOLLOW text sticky HTTP Redirect see remarks
WARNING integer 0.2 Warning threshold on response time (seconds)
CRITICAL integer 0.4 Critical threshold on response time (seconds)

Back to Service Templates categories

430
 7 MONITORING TEMPLATES
REMARKS

Available HTTP Methods

GET, POST, OPTIONS, HEAD, TRACE, PUT, DELETE, CONNECT

Available HTTP Redirect options

ok, warning, critical, follow, sticky, stickyport

EXAMPLES OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME VHOST PORT PATH METHOD FOLLOW
srv-app1 HTTPS acme [Link] 80 GET

srv-app2 HTTPS ws [Link] /[Link] follow

srv-app3 HTTPS wh [Link] 8000 HEAD

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

431
IMAP

IMAP service on a mail server

METROLOGY
State Output
OK IMAP OK - 0.003 second response time on port 143
WARNING IMAP WARNING - 0.350 second response time on port 143
CRITICAL IMAP CRITICAL - 0.582 second response time on port 143

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE IMAP N.A Mandatory
NAME text N.A Monitoring point name
PORT integer 143 Port
WARNING decimal N.A Warning threshold on response time (seconds)
CRITICAL decimal N.A Critical threshold on response time (seconds)

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME PORT WARNING CRITICAL
[Link] IMAP IMAP 143 0.3 0.5

Back to Service Templates categories

432
 7 MONITORING TEMPLATES
IMAPS

IMAPS (IMAP over SSL) service on a mail server

METROLOGY
State Output
OK IMAP OK - 0.003 second response time on port 143
WARNING IMAP WARNING - 0.350 second response time on port 143
CRITICAL IMAP CRITICAL - 0.582 second response time on port 143

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name

7.2 SERVICE MONITORING TEMPLATES

TEMPLATE IMAPS N.A Mandatory
NAME text N.A Monitoring point name
PORT integer 993 Port
WARNING decimal N.A Warning threshold on response time (seconds)
CRITICAL decimal N.A Critical threshold on response time (seconds)

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME PORT WARNING CRITICAL
[Link] IMAPS IMAPS 993 0.3 0.5

Back to Service Templates categories

433
LDAP

Availability of LDAP server (AD, OpenLDAP or else)

METROLOGY
State Output
OK LDAP OK - 0.003 seconds response time
WARNING LDAP WARNING - 0.004 seconds response time
CRITICAL Could not bind to the LDAP server

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Machine name
NAME text N.A Monitoring point name
TEMPLATE LDAP N.A Mandatory value
BASEDN text N.A Mandatory. LDAP domain name. See remarks for
example.
PORT integer 389 LDAP port
SEARCH text (objectclass=*) Searched Object
USER text N.A Optional. Login. See remarks for example.
PASSWORD text N.A Optional. Password.
WARNING integer 1 Warning threshold on response time (seconds)
CRITICAL integer 2 Critical threshold on response time (seconds)
TIMEOUT integer 10 Time before considering connection as failed

Back to Service Templates categories

434
 7 MONITORING TEMPLATES
REMARKS
The check is done by sending an LDAP request to the monitored server.
Without any credential, the check-ldap check command is used. If a credential is given, then check-
ldap-auth is used instead.
The target server must answer on its LDAP port, 389 by default.

Note: If authentication is required, it is recommended to create a dedicated account for monitoring

purpose.

Column BASEDN input example

AD : DC=mydomain,DC=com
OpenLDAP : o=mydomain,c=com

Column USER input example

AD : mydomain\mylogin
OpenLDAP : uid=mylogin,cn=mygroup,o=mydomain,c=com
(for OpenLDAP, provide the user full distinguished name)

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME BASEDN PORT SEARCH TIMEOUT
srv-01 LDAP SRV-01-LDAP o=acme,c=com 389 o=acme,cn=group2,o=acme,c=com 3

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

435
LDAPS

Availability of LDAP server (AD, OpenLDAP or else) via SSL

METROLOGY
State Output
OK LDAP OK - 0.003 seconds response time
WARNING LDAP WARNING - 0.004 seconds response time
CRITICAL Could not bind to the LDAP server

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Machine name
NAME text N.A Monitoring point name
TEMPLATE LDAPS N.A Mandatory value
BASEDN text N.A Mandatory. LDAP domain name. See remarks for
example.
PORT integer 636 LDAP port
SEARCH text (objectclass=*) Searched Object
USER text N.A Optional. Login. See remarks for example.
PASSWORD text N.A Optional. Password.
WARNING integer 1 Warning threshold on response time (seconds)
CRITICAL integer 2 Critical threshold on response time (seconds)
TIMEOUT integer 10 Time before considering connection as failed

Back to Service Templates categories

436
 7 MONITORING TEMPLATES
REMARKS
The check is done by sending an LDAP request to the monitored server.
Without any credential, the check-ldap-ssl check command is used. If a credential is given, then
check-ldap-auth-ssl is used instead.
The target server must answer on its LDAP (ssl) port, 636 by default.

Note: If authentication is required, it is recommended to create a dedicated account for monitoring

purpose.

Column BASEDN input example

AD : DC=mydomain,DC=com
OpenLDAP : o=mydomain,c=com

Column USER input example

AD : mydomain\mylogin
OpenLDAP : uid=mylogin,cn=mygroup,o=mydomain,c=com
(for OpenLDAP, provide the user full distinguished name)

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME BASEDN SEARCH TIMEOUT
srv-01 LDAPS SRV-01-LDAPS o=acme,c=com o=acme,cn=group2,o=acme,c=com 3

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

437
LDAPTLS

Availability of LDAP server (AD, OpenLDAP or else) via STARTTLS

METROLOGY
State Output
OK LDAP OK - 0.003 seconds response time
WARNING LDAP WARNING - 0.004 seconds response time
CRITICAL Could not bind to the LDAP server

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Machine name
NAME text N.A Monitoring point name
TEMPLATE LDAPTLS N.A Mandatory value
BASEDN text N.A Mandatory. LDAP domain name. See remarks for
example.
PORT integer 389 LDAP port
SEARCH text (objectclass=*) Searched Object
USER text N.A Optional. Login. See remarks for example.
PASSWORD text N.A Optional. Password.
WARNING integer 1 Warning threshold on response time (seconds)
CRITICAL integer 2 Critical threshold on response time (seconds)
TIMEOUT integer 10 Time before considering connection as failed

Back to Service Templates categories

438
 7 MONITORING TEMPLATES
REMARKS
The check is done by sending an LDAP request to the monitored server.
Without any credential, the check-ldap-tls check command is used. If a credential is given, then
check-ldap-auth-tls is used instead.
The target server must answer on its LDAP (tls) port, 389 by default.

Note: If authentication is required, it is recommended to create a dedicated account for monitoring

purpose.

Column BASEDN input example

AD : DC=mydomain,DC=com
OpenLDAP : o=mydomain,c=com

Column USER input example

AD : mydomain\mylogin
OpenLDAP : uid=mylogin,cn=mygroup,o=mydomain,c=com
(for OpenLDAP, provide the user full distinguished name)

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME BASEDN SEARCH TIMEOUT
srv-01 LDAPTLS SRV-01-LDAPTLS o=acme,c=com o=acme,cn=group2,o=acme,c=com 3

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

439
NETWORK

Availability and load of network interfaces on target devices

Note: Data are fetched via SNMP protocol, thus SNMP server must be correctly setup on monitored
devices.

METROLOGY
State Output
OK IFACE OK: eth0: 10.51k/10.93kbps, 40.00/36.00pps (1.05/1.09%);
br0:9.90k/10.93kbps, 40.00/36.00pps (0.99/1.09%)

HOSTS SECTION
Column Format Def. val. Comment
NETWORK see remarks * All up interfaces are monitored without thresholds
SW:PORT see remarks * This column is only useful to monitor a device on
which SNMP is not set. One state the monitored
switch interface which the device is connected to.

Back to Service Templates categories

440
 7 MONITORING TEMPLATES
REMARKS – HOSTS

SNMP turnaround
SW:PORT column may be used as a turnaround if it is not possible to request the device via SNMP,
while the switch connecting the device can be. In that case, the switch must be monitored and the
input has the form: <switch_name:port_name>.

Special characters syntax

Using this template in HOSTS section allows the presence of # character only if it is protected by a
preceding \ (backslash).
Special characters in the name of the interface can be replaced with ? for one char or * for more
than one. Use * if you are unsure.
Example:
Let the unalterable name of the main network interface be Intel(R) PRO/1000 MT Network
Connection.
 The characters (, ) and / are forbidden in POM environment.
 syntax refused: Intel(R) PRO/1000 MT Network Connection//75%/80%1G
 syntax accepted: Intel* PRO*1000 MT Network Connection
 syntax accepted: Intel* PRO?1000 MT Network Connection
 syntax accepted: Intel?R? PRO?1000 MT Network Connection

SERVICES SECTION
Column Format Def. Comment
val.
HOSTNAME text N.A Mandatory. Name of the device the port belongs
to
NAME text N.A Optional. Monitoring point name. Blank ⇒ IF-
<port_name>
TEMPLATE NETWORK N.A Mandatory value
PORT text N.A Mandatory. For interface names containing spaces

7.2 SERVICE MONITORING TEMPLATES

or special characters, one can replace a special
character with * or ? (see remarks)
WARNING percent or 90% Warning threshold (see remarks)
integer
CRITICAL percent or 95% Critical threshold (see remarks)
integer
SPEED Integer N.A Both input and output speed. e.g 10K, 100M, 10G
[kMGT] (see remarks)
SPEED-IN Integer <auto> Input speed (auto-detected if empty)
[kMGT]
SPEED-OUT Integer <auto> Output speed. Only required for asymmetrical
[kMGT] links
IGNORE-STATUS 0/1 0 Shows even down (admin/op) interfaces
IGNORE-OP-STATUS 0/1 0 Shows even op down interfaces (still ignore
admin down)
IGNORE-NEW 0/1 1 Don't look for new interfaces after the first
initialization of the cache

Back to Service Templates categories

441
REMARKS – SERVICES

Use of Weathermap feature

Thresholds (WARNING, CRITICAL) and speed (SPEED-IN) are mandatory if you plan to use the
Weathermap feature.

SPEED, SPEED-IN and SPEED-OUT columns

SPEED-IN is the bandwidth capacity for :
 both input and output traffic load if only SPEED-IN is provided
 input traffic load only if SPEED-OUT is also provided
SPEED-OUT is the bandwidth capacity for output traffic load
If you give a threshold in percentage, you must fill either SPEED or SPEED-IN and SPEED-OUT,
otherwise the output shows a warning message: **Threshold defined with % but no
max found for : bond0_inbps, bond0_outbps, **.
SPEED, SPEED-IN and SPEED-OUT are auto-detected if possible, if there is no value given
(according to the ifSpeed given by SNMP).

PORT column: Listing interfaces names

To fill in the PORT column, interface name can be listed with the list-snmp-iface command line
tool. The value between brackets is the index of the interface and is not a part of the interface
name and must be ignored.
Example:
[admin@pom ~]$ list-snmp-iface -H [Link] -c SNMP_RO
11 HP NC107i PCIe Gigabit Server Adapter
The name to be used in PORT column is HP NC107i PCIe Gigabit Server Adapter
Here is another example of use on a Linux box:
[admin@pom ~]$ list-snmp-iface -H [Link] -c SNMP_RO
1 lo
2 eth0
3 bond0

PORT column: wildcards

In PORT column, wildcards *, ? or - may be used to replace a single character. If more than one
interface are stated, they must be separated with a space.
Examples :
 * will match any interface
 eth* will match every interface which starts with eth (ex : eth10)
 eth? will match every interface of the form ethX, with X a single character (e.g: eth2)
 *Realtek* will match any interface that contains Realtek (case sensitive)
 - will not monitor any interface, but will set default thresholds for the following interfaces

Back to Service Templates categories

442
 7 MONITORING TEMPLATES
Excluded interfaces : Windows hosts exception
In the particular case of Windows hosts, most network interfaces are virtual interfaces that are
seldom or never used. POM now excludes these Interfaces by default.
Where, on other hosts, leaving the PORT column empty will select all interfaces (by using the
implicit filter * ), on Windows hosts, leaving the PORT column empty will exclude some interfaces
by using a more complex implicit filter.
This default filter is declared by the following line in the file /etc/pom/gen/[Link] :
IFACE_SNMP_WINDOWS_DEFAULT_FILTER="*, !WAN Miniport*, !Miniport*WAN*,
!Miniport*Moniteur*, !*QoS*,!*WFP*, !*LightWeight*, !RAS *, !* RAS, !*-0000"

Therefore, one must use great caution when declaring specific values in the NETWORK column of a
Windows host in the HOSTS section, since anything written in that column will overwrite the
default filter.
A way around this issue Is to declare values you want to enter in the SERVICES section instead.
For example, say you want to enter */80%/90% in the NETWORK column of a Windows host in
the HOSTS section. Instead, simply go to the SERVICES section, and in a NETWORK template for
this Windows host, declare 80% in the WARNING column and 90% in the CRITICAL column. This
way, the default interface filter will not be overwritten.

REMARKS – GENERAL

Important note: if no threshold is stated, then only the state of the link (UP/DOWN) is monitored while a
graph of network load is produced.

After the first test (or after a cache deletion), the information message is:
IFACE OK: **FIRST RUN : no data**

More syntax examples:

 eth1 eth2 ⇒ only the interfaces eth1 and eth2 are monitored
 -//80%/90%/100M eth1 eth2 ⇒ same as before except that the bandwith size is set to

7.2 SERVICE MONITORING TEMPLATES

100M and threshold values are warn=80%, crit=90%
 */70%/89%/20M/880K eth1//80%/92%/1G ⇒ all discovered interfaces via SNMP are
monitored with warn=70%, crit=89%, in=20M, out=880K as default threshold and
warn=80%, crit=92%, in=out=1G as specific threshold for eth1

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME PORT WARNING CRITICAL
srv-02 NETWORK SRV-02-NETWORK 80 80% 90%

Back to Service Templates categories

443
PING

Latency and data loss check during the connection to a device

METROLOGY
State Output
OK PING OK - Packet loss = 0%, RTA = 0.05 ms
CRITICAL CRITICAL - Host Unreachable ([Link])

HOSTS SECTION
Column Format Def. val. Comment
PING num/num depends on The first value pair sets RTA thresholds, the second
[num%/num% the host pair sets LOSS thresholds and the last value sets the
[num]] template number packets sent
RTA stands for Round Trip Average and LOSS is the loss percentage.

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Machine name
NAME text N.A Monitoring point name
TEMPLATE PING N.A Mandatory value
RTA_WARNING integer 200 Optional. Warning threshold on RTA
RTA_CRITICAL integer 500 Optional. Critical threshold on RTA
LOSS_WARNING value% 80% Optional. Warning threshold on loss percentage
LOSS_CRITICAL value% 90% Optional. Critical threshold on loss percentage
PACKETS integer 4 Optional. Number of packets sent
ADDRESS text N.A. Optional. Secondary IP address

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME RTA_WARNING RTA_CRITICAL
srv-03 PING SRV-03-PING 100 300

Back to Service Templates categories

444
 7 MONITORING TEMPLATES
POP

POP service on a mail server

METROLOGY
State Output
OK POP OK - 0.016 second response time on port 110
WARNING POP WARNING - 0.366 second response time on port 110
CRITICAL POP CRITICAL - 0.567 second response time on port 110

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name

7.2 SERVICE MONITORING TEMPLATES

TEMPLATE POP N.A Mandatory
NAME text N.A Monitoring point name
PORT integer 110 Port
WARNING decimal 0.3 Warning threshold on response time (seconds)
CRITICAL decimal 0.5 Critical threshold on response time (seconds)

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME PORT WARNING CRITICAL
[Link] POP Mail POP 110 0.3 0.5

Back to Service Templates categories

445
POPS

POP over STARTTLS service on a mail server

METROLOGY
State Output
OK POP OK - 0.016 second response time on port 995
WARNING POP WARNING - 0.366 second response time on port 995
CRITICAL POP CRITICAL - 0.567 second response time on port 995

SERVICES SECTION
Column Format Def. val. Comment
STNAME text N.A Device name
TEMPLATE POPS N.A Mandatory
NAME text N.A Monitoring point name
PORT integer 995 Port
WARNING decimal 0.3 Warning threshold on response time (seconds)
CRITICAL decimal 0.5 Critical threshold on response time (seconds)

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME PORT WARNING CRITICAL
[Link] POPS Mail POP 995 0.3 0.5

Back to Service Templates categories

446
 7 MONITORING TEMPLATES
PROXY

Check of a proxy server by requesting a website, or check of an URL response via a

proxy server

METROLOGY
State Output
OK CURL OK - nb=1, code=200, size=17837, errors=0, connect=50ms, first=635ms,
total=635ms
>> CURL received data from the given URL: 1 object, return code 200, no error,
50 millisecond connection time, 635 millisecond global time operation
WARNING CURL WARNING - nb=1, code=200, size=10964, errors=0, connect=0ms,
first=265ms, total=265ms
>> CURL received data from the given URL: 1 object, return code 200, no error,
10964 byte object size, 0 millisecond connection time, 265 millisecond global
time operation.
State based on the operation time.
CRITICAL CURL CRITICAL - bad return code (503) - nb=1, code=503, size=1137, errors=1,
connect=3ms, first=118ms, total=118ms
>> CURL received an error code: 1 object, return code 503, 1 error, 1137 byte
object size, 3 millisecond connection time, 118 millisecond global time
operation.
State based on the return code.

CURL CRITICAL - nb=1, code=200, size=11012, errors=0, connect=0ms,

first=301ms, total=301ms
>> CURL received data from the given URL: 1 object, return code 200, no error,
11012 byte object size, 0 millisecond connection time, 301 millisecond global
time operation.
State based on the operation time.

7.2 SERVICE MONITORING TEMPLATES

UNKNOWN Bad URL: http (ex: ''<nowiki>[Link] URL
syntax error

Back to Service Templates categories

447
SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A DHCP server name as given in the HOSTS section
NAME text N.A Monitoring point name
TEMPLATE PROXY N.A mandatory value
URL text N.A Monitored URL. See remarks.
AUTH text:text N.A Credentials for the basic authentication mode
RETURN integer 200 Optional. See remarks.
PORT integer 3128 Proxy port number
FOLLOW 0 or 1 1 Automatically follow redirections (0 ⇔ no, 1 ⇔ yes)
WARNING integer 5000 Warning response time threshold (millisecond)
CRITICAL integer 10000 Critical response time threshold (millisecond)

REMARKS

Involved plugins
check-curl-proxy and check-curl-proxy check commands are used, depending on credentials
requirement. Both commands use the check_curl.sh plugin, developped by POM Monitoring TM. This
plugin relies on CURL tool to request the proxy server.

URL syntax & examples

URL is of the following form: [protocol]://[user:password@][server]/path
 [Link] (access test to a basic
authentication protected page)
 [Link] (file existence test
on an FTP server)

Protocol examples
 http
 https
 ftp
 sftp
 file

Return codes
Return codes that may be stated in RETURN column are HTTP return codes.

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME URL WARNING CRITICAL
prx-01 PROXY deny [Link] 400 600

Back to Service Templates categories

448
 7 MONITORING TEMPLATES
RADIUS

Radius authentication server availability

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE RADIUS N.A Mandatory
NAME text N.A Monitoring point name
PORT integer 1812 Port
CONFIG text /etc/radiusclient-ng/ Configuration file path
[Link]
USER text N.A User name
PASSWORD text N.A Password
TIMEOUT Integer 10 Seconds before connection times out

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAM TEMPLATE NAME USER PASSWORD TIMEOUT
E
srv-01 RADIUS SRV-01-RADIUS User01 <password> 5

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

449
SFTP

SFTP server availability

METROLOGY
State Output
OK 0.455 sec to establish authentication on port 22

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE SFTP N.A Mandatory
NAME text N.A Monitoring point name
CREDENTIALS text N.A Authentication credential. Generic type
PORT integer 22 Port
WARNING decimal 5 Warning threshold on response time (seconds)
CRITICAL decimal 10 Critical threshold on response time (seconds)

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAM TEMPLATE NAME CREDENTIALS PORT WARNING CRITICAL
E
srv-02 SFTP SRV-02-SFTP cred-gen-01 22 5 10

Back to Service Templates categories

450
 7 MONITORING TEMPLATES
SMTP

Check an SMTP server state with an SMTP request

Note: Data are collected via SNMP protocol, thus SNMP server must be correctly setup on monitored
devices.

Check commands used in this template are check-smtp and check-smtps. They both use the
check_smtp plugin provided by the Nagios Plugin Development Team.

METROLOGY
State Output
OK SMTP OK - 0.005 sec. response time
CRITICAL Connection refused

7.2 SERVICE MONITORING TEMPLATES

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device Name
TEMPLATE SMTP N.A Mandatory
NAME text N.A Monitoring point name
PORT integer 25 Port
FROM text pom@<hostname> Address of the sender
WARNING integer 1 Warning threshold on response time (seconds)
CRITICAL integer 2 Critical threshold on response time (seconds)

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME FROM WARNING CRITICAL
srv-app2 SMTP SRV-APP2-SMTP test@[Link] 0.8 1.5

Back to Service Templates categories

451
SMTPTLS

Check an SMTP server state with an SMTP over STARTTLS request

METROLOGY
State Output
OK SMTP OK - 0.005 sec. response time
CRITICAL Connection refused

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device Name
TEMPLATE SMTPTLS N.A Mandatory
NAME text N.A Monitoring point name
PORT integer 25 Port
FROM text pom@<hostname> Address of the sender
WARNING integer 1 Warning threshold on response time
(seconds)
CRITICAL integer 2 Critical threshold on response time
(seconds)
CREDENTIALS text N.A Authentication credential. Generic type

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME FROM TIMEOUT CREDENTIALS
srv-app3 SMTPTLS SRV-APP3-SMTPTLS test@[Link] 3 cred-gen-01

Back to Service Templates categories

452
 7 MONITORING TEMPLATES
SNMP

Fetch status information from an OID.

METROLOGY
State Output
OK NB-PROCESS OK: nbproc: 204
OK DISK OK: /run: 239.00, /: 3.64M, /home: 20.66M, /boot: 51.98k, /data: 112.01M
WARNING DISK WARNING: **/data: 458.82G (80%/90%)**, /home: 84.63G
CRITICAL SYSNAME CRITICAL: **archDesktop(index 0) did not match 'acme'**
CRITICAL Connection refused

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device Name
TEMPLATE SNMP N.A Mandatory
NAME text N.A Monitoring point name
OID text N.A Mandatory. Main OID / node
DESCRIPTION text SNMP Optional. Description
LABEL text N.A. Label for the returned value
LABEL-OID OID N.A. Label OID. See remarks
WARNING range N.A. Warning threshold range
WARNING-OID OID N.A. Warning threshold range OID. See remarks
CRITICAL range N.A. Critical threshold range
CRITICAL-OID OID N.A. Critical threshold range OID. See remarks
MIN integer N.A. Minimum value

7.2 SERVICE MONITORING TEMPLATES

MIN-OID OID N.A. Minimum value OID. See remarks
MAX integer N.A. Maximum value
MAX-OID OID N.A. Maximum value OID. See remarks
UOM text N.A. Unit of measurement
MULT float N.A. Multiplication factor for returned value.
See remarks
MULT-OID OID N.A. Multiplication factor OID. See remarks
COUNT boolean N.A. Get number of values rather than the
values themselves. See remarks
COUNTER boolean N.A. Main OID is a counter 32/64
MATCH_INDEX text N.A. Indexes to match in a subtree, separated
by commas
FETCH-REINDEX boolean N.A. Reindex snmpwalk results
BINARY-PREFIX boolean N.A. Use 1024 factor for computation of
k,M,G,T... sizes in bytes
SUBTREE boolean N.A. Main OID is a subtree rather than a
branch (uses snmpwalk instead of get)

Back to Service Templates categories

453
 Column Format Def. val. Comment
EXPECT text N.A. Expected string. See remarks
TRANSLATION text N.A. Status code translation. See remarks
STATUS-OK text N.A. List of OK values, separated by commas
STATUS-WARN text N.A. List of WARNING values, sep. by commas
STATUS-CRIT text N.A. List of CRITICAL values, sep. by commas
CREDENTIALS text N.A Authentication credential, SNMP type

REMARKS

Columns with -OID suffix

The WARNING column will let you use a direct value, whereas the WARNING-OID column will let
you "snmpwalk" it using an OID. The same applies to all columns with the -OID suffix.

MULT column
The MULT column allows you to display human-readable values.
Example : enter 1024 in the MULT column to display values in bytes rather than kilobytes ; enter 0.001
to display values in seconds rather than milliseconds.

COUNT column
The COUNT column is useful if a nb-process interrogation fails. It lets you assess the number of
results for snmpwalk rather than the values returned.

EXPECT mode
If you enter a value in the EXPECT column, the check_snmp_expect plugin will be used. You
will then be able to interrogate an OID for expected strings.

STATUS CODE mode

If you use the columns TRANSLATION, STATUS-OK, STATUS-WARN or STATUS-CRIT, POM will use
the check_snmp_status_code plugin. You will then be able to translate status codes into an
OK, WARNING, CRITICAL or UNKNOWN state. An UNKNOWN state happens when the value
returned doesn't appear in any of the STATUS-OK, STATUS-WARN or STATUS-CRIT columns.
Examples of syntax used in the TRANSLATION column:
'OK,WARN,CRIT,UNKN' for ([0]="OK" [1]="WARNING" [2]="CRITICAL" [3]="UNKNOWN")

',UP,DOWN' for ([0]="" [1]="UP" [2]="DOWN")

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME OID EXPECT CREDENTIALS
srv-01 SNMP SRV-01-SNMP [Link].[Link].6.0 acme cred-snmp-01

 For a detailed example of use of the SNMP service template and related plugins, see annex

Back to Service Templates categories

454
 7 MONITORING TEMPLATES
SSH

SSH server connectivity

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Server name as recorded in HOSTS section
TEMPLATE SSH N.A Mandatory value
NAME text N.A Optional. Monitoring point name
PORT integer 22 Optional. Name of monitored process, possibly
with its argument set (see remarks below)
VERSION text N.A. Expected SSH version
TIMEOUT integer 10 Seconds before connection times out

EXAMPLES OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME PORT VERSION TIMEOUT
srv-01 SSH SRV-01-SSH 5

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

455
TCP

Check a TCP port is listening and test a string in the reply

METROLOGY
State Output
OK TCP OK - 0.001 second response time on port
22|time=0.001349s;;;0.000000;10.000000
>> Simple check response time on port 22

TCP OK - 0.017 second response time on port 22 [SSH-2.0-OpenSSH_5.3p1

Debian-3ubuntu7]
>> Check response time and expect a string in the response server like 'SSH-2.0'
WARNING TCP WARNING - 0.001 second response time on port
22|time=0.000928s;0.000900;;0.000000;10.000000
>> The response time exceeds the warning threshold

TCP WARNING - Unexpected response from host/socket: SSH-2.0-

OpenSSH_6.6.1p1 Ubuntu-2ubuntu2|time=0.011402s;;;0.000000;10.000000
>> Unexpected string in server response
CRITICAL TCP CRITICAL - 0.001 second response time on port
22|time=0.001465s;;0.000900;0.000000;10.000000
>> The response time exceeds the critical threshold

Connection refused
>> The port is not listening

Back to Service Templates categories

456
 7 MONITORING TEMPLATES
SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device Name
TEMPLATE TCP N.A Mandatory
NAME text N.A Monitoring point name
PORT integer N.A Mandatory. Port number
EXPECT text N.A String to expect in server response
SEND text N.A String to send to the server
QUIT text N.A String to send server to initiate a clean close of the
connection
WARNING decimal 1.5 Warning threshold on response time (seconds)
CRITICAL decimal 3 Critical threshold on response time (seconds)

EXAMPLES OF USE IN CONTEXT - SERVICES

HOSTNAM TEMPLATE NAME PORT EXPECT QUIT WARNING CRITICAL
E
dc-02 TCP Port-Listening 22

dc-02 TCP SSH-Version 22 SSH-2.0-OpenSSH_5.3

srv-app1 TCP FTP-Banner 21 220 Welcome to ACME FTP QUIT 0.5 0.8
Server

srv-mx1 TCP SMTP-Banner 25 220 [Link] QUIT

ESMTP

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

457
WEB

Check HTTP return codes on a target URL

METROLOGY
State Output
OK WEB OK: total: 168ms, size: 218.00B, connect: 104ms, firstB: 168ms, dns: 61ms
CRITICAL WEB CRITICAL: **total: 160ms (/100)**, size: 218.00B, connect: 103ms, firstB:
160ms, dns: 60ms
>> Return code OK, but response time above defined limit

WEB CRITICAL: Couldn't connect to the URL

>> Invalid URL

WEB CRITICAL: **Bad return code : got 200 instead of 404**, total: 5ms, size:
220.00B, connect: 5ms, firstB: 5ms, dns: 4ms
>> Unexpected return code

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Server name as given in the HOSTS section
TEMPLATE WEB N.A Mandatory
NAME text N.A Monitoring point name
URL Text N.A. Target URL
VHOST Text N.A HTTP virtual host to check. See remarks
CREDENTIALS Text N.A. Authentication credential. Web type
AUTH Text:text N.A. Authentication mode (basic, digest, ntlm,
negotiate or anyauth)
RETURN Integer 200 Expected return code
FOLLOW 0 or 1 1 Automatically follow redirections (0 no, 1 yes)
PROXY Text N.A. Proxy IP address
PROXY_PORT Integer 80 Proxy port

Back to Service Templates categories

458
 7 MONITORING TEMPLATES
Column Format Def. val. Comment
PROXY_USER Text N.A. Username for proxy authentication
PROXY_PASSWORD Text N.A. Password for proxy authentication
WARNING Integer Warning response time threshold (milliseconds)
TIMEOUT Integer Delay before connection considered failed
CRITICAL Integer Critical response time threshold (milliseconds)
SIZE_MIN Numeric Minimum downloaded size (k, M, G, usable)
SIZE_MAX Numeric Maximum downloaded size (k, M, G usable)

REMARKS

Required fields
Only the URL column is required, all others are optional.

URL syntax
The URL syntax is of the form protocol://user:password@host:port/page. Only the
host part is required. If the CREDENTIALS column is filled, its value will override any such values
included in the URL column.

NAME column
If filled, the service name will be WEB-<NAME>. If left empty, default service name will be WEB-
<URL host>

VHOST column
If left empty, HOSTNAME will be used instead.

PROXY column
The PROXY column syntax is of the form [user:password@]host[:port]. The characters :
and @ must be url-encoded if present in the fields user and password respectively.
Default proxy port is 3128.
The HTTP port must be 443 if a proxy is used. In that case the PORT column is ignored.

7.2 SERVICE MONITORING TEMPLATES

EXAMPLES OF USE IN CONTEXT – SERVICES
HOSTNAM TEMPLATE WARNING CRITICAL URL FOLLOW RETURN CREDENTIALS
E
srv-web-01 WEB 400 600 [Link] 1 200

srv-web-01 WEB 400 600 [Link] 1 200 cred-web-01

srv-web-01 WEB-SIZE 400 600 [Link] 1 200 cred-web-02

Back to Service Templates categories

459
 7 MONITORING TEMPLATES
WSRPE

WSRP (Web Services for Remote Portlets) service

METROLOGY
State Output
OK PING OK - Packet loss = 0%, RTA = 20.06 ms (by [Link])

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE WSRPE N.A Mandatory
NAME text N.A Monitoring point name

7.2 SERVICE MONITORING TEMPLATES

URL url N.A Web service URL
COMMAND text N.A Mandatory
ARGUMENTS text N.A Arguments
PROXY [user:pass@]<IP|name>:port N.A Proxy used
TIMEOUT integer 30 Timeout in seconds

EXAMPLES OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME COMMAND ARGUMENTS PROXY
srv-01 WSRPE Booking a81f85bbf24574e32a71f9259eb7abc3d T=200/500
srv-02 WSRPE Ping aa1b8db21157fae46b72e8731f4023da user:pass@[Link]:3128

Back to Service Templates categories

461
7.2.4 DATABASES

TEMPLATE Description Protocols From ver.

DB2 Check DB2 database health 4.1
MSSQL Monitoring of Microsoft SQL databases any
MSSQLREPL MSSQL database replication any
MYSQL MYSQL database server 4.0
ORACLE Check Oracle databases 5.0
POSTGRESQL Check Postgresql databases 4.1

Back to Service Templates categories

462
 7 MONITORING TEMPLATES
DB2

Check DB2 database health

METROLOGY
State Output
OK OK -
WARNING WARNING -
CRITICAL CRITICAL - statefile X is corrupt
CRITICAL - statefile X is not writable
CRITICAL - statefilesdir X does not exist or is not writable
CRITICAL - connection could not be established within N seconds
UNKNOWN UNKNOWN - X timed out after N seconds

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Machine name
TEMPLATE DB2 N.A Mandatory value
NAME text N.A Monitoring point name
USER text N.A User name
PASSWORD text N.A Password
PORT num 50000 Connection port to the server
DATABASE text N.A Mandatory. Database name
MODE text N.A Mandatory. Type of check
WARNING range N.A Warning threshold (see modes)
CRITICAL range N.A Critical threshold (see modes)
TIMEOUT integer 30 Timeout in seconds

MODES

7.2 SERVICE MONITORING TEMPLATES

MODE WARN CRIT Description
connection-time 1 5 Time to connect to the database
connected-users 50 100 Number of currently connected users
database-usage 80 90 Used space at the database level
synchronous-read-percentage 90% 80% Percentage of synchronous reads
asynchronous-write-percentage 90% 80% Percentage of asynchronous writes
tablespace-usage 90 90 Used space at the tablespace level
tablespace-free 5% 2% Free space at the tablespace level
bufferpool-hitratio 98% 90% Hit ratio of a buffer pool
bufferpool-data-hitratio 98% 90% Hit ratio of a buffer pool (data pages only)
bufferpool-index-hitratio 98% 90% Hit ratio of a buffer pool (indexes only)
index-usage 98% 90% Percentage of selects that use an index
stale-table-runstats 7 99999 Tables whose statistics haven't been updated
for a while
invalid-objects 7 99999 Number of invalid objects in database
duplicate-packages Find packages names which exist more than
one time

Back to Service Templates categories

463
 MODE WARN CRIT Description
deadlocks 0 1 Number of deadlocks per second
lock-waits 10 100 Number of lock waits per second
lock-waiting 2 5 Percentage of the time locks spend waiting
sort-overflows 0.01 0.1 Number of sort overflows per second (Sorts
needing temporary tables on disk)
sort-overflow-percentage 5 10 Percentage of sorts which result in an
overflow
log-utilization 80 90 Log utilization for a database
capture-latency 10 60 Latency of the data processed by the capture
program
subscription-set-latency 600 1200 Latency of the subscription set(s)
last-backup 1 2 Time (in days) since the database was last
backupped

REMARKS

Reverse range notation

The following modes require a reverse range notation for the WARNING and CRITICAL values:
 asynchronous-write-percentage
 bufferpool-data-hitratio
 bufferpool-hitratio
 bufferpool-index-hitratio
 index-usage
 synchronous-read-percentage
 tablespace-free

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME DATABASE USER PASSWORD MODE WARNING CRITICAL
srv-01 DB2 SRV-01-DB2 Data01 user01 <password> lock-waits 5 50

Back to Service Templates categories

464
 7 MONITORING TEMPLATES
MSSQL

Monitoring of Microsoft SQL databases

Note: This template may generate different services depending on the choosen mode.

A dedicated read-only account should be created to access the monitored databases.

PREPARE THE DATABASE FOR MONITORING

To allow POM to monitor your MSSQL database, you must create a user named nagios and grant it
the adequate permissions.
A quick method is to grant this user serveradmin role. To do so, use the following steps:
 In Object Explorer, connect to an instance of Database Engine
 On the Standard bar, click New Query
 Type the following query:
CREATE LOGIN 'nagios'
WITH PASSWORD = 'password';
GO
EXEC sp_addsrvrolemember 'nagios', 'serveradmin';
GO
 Click Execute to run the query

For other methods (and more restricted permissions for the user), refer to the
check_mssql_health plugin readme on ConSol Labs's website.

METROLOGY
The arrays below showing metrology graphs are given as examples only. See remarks in SERVICES

7.2 SERVICE MONITORING TEMPLATES

Section for a detailed list of available modes.
See also the plugin maintainer website .

State Output
OK OK - CPU busy 0.00%

Back to Service Templates categories

465
State Output
OK OK - <database> backupped 19h ago

State Output
OK OK - database <database> has 99.87% free space left

State Output
OK OK - 0.02 seconds to connect as <user>

Back to Service Templates categories

466
 7 MONITORING TEMPLATES
SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Machine name
NAME text N.A Monitoring point name
TEMPLATE MSSQL N.A Mandatory value
CREDENTIALS text N.A Authentication credential. Generic type
DATABASE text N.A Database name, required for some modes (see remarks)
MODE text N.A Type of check (see remarks)
WARNING num[%] N.A Warning threshold which format depends on MODE
(see remarks)
CRITICAL num[%] N.A Critical threshold which format depends on MODE (see
remarks)
PORT num 1433 Connection port to the server
QUERY sql query N.A Mandatory only if MODE is sql. SQL query returning a
single number

REMARKS

Known issue on MSSQL Server 2008R2

With MSSQL Server 2008r2 version, the tds parameter in the [global] section must be set to 7.0 to
allow a domain user to connect the SQL server. Otherwise only a local user would be allowed. To
remedy this issue, on the POM server, uncomment and modify the line tds section = 7.0 in
the file /etc/[Link]:
...
# Global settings are overridden by those in a database
# server specific section
[global]
# TDS protocol version
tds version = 7.0

7.2 SERVICE MONITORING TEMPLATES

...

Hint: listing ports used by MSSQL Server

One can list ports used by a MSSQL server with the provided command tsql. This is useful if the
server is set to use dynamic ports.
[root@MSSQL_SRV ~]# tsql -L -H [Link]
ServerName MSSQL_SRV
InstanceName MSSQLSERVER
IsClustered No
Version 10.50.4000.0
tcp 1433

ServerName MSSQL_SRV
InstanceName BI_DEV
IsClustered No
Version 10.50.4000.0
tcp 53279

Back to Service Templates categories

467
MODES
The behavior of MSSQL template depends on the choosen MODE. The following table shows all
available modes and their default values.
MODE WARNING CRITICAL Description DB
req.
connection-time 1 5 Time to connect to the server no
cpu-busy 80 90 Cpu busy in percent no
io-busy 80 90 IO busy in percent no
full-scans 100 500 Full table scans per second no
connected-users 120 160 Number of currently connected users no
batch-requests 100 200 Batch requests per second no
latches-waits 10 50 Number of latch requests that could not be no
granted immediately
latches-wait-time 1 5 Average time for a latch to wait before the no
request is met
locks-waits 100 500 The number of locks per second that had to wait no
locks-timeouts 1 5 The number of locks per second that timed out no
locks-deadlocks 1 5 The number of deadlocks per second no
sql-recompilations 1 10 Re-Compilations per second no
sql-initcompilations 100 200 Initial compilations per second no
total-server-memory 1000 5000 The amount of memory that SQL Server has no
allocated to it
mem-pool-data-buffer-hit-ratio 90 80 Data Buffer Cache Hit Ratio no
lazy-writes 20 40 Lazy writes per second no
page-life-expectancy 300% 180% Seconds a page is kept in memory before being no
flushed
free-list-stalls 4 10 Requests per second that had to wait for a free no
page
checkpoint-pages 100 500 Dirty pages flushed to disk per second. (usually no
by a checkpoint)
database-free 5% 2% Free space in database yes
database-online 0 0 Check if a database is online and accepting yes
connections
database-backup-age 48 72 Elapsed time (in hours) since a database was yes
last backed up
transactions 10000 50000 Transactions per second (per database) yes
sql 1 2 Any sql command returning a single number no

EXAMPLES OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE DATABASE MODE CREDENTIALS WARNING CRITICAL QUERY
srv-01 MSSQL connected-users cred-gen-01 15 25
srv-02 MSSQL database2 database-backup-age cred-gen-02 2 4
srv-03 MSSQL connection-time cred-gen-03
srv-04 MSSQL database4 transactions cred-gen-04 10000 50000
srv-05 MSSQL database5 sql cred-gen-05 10 20 select * from xxx

Back to Service Templates categories

468
 7 MONITORING TEMPLATES
MSSQLREPL

MSSQL database replication state

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Machine name
NAME text N.A Monitoring point name
TEMPLATE MSSQLREPL N.A Mandatory value
USER text N.A User name
PASSWORD text N.A Password
DISTRIBUTOR text N.A. Distributor
PUBLISHER text N.A. Publisher
PUBLICATION text N.A. Publication
DATABASE text N.A Database name
WARNING integer 300 Warning threshold
CRITICAL integer 500 Critical threshold

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

469
MYSQL

MySQL database server

METROLOGY
State Output
OK OK - <service_name>: 597
WARNING WARNING - <service_name>: 1217
CRITICAL CRITICAL - <service_name>: 3512
CRITICAL - cannot connect to <database>. Access denied for user
<user@address> (using password: YES)
UNKNOWN UNKNOWN: Cannot get informations

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Machine name
NAME text N.A Monitoring point name
TEMPLATE MYSQL N.A Mandatory value
CREDENTIALS text N.A Authentication credential. Generic type
DATABASE text N.A Database name, required for some modes (see
remarks)
MODE text N.A Type of check (see remarks)
WARNING num[%] N.A Warning threshold which format depends on MODE
(see remarks)
CRITICAL num[%] N.A Critical threshold which format depends on MODE
(see remarks)
QUERY SQL query N.A Mandatory if mode is query or sql. The query must
return a single number to be valid
LABEL text N.A. Shortname for query
PORT num 1433 Connection port to the server

Back to Service Templates categories

470
 7 MONITORING TEMPLATES
MODES
MODE WARNING CRITICAL Description
bufferpool-hitrate 99 95 InnoDB buffer pool hitrate
bufferpool-wait-free 1 10 InnoDB buffer pool waits for clean page
available
clients-aborted 1 5 Number of aborted connections
cluster-ndbd-running none none ndnd nodes are up and running
connection-time 1 5 Time to connect to the server
connects-aborted 1 5 Number of aborted connections per sec
index-usage 90 80 Usage of indices
keycache-hitrate 99 95 MyISAM key cache hitrate
log-waits 1 10 InnoDB log waits because of a too small log
buffer
long-running-procs 10 20 long running processes
open-files 80 95 Percent of opened files
qcache-hitrate 90 80 Query cache hitrate
qcache-lowmem-prunes 1 10 Query cache entries pruned because of low
memory
slave-io-running none none Slave io running: Yes
slave-lag 10 20 Seconds behind master
slave-sql-running none none Slave sql running: Yes
slow-queries 0.1 1 Slow queries
sql OR query none none Query mode
tablecache-hitrate 99 95 Table cache hitrate
table-fragmentation 10 25 Show tables which should be optimized
table-lock-contention 1 2 Table lock contention
threadcache-hitrate 90 80 Hit rate of the thread-cache
threads-cached 10 20 Number of currently cached threads
threads-connected 10 20 Number of currently open connections
threads-created 10 20 Number of threads created per sec
threads-running 10 20 Number of currently running threads
tmp-disk-tables 25 50 Percent of temp tables created on disk
uptime 10 5 Time the server is running

7.2 SERVICE MONITORING TEMPLATES

EXAMPLE OF USE IN CONTEXT - SERVICES
HOSTNAME TEMPLATE NAME MODE CREDENTIALS WARNING CRITICAL
srv-01 MYSQL SRV-01-MYSQL uptime cred-gen-01 10 5

Back to Service Templates categories

471
ORACLE

Check Oracle databases

Multi purpose Oracle database monitoring

The main plugin used for this service template is check_oracle from ConSol Labs.

Note: A dedicated account should be created for monitoring purposes. This account should be read only
on monitored databases. See details of permission settings below.

PREPARE THE DATABASE FOR MONITORING

The following steps are taken from the check_oracle_health plugin readme.

In the SQL prompt:

create user nagios identified by <password>;
grant create session to nagios;
grant select any dictionary to nagios;
grant select on V_$SYSSTAT to nagios;
grant select on V_$INSTANCE to nagios;
grant select on V_$LOG to nagios;
grant select on SYS.DBA_DATA_FILES to nagios;
grant select on SYS.DBA_FREE_SPACE to nagios;

On Oracle 8.x the user must be granted the SELECT_CATALOG_ROLE

grant select_catalog_role to nagios;
instead of "grant select any dictionary..."

If you monitor the Oracle 7.x database at the local computer:

grant select on V_$SYSSTAT to nagios;
grant select on sys.dba_tablespaces to nagios;
grant select on sys.dba_free_space to nagios;
grant select on sys.dba_data_files to nagios;

Back to Service Templates categories

472
 7 MONITORING TEMPLATES
METROLOGY
State Output
OK OK - Connection to X in N ms|time=[TIME]
WARNING WARNING - Connection to X in N ms|time=[TIME]
CRITICAL CRITICAL - connection could not be established within N seconds
CRITICAL - statefile X is corrupt
CRITICAL - statefilesdir X does not exist or is not writable
CRITICAL - statefile X is not writable
CRITICAL - received TERM signal
CRITICAL - Connect timeout after [TIMEOUT]
CRITICAL - Failed to connect
UNKNOWN UNKNOWN - X timed out after N seconds
UNKNOWN - Unknown option N
UNKNOWN - ERR: X
UNKNOWN - Failed to retrieve time markers
UNKNOWN - Failed to compute elapsed time

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Oracle server name, as recorded in HOSTS section
NAME text N.A Optional. Monitoring point name
TEMPLATE ORACLE N.A Mandatory value
DATABASE text N.A Monitored database name. Required with some
specific modes (see remarks)
CREDENTIALS text N.A Authentication credential. Generic type
MODE text See If set, defines a specific monitoring mode. If empty,
remarks switch on deprecated ORACLE mode of previous POM
versions (see remarks)
QUERY Oracle N.A Use only with sql and sql-runtime modes. Note : the
SQL query must return a single number to be valid
syntax
code

7.2 SERVICE MONITORING TEMPLATES

LABEL text N.A Useful only with sql and sql-runtime modes to set a
shortname to the query
PORT integer 1521 Oracle server connection port
WARNING integer See Warning threshold. Depends on MODE
remarks
CRITICAL integer See Critical threshold. Depends on MODE
remarks
TIMEOUT integer 30 Delay in second before connection fails

Back to Service Templates categories

473
REMARKS

Important Note: if no MODE is stated, then the deprecated ORACLE template of previous POM versions
is used. In that case, one may use the following columns:

Column Format Def. val. Comment

HOSTNAME text N.A Oracle server name, as recorded in HOSTS
section
NAME text N.A Monitoring point name
TEMPLATE ORACLE N.A Mandatory value
DATABASE text N.A Monitored database name
CREDENTIALS text N.A Authentication credential. Generic type
TB_LIMIT warn%/crit% 90%/95% Tablespace occupation rate
MEM_LIMIT warn%/crit% 90%/95% Memory occupation rate
PORT integer 1521 Oracle server connection port
WARNING integer 1000 Connection time (milliseconds) warning
threshold (ORASID service)
CRITICAL integer 2000 Connection time (milliseconds) critical threshold
(ORASID service)

MODES
If the MODE column value is set, then the new ORACLE template is used and its behavior depends
on the MODE value. All values are listed below.
MODE WARNING CRITICAL Description
tnsping Check the reachability of the server
connection-time 1 2 Time to connect to the server
password-expiration 30 15 Check the password expiry date for
users
connected-users 50 100 Number of currently connected users
session-usage 80 95 Percentage of sessions used
process-usage 80 95 Percentage of processes used
rman-backup-problems 1 2 Number of rman backup errors
during the last 3 days
sga-data-buffer-hit-ratio 98: 95: Data Buffer Cache Hit Ratio
sga-library-cache-gethit-ratio 98: 95: Library Cache Get Hit Ratio
sga-library-cache-pinhit-ratio 98: 95: Library Cache Pin Hit Ratio
sga-library-cache-reloads 10 100 Library Cache Reload and
Invalidation Rate
sga-dictionary-cache-hit-ratio 95: 90: Dictionary Cache Hit Ratio
sga-latches-hit-ratio 98: 95: Latches Hit Ratio
sga-shared-pool-reload-ratio 1 10 Shared Pool Reloads vs. Pins
sga-shared-pool-free 10: 5: Shared Pool Free Memory
pga-in-memory-sort-ratio 99: 90: PGA in-memory sort ratio
invalid-objects 0 0 Number of invalid objects in
database

Back to Service Templates categories

474
 7 MONITORING TEMPLATES
MODE WARNING CRITICAL Description
stale-statistics 10 100 Find objects with stale optimizer
statistics
corrupted-blocks 0 0 Number of corrupted blocks in
database
tablespace-usage 90 98 Used space in tablespaces
tablespace-free 5: 2: Free space in tablespaces
tablespace-remaining-time 90: 30: Time until a tablespace is full
tablespace-fragmentation 30: 20: Free space fragmentation index
tablespace-io-balance 50.00 100.00 balanced io of all datafiles
tablespace-can-allocate-next unused unused Segments of a tablespace can
allocate next extent
datafile-io-traffic 1000 5000 io operations/per sec of a datafile
datafiles-existing 80 90 Percentage of the maximum possible
number of datafiles
asm-diskgroup-usage Used space in diskgroups
asm-diskgroup-free Free space in diskgroups
soft-parse-ratio 98: 90: Percentage of soft parses
switch-interval 600: 60: Time between redo log file switches
retry-ratio 1 10 Redo buffer allocation retries
redo-io-traffic 100 200 Redo log io bytes per second
roll-header-contention 1 2 Rollback segment header contention
roll-block-contention 1 2 Rollback segment block contention
roll-hit-ratio 99: 98: Rollback segment hit ratio
gets/waits
roll-wraps 1 100 Rollback segment wraps per sec
roll-extends 1 100 Rollback segment extends per sec
roll-avgactivesize Rollback segment average active
size
seg-top10-logical-reads 1 9 user objects among top 10 logical
reads
seg-top10-physical-reads 1 9 user objects among top 10 physical
reads
seg-top10-buffer-busy-waits 1 9 user objects among top 10 buffer

7.2 SERVICE MONITORING TEMPLATES

busy waits
seg-top10-row-lock-waits 1 9 user objects among top 10 row lock
waits
event-waits 10 100 processes wait events
event-waiting 0.1 0.5 time spent by processes waiting for
an event
enqueue-contention 1 10 percentage of enqueue requests
which must wait
enqueue-waiting 0.0003333 0.003333 percentage of time spent waiting for
the enqueue
latch-contention 1 2 percentage of latch get requests
which must wait
latch-waiting 0.1 1 percentage of time a latch spends
sleeping
sysstat 10 100 change of sysstat values over time
dataguard-lag 60 120 Dataguard standby lag
dataguard-mrp-status Dataguard standby MRP status
flash-recovery-area-usage 90 98 Used space in flash recovery area

Back to Service Templates categories

475
 MODE WARNING CRITICAL Description
flash-recovery-area-free undefined undefined Free space in flash recovery area
sql 0 0 any sql command returning a single
number
sql-runtime 0 0 the time an sql command needs to
run
multi unused unused Allows you to define multiple modes
in one row (the different mode
names will then be entered as
column names). See examples below

Notes:
 old SID status is provided with connection-time mode
 old TBS value is provided with tablespace-usage mode
 old MEM value has no equivalent
 list-* modes are for information only, not for monitoring purposes

EXAMPLES OF USE IN CONTEXT – SERVICES

HOSTNAME TEMPLATE DATABASE MODE CONNECTION-TIME SESSION-USAGE
dc-01 ORACLE preprod multi 0.030/0.1 60%/80%

HOSTNAME TEMPLATE DATABASE MODE WARNING CRITICAL CREDENTIALS TABLESPACE

dc-01 ORACLE preprod tablespace-usage 70% 80% cred-gen-01 TS1

In the example above, we define a precise tablespace, TS1, that we want to monitor.
In the example below, we instead declare ALL tablespaces EXCEPT TS3 and TS4, using a negative
lookahead regular expression in the TABLESPACE column:
HOSTNAME TEMPLATE NAME DATABASE MODE WARNING CRITICAL CREDENTIALS TABLESPACE
dc-01 ORACLE all Preprod tablespace-usage 70% 80% cred-gen-01 re/^(?!TS3|TS4)/

Back to Service Templates categories

476
 7 MONITORING TEMPLATES
POSTGRESQL

Check PostgreSQL databases

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Machine name
NAME text N.A Monitoring point name
TEMPLATE POSTGRESQL N.A Mandatory value
CREDENTIALS text N.A Authentication credential. Generic type
DATABASE text N.A Database name, required for some modes (see
remarks)
MODE text N.A Type of check (see remarks)
WARNING num[%] N.A Warning threshold which format depends on
MODE (see remarks)
CRITICAL num[%] N.A Critical threshold which format depends on MODE
(see remarks)
PORT num 5432 Connection port to the server

MODES
MODE WARNING CRITICAL Description
archive_ready 10 15 Check the number of WAL files ready in
the pg_xlog/archive_status
autovac_freeze 90% 95% Checks how close databases are to
autovacuum_freeze_max_age.

7.2 SERVICE MONITORING TEMPLATES

backends 90% 95% Number of connections, compared to
max_connections.
bloat 1 GB 5 GB Check for table and index bloat.
Checkpoint Checks how long since the last checkpoint
(not impremented)
cluster_id .+ .+ Checks the Database System Identifier
commitratio 90% 95% Report if the commit ratio of a database is
too low.
connection Simple connection check.
custom_query Run a custom query.
database_size 10 GB 50 GB Report if a database is too big.
Dbstats Returns stats from pg_stat_database: Cacti
(not implemented) output only
disabled_triggers 1 1 Check if any triggers are disabled
fsm_pages 85% 95% Checks percentage of pages used in free
space map.

Back to Service Templates categories

477
MODE WARNING CRITICAL Description
fsm_relations 85% 95% Checks percentage of relations used in free
space map.
hitratio 90% 95% Report if the hit ratio of a database is too
low.
hot_standby_delay 10 20 Check the replication delay in hot standby
setup
index_size 100 MB 250 MB Checks the size of indexes only.
last_analyze 1 days 2 days Check the maximum time in seconds since
any one table has been analyzed.
last_autoanalyze 1 days 2 days Check the maximum time in seconds since
any one table has been autoanalyzed.
last_autovacuum 1 days 2 days Check the maximum time in seconds since
any one table has been autovacuumed.
last_vacuum 1 days 2 days Check the maximum time in seconds since
any one table has been vacuumed.
listener .+ .+ Checks for specific listeners.
locks 100 150 Checks the number of locks.
Logfile Checks that the logfile is being written to
(not implemented) correctly.
new_version_bc Checks if a newer version of Bucardo is
available.
new_version_box Checks if a newer version of boxinfo is
available.
new_version_cp Checks if a newer version of
check_postgres.pl is available.
new_version_pg Checks if a newer version of Postgres is
available.
new_version_tnm Checks if a newer version of tail_n_mail is
available.
pgagent_jobs 1 hours 2 hours Check for no failed pgAgent jobs within a
specified period of time.
pgb_pool_cl_active 100 200 Check the number of active clients in each
pgbouncer pool.
pgb_pool_cl_waiting 100 200 Check the number of waiting clients in
each pgbouncer pool.
pgb_pool_maxwait 100 200 Check the current maximum wait time for
client connections in pgbouncer pools.
pgb_pool_sv_active 100 200 Check the number of active server
connections in each pgbouncer pool.
pgb_pool_sv_idle 100 200 Check the number of idle server
connections in each pgbouncer pool.
pgb_pool_sv_login 100 200 Check the number of login server
connections in each pgbouncer pool.
pgb_pool_sv_tested 100 200 Check the number of tested server
connections in each pgbouncer pool.
pgb_pool_sv_used 100 200 Check the number of used server
connections in each pgbouncer pool.

Back to Service Templates categories

478
 7 MONITORING TEMPLATES
MODE WARNING CRITICAL Description
pgbouncer_backends 90% 95% Check how many clients are connected to
pgbouncer compared to max_client_conn.
pgbouncer_checksum undefined undefined Check that no pgbouncer settings have
changed since the last check.
prepared_txns 1 30 Checks number and age of prepared
transactions.
query_runtime Check how long a specific query takes to
run.
query_time 1 hours 2 hours Checks the maximum running time of
current queries.
relation_size 100 MB 500 MB Checks the size of tables and indexes.
replicate_row 10 seconds 20 seconds Verify a simple update gets replicated to
another server.
same_schema Verify that two databases have the exact
(not implemented) same tables, columns, etc.
sequence 85% 95% Checks remaining calls left in sequences.
settings_checksum undefined undefined Check that no settings have changed since
the last check.
slony_status 60 300 Ensure Slony is up to date via sl_status.
table_size 100 MB 200 MB Checks the size of tables only.
timesync 2 5 Compare database time to local system
time.
txn_idle 10 seconds 20 seconds Checks the maximum “idle in transaction”
time.
txn_time 10 seconds 20 seconds Checks the maximum open transaction
time.
txn_wraparound 1300000000 1400000000 See how close databases are getting to
transaction ID wraparound.
version 8.3 8.4 Check for proper Postgres version.
wal_files 10 15 Check the number of WAL files in the

7.2 SERVICE MONITORING TEMPLATES

pg_xlog directory
archive_ready 10 15 Check the number of WAL files ready in
the pg_xlog/archive_status
autovac_freeze 90% 95% Checks how close databases are to
autovacuum_freeze_max_age.
backends 90% 95% Number of connections, compared to
max_connections.
bloat 1 GB 5 GB Check for table and index bloat.

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME MODE CREDENTIALS WARNING CRITICAL
srv-01 POSTGRESQL SRV-01-POSTGRESQL backends cred-gen-01 90% 95%

Back to Service Templates categories

479
 7 MONITORING TEMPLATES
7.2.5 APPLICATIONS & SOFTWARE

TEMPLATE Description Protocols From

ver.
AD Windows Active Directory state any
AWS-ALARM Check the status of an AWS account's alarms https 5.4
AWS-BILLING Get the estimated charges from an account on AWS https 5.4
DC-SYNC Domain Controller synchronization via WMI wmi 5.2
ESX-CL Check of a VMWARE cluster any
ESX-SNAPSHOTS Number of snapshots in a VMWARE virtual any
infrastructure
ESX-VC Check of a VMWARE V-Center any
ESX-VC-VMFS VMWare VMFS (disks) from a VCenter point of view 4.0
ESX-VMFS VMWare VMFS (disks) from an ESX point of view 4.0
LICENSE POM license validity 5.2
OFFICE365 Microsoft Office365 connectivity 5.2
POM-DISCOVERY POM Discovery tool state 5.2
ROBOCOPY Robocopy transfer log file analysis via Samba any
SCENARIO Web site browsing with validation steps and global any
duration
SCHEDULED-JOB Scheduled job execution state 5.2
SMB Check disk free space in a SMB share smb 4.0
SMB-DIR Alert on number of files or age of oldest file via SMB smb 4.1
SVC Windows service activation state any
WINEXE Run an application on a Windows server 4.1
X509 Check of X.509 certificate validity 4.0

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

481
AD

Windows Active Directory server state

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
NAME text N.A Monitoring point name
TEMPLATE AD N.A Mandatory
DOMAIN_NAME text N.A Mandatory. Domain name
CREDENTIALS text N.A Optional. As defined in Authentication menu of the
web interface configuration. See remarks
LDAP text N.A LDAP. Only one of these four parameters can be
LDAP_AUTH text N.A used, all others must be set to nomon. When in
LDAP_AUTH_SSL text N.A doubt, use LDAP_AUTH, which should work on any
LDAP_AUTH_TLS text N.A AD.
DNS_INTERNAL text N.A LAN DNS server – Syntax:
<dns_server_name>=<expected_ip>/<warn_time>/<cri
t_time>
Time in milliseconds
DNS_EXTERNAL text N.A Remote DNS server – Syntax:
<dns_server_name>=<expected_ip>/<warn_time>/<cri
t_time>
Time in milliseconds
DHCP_* text N.A Syntax: <mac address>[=<ip>]
FSMO_ROLES text N.A FSMO roles
REPLSUM text N.A Replication state
SYSVOL_SHARED text N.A SYSVOL shared volumes
NTP text N.A NTP server address (to obtain clock offset)

EXAMPLE OF USE IN CONTEXT – SERVICES

HOSTNAME TEMPLATE NAME DOMAIN_NAME CREDENTIALS LDAP LDAP_AUTH LDAP_AUTH_SSL ...
dc-01 AD DC-01-AD [Link] cred-ad-pom nomon nomon ...

... LDAP_AUTH_TLS DNS_INTERNAL DNS_EXTERNAL DHCP_POM

... nomon [Link]=[Link]/20/50 [Link]=[Link]/100/200 [Link]=[Link]

REMARKS

CREDENTIALS column
Credentials must be of the type generic. Moreover, in order for the LDAP-AUTH check to work
properly, login must comply to the syntax login@[Link]
If FSMO_ROLES and/or REPLSUM are used, chosen credentials must have admin permissions.

Back to Service Templates categories

482
 7 MONITORING TEMPLATES
AWS-ALARM

Check the status of an AWS (Amazon Web Services) account's alarms

METROLOGY
State Output
OK OK
CRITICAL CRITICAL - Alarm [X] triggered
UNKNOWN UNKNOWN - No alarm found
UNKNOWN - Alarm [X] not found
UNKNOWN - Insufficient data for alarm [X]

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE AWS-ALARM N.A Mandatory
NAME text N.A Local alarm (monitoring point) name
ALARM text N.A Remote alarm name
TIMEOUT integer 5 Seconds before connection times out

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME ALARM
AWS-EU-WEST-1 AWS-ALARM AWS-local-alarm-01 AWS-alarm-01

For more info on AWS infrastructures monitoring in POM:

7.2 SERVICE MONITORING TEMPLATES

 See INTEGRATION: Monitoring a Virtualized Infrastructure (AWS)

Back to Service Templates categories

483
AWS-BILLING

Get the estimated charges from an account on AWS (Amazon Web Services)

Important note: on the day this Admin Guide is released, the AWS-BILLING template seems to apply
only for virtual infrastructures located on AWS's Virginia (VA, US) servers.

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE AWS-BILLING N.A Mandatory
NAME text N.A Monitoring point name
WARNING integer N.A Warning threshold ($)
CRITICAL integer N.A Critical threshold ($)
TIMEOUT integer 5 Seconds before connection times out

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME WARNING CRITICAL
AWS-EU-WEST-1 AWS-BILLING 40 80

For more info on AWS infrastructures monitoring in POM:

 See INTEGRATION: Monitoring a Virtualized Infrastructure (AWS)

Back to Service Templates categories

484
 7 MONITORING TEMPLATES
DC-SYNC

Domain Controller synchronization via WMI

METROLOGY
State Output
OK OK - Last successful sync was N minutes ago
WARNING WARNING - Last successful sync was N minutes ago
CRITICAL CRITICAL - **Last successful sync was N minutes ago, last sync attempt
was not successful**
CRITICAL - **Last sync was successful but was N minutes ago**

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE DC-SYNC N.A Mandatory
NAME text N.A Monitoring point name
CREDENTIALS text N.A Authentication credential. WMI type
WARNING integer N.A Warning threshold – min since last successful sync
CRITICAL integer N.A Critical threshold – min since last successful sync
TIMEOUT integer 5 Seconds before connection times out

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAM TEMPLATE NAME CREDENTIALS WARNING CRITICAL TIMEOUT
E
dc-01 DC-SYNC DC-01-SYNC cred-wmi-01 15 30 10

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

485
ESX-CL

Check of a VMWare cluster

SERVICES SECTION
Column Format Def. val. Comment
CPU w%/c% N.A Usage percentage thresholds for the CPUs of all
ESXs monitored by the V-Center
MEM w%/c% N.A Memory usage percentage thresholds of all ESXs
monitored by the V-Center
CONFIG text N.A Configuration info
CREDENTIALS text N.A Authentication credential. ESX type

EXAMPLES OF USE IN CONTEXT – SERVICES

HOSTNAME NAME TEMPLATE CPU MEM CONFIG CREDENTIALS
HOST-01 Cluster01 ESX-CL 75%/85% 75%/85% NO-MON cred-esx-01

Back to Service Templates categories

486
 7 MONITORING TEMPLATES
ESX-SNAPSHOTS

Number of snapshots in a VMWARE virtual infrastructure

SERVICES SECTION
Column Format Def. Comment
val.
HOSTNAME text N.A Device name
NAME text N.A Monitoring point name
TEMPLATE ESX_SNAPSHOTS N.A Mandatory value
MODE {age,count} N.A Mandatory.
age: alerts on snapshot age. It also shows the
number of snapshots that raised the alert and their
name.
count: alerts on the number of snapshot found.
WARNING integer N.A Mandatory.
If MODE is age then units are days.
If MODE is count then units are the number of
snapshot found.
CRITICAL integer N.A Mandatory.
If MODE is age then units are days.
If MODE is count then units are the number of
snapshot found.
CREDENTIALS text N.A Optional. Connection account registered on
VCenter or on ESX. Credential type must be ESX
INCLUDE text/regex .* Optional. Regular expression describing snapshot
names to include. Default: all.
EXCLUDE text/regex ^$ Optional. Regular expression describing snapshot
names to include. Default: none.

7.2 SERVICE MONITORING TEMPLATES

EXAMPLES OF USE IN CONTEXT – SERVICES
HOSTNAME TEMPLATE NAME MODE WARNING CRITICAL INCLUDE EXCLUDE
lb-01 ESX-SNAPSHOTS LB-01-ESXSNAP age 2 7

lb-02 ESX-SNAPSHOTS LB-02-ESXSNAP count 5 10

lb-03 ESX-SNAPSHOTS LB-03-ESXSNAP age 3 6 '^srv' 'local'

lb-04 ESX-SNAPSHOTS LB-04-ESXSNAP count 2 5 'test'

Back to Service Templates categories

487
ESX-VC

Check of a VMWare V-Center

 See also INTEGRATION: Monitoring a Virtualized Infrastructure (VMWare)

SERVICES SECTION
Column Format Def. val. Comment
CPU w%/c% N.A Usage percentage thresholds for the CPUs of all
ESXs monitored by the V-Center
MEM w%/c% N.A Memory usage percentage thresholds of all ESXs
monitored by the V-Center
VMFS See examples N.A VMFS usage percentage thresholds for all ESXs
monitored by the V-Center
IO See examples N.A Usage of IO (kernel, device and queue), in
milliseconds
CONFIG text N.A Configuration info
DISK-LATENCY w/c N.A Disk drive latency thresholds (in milliseconds) for
all ESXs monitored by the V-Center
CREDENTIALS text N.A Authentication credential. ESX type

EXAMPLES OF USE IN CONTEXT – SERVICES

HOSTNAME NAME TEMPLATE CPU MEM VMFS IO CONFIG CREDENTIALS
VM-VCENTER VAL_DEF ESX-VC 75%/85% 75%/85% 75%/85%//inc=.+/exc=’ˆ$’ kernel//4/6 cred-esx-01
device//15/20
queue//0/0
VM-VCENTER FL2 ESX-VC 75%/85%//exc=Local|local cred-esx-01
VM-VCENTER FAKE ESX-VC NO-MON NO-MON */exc=.+ NO-MON cred-esx-01

Back to Service Templates categories

488
 7 MONITORING TEMPLATES
ESX-VC-VMFS

VMWare VMFS (disks) from a VCenter point of view

This template is a variant of the DISK service template.

 See DISK Service Template

SERVICES SECTION (SEE DISK SERVICE TEMPLATE FOR FULL LIST)

Column Format Def. val. Comment
WARNING decimal 90% Optional
CRITICAL decimal 95% Optional

EXAMPLES OF USE IN CONTEXT – SERVICES

HOSTNAME TEMPLATE NAME INCLUDE EXCLUDE WARNING CRITICAL
vc-01 ESX-VC-VMFS Ds0 Datastorage0 75% 90%
vc-01 ESX-VC-VMFS Ds1 Datastorage1 75% 90%
vc-01 ESX-VC-VMFS VC-01-DISK 75% 90%

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

489
ESX-VMFS

VMWare VMFS (disks) from an ESX point of view

This template is a variant of the DISK service template.

 See DISK Service Template

SERVICES SECTION (SEE DISK SERVICE TEMPLATE FOR FULL LIST)

Column Format Def. val. Comment
WARNING decimal 90% Optional
CRITICAL decimal 95% Optional

EXAMPLES OF USE IN CONTEXT – SERVICES

HOSTNAME TEMPLATE NAME INCLUDE EXCLUDE WARNING CRITICAL
srv-esx-01 ESX-VMFS Ds0 Datastorage0 75% 90%
srv-esx-01 ESX-VMFS Ds1 Datastorage1 75% 90%
srv-esx-01 ESX-VMFS SRV-ESX-01-DISK 75% 90%

Back to Service Templates categories

490
 7 MONITORING TEMPLATES
LICENSE

Check POM platform license expiration date / validity

METROLOGY
State Output
OK LICENSE OK
CRITICAL LICENSE CRITICAL: Could not execute /opt/pom/bin/display-license
>> Said file is missing or corrupted
LICENSE CRITICAL: Could not access to the license
>> License file is missing or corrupted
UNKNOWN LICENSE UNKNOWN: Failed to get current time
>> POM server time settings problem
LICENSE UNKNOWN: Failed to get license time
>> License file is missing or corrupted

7.2 SERVICE MONITORING TEMPLATES

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE LICENSE N.A Mandatory
NAME text N.A Monitoring point name
WARNING integer N.A Warning threshold – seconds until expiration
CRITICAL integer N.A Critical threshold – seconds until expiration

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAM TEMPLATE NAME WARNING CRITICAL
E
srv-pom-03 LICENSE POM server license 40000000 30000000

Back to Service Templates categories

491
Back to Service Templates categories
492
 7 MONITORING TEMPLATES
OFFICE365

Microsoft Office365 connectivity

METROLOGY
State Output
OK OK - [SERVICE] is operational
WARNING WARNING - **[SERVICE] is in a warning state**
CRITICAL CRITICAL - **[SERVICE] is in a critical state**

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE OFFICE365 N.A Mandatory
NAME text N.A Monitoring point name
USER text N.A User name
PASSWORD text N.A Password
WARNING integer N.A Warning threshold (milliseconds)
CRITICAL integer N.A Critical threshold (milliseconds)
CACHE_AGE integer 10 Maximum age of cache
MODE text N.A. Mode. Either time, service or license
SERVICE_NAME text N.A. Service to look for

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME USER PASSWORD SERVICE_NAME WARNING CRITICAL
srv-web-01 OFFICE365 Office365 x@[Link] <password> Sharepoint 10000 20000

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

493
POM-DISCOVERY

POM Discovery tool state

Allows you to get the number of newly discovered devices based on several criteria

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE POM-DISCOVERY N.A Mandatory
NAME text N.A Monitoring point name
TYPE text N.A Host type (possible values are names of host
templates)
NETWORK text N.A Limit the monitoring to a precise network list
WARNING integer 0 Warning threshold
CRITICAL integer 0 Critical threshold

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME TYPE NETWORK WARNING CRITICAL
srv-pom-01 POM-DISCOVERY SRV-POM-01-DISCOVERY WIN

Back to Service Templates categories

494
 7 MONITORING TEMPLATES
ROBOCOPY

Robocopy transfer log file analysis via Samba

METROLOGY
State Output
OK OK, backup not terminated since D
CRITICAL CRITICAL, report is broken
CRITICAL, backup not terminated since D
CRITICAL, NOT ENDED

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Server name as given in the HOSTS section
TEMPLATE ROBOCOPY N.A Mandatory value
NAME text N.A Optional. Monitoring point name
USER text N.A User name
PASSWORD text N.A Password
SHARE text N.A Network share
INSTANCE text N.A Backup instance
MAXTIME time 1d Max time from end

EXAMPLES OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME USER PASSWORD SHARE INSTANCE
srv-01 ROBOCOPY SRV-01-ROBOCOPY User01 <password> share01 test01_share

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

495
SCENARIO

Web site browsing with validation steps and global duration

This template is designed to refer to a scenario script to run on a given URL. The scenario should
exist in the directory /etc/pom/scenarios.
POM MonitoringTM provides a plugin to help writing a web scenario (check_scenario).
 For more info on scenario writing, see HOW-TO: MONITORING ADMINISTRATION – Setting up scenarios

METROLOGY
State Output
OK WEB-SCENARIO OK - Expected values OK
CRITICAL WEB-SCENARIO CRITICAL - File not found <file>
UNKNOWN WEB-SCENARIO UNKNOWN - Error parsing date: <date>

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Server name as given in the HOSTS section
NAME text N.A Optional. Monitoring point name
TEMPLATE SCENARIO N.A Mandatory value
SCENARIO text N.A Mandatory. scenario filename without .scn extension
URL url N.A Mandatory. URL to which the scenario is applied
OPTION text N.A Optional. If set to "no-host", the browsing will not
originate from the defined host.

EXAMPLES OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME SCENARIO URL OPTION
srv-app1 SCENARIO SRV-APP1-PORTAL portal [Link] no-host
srv-app2 SCENARIO SRV-APP2-APP app [Link]

Back to Service Templates categories

496
 7 MONITORING TEMPLATES
SCHEDULED-JOB

Scheduled job execution state

Important note: this template only monitors scheduled jobs that were created using either the AT
command line or the WMI console. Scheduled jobs created using the scheduled job assistant will NOT be
monitored by this template

METROLOGY
State Output
OK SCHEDULED-JOB OK: All scheduled jobs are OK
WARNING SCHEDULED-JOB WARNING: Failing jobs
>> Said job is failing to execute
SCHEDULED-JOB WARNING: Status null for jobs
>> Job declaration in spreadsheet file is likely incorrect
CRITICAL SCHEDULED-JOB CRITICAL: Last execution failed
>> Said job failed to execute on last attempt
SCHEDULED-JOB CRITICAL: Job(s) not found
>> Job was removed from host or wrongly declared in spreadsheet file
SCHEDULED-JOB CRITICAL: Jobs in error
SCHEDULED-JOB CRITICAL: No scheduled jobs found
UNKNOWN SCHEDULED-JOB UNKNOWN: Jobs with unknown status

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE SCHEDULED-JOB N.A Mandatory
NAME text N.A Monitoring point name
TIMEOUT integer

7.2 SERVICE MONITORING TEMPLATES

JOB text N.A Name of the monitored job
WARNING range N.A Warning threshold range
CRITICAL range N.A Critical threshold range

REMARKS

Authentication credentials
If authentication is required, you must add a CREDENTIALS column in the HOSTS section that
corresponds to the HOSTNAME. Credential must be of WMI type.
As this CREDENTIALS column only stands for MS_USER and MS_PASSWORD, you must also add an
MS-WORKGROUP column in the same HOSTS section.

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAM TEMPLATE NAME JOB
E
srv-win-01 SCHEDULED-JOB Data backup Backup

Back to Service Templates categories

497
Back to Service Templates categories
498
 7 MONITORING TEMPLATES
SMB

Check disk free space in a SMB share

METROLOGY
State Output
OK Disk ok - 72.1G (88%) free on \\[Link]\My_share
WARNING WARNING: Only 22.1G (15%) free on \\[Link]\My_share
CRITICAL CRITICAL: Only 7.1G (8%) free on \\[Link]\My_share Access Denied
>> Permissions problem on shared folder

HOSTS SECTION
Column Format Def. val. Comment
CREDENTIALS text N.A Authentication credential. WMI type

7.2 SERVICE MONITORING TEMPLATES

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE SMB N.A Mandatory
NAME text N.A Monitoring point name
SHARE text N.A Share name
PORT integer 445 Some Windows boxes use 139, others 445 (Netbios
over TCP/IP, smbclient default)
WARNING integer 90% Warning threshold percent of used space
CRITICAL integer 95% Critical threshold percent of used space

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAM TEMPLATE NAME SHARE WARNING CRITICAL
E
srv-win-04 SMB Free space on \\srv-win-04\\My_Share My_share 75% 90%

Back to Service Templates categories

499
SMB-DIR

Alert on number of files or age of the oldest file via SMB

METROLOGY
State Output
OK OK - Number of files: N
WARNING WARNING - Number of files: N
CRITICAL CRITICAL - **No file found**
CRITICAL - Number of files: N

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device names
TEMPLATE SMB-DIR N.A Mandatory
NAME text N.A Monitoring point name
SHARE text N.A SMB share name
CREDENTIALS text N.A Authentication credential. Generic type
DIRECTORY text . Folder in the share
MODE text N.A See Modes
TOP integer 3 Top N files. See remarks
NO-EMPTY boolean 1 Set behaviour if no file found.
0 for OK, 1 for CRITICAL
WARNING integer Depends on Mode See Modes
CRITICAL integer Depends on Mode See Modes
MASK grep N.A. Describes files to be filtered

MODES
MODE Comment Syntax Def. WARN Def. CRIT Example
age Age of a file dhms 2h 5h 5d 10h 1d 6h
count Number of files Integer 5 10 24
size Size of a file KMGTP 513M
newest Age of the most recent file found dhms 2d 5h 5d 10h 1d 6h
oldest Age of the oldest file found dhms 2d 5h 5d 10h 1d 6h
smallest Size of the smallest file found KMGTP 513M
biggest Size of the biggest file found KMGTP 513M

REMARKS

TOP column
When TOP column is used in combination with the count mode, if TOP is set to -1, WARNING and
CRITICAL thresholds are set to 0.

Back to Service Templates categories

500
 7 MONITORING TEMPLATES
EXAMPLES OF USE IN CONTEXT - SERVICES
HOSTNAME TEMPLATE NAME SHARE CREDENTIALS DIRECTORY MODE NO-EMPTY WARN CRIT
srv-win-05 SMB-DIR Count My_share cred-gen-01 / count 1
srv-win-07 SMB-DIR Age My_share cred-gen-02 / age 1 1h 5m 3h 30m

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

501
SVC

Windows service activation state

METROLOGY
State Output
OK SVC OK: Server DNS is active, Server DNS: 1

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE SVC N.A Mandatory
NAME text N.A Monitoring point name
SERVICE_NAME text N.A Service name. “*” wildcard available
RETRY integer 2 Number of retries to be used in the requests
TIMEOUT integer 2 Seconds before connection times out

REMARKS
Service list may be generated by POM with the list-snmp-winsvc command line tool.

EXAMPLES OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME SERVICE_NAME
srv-win-12 SVC Active Directory Active Directory Domain Services
srv-win-12 SVC DNS DNS Server
srv-win-12 SVC Spooler Print Spooler

Back to Service Templates categories

502
 7 MONITORING TEMPLATES
WINEXE

Run an application on a Windows server

SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Device name
TEMPLATE WINEXE N.A Mandatory
NAME text N.A Monitoring point name
USER text N.A (Domain and) User name. See remarks
PASSWORD text N.A Password
COMMAND text N.A Command to launch the application
TIMEOUT integer 30 Seconds before connection times out

REMARKS

Domain
In case a domain name is required for authentication, you can use the following syntax in a USER
column: DOMAIN\USER
Note that this is the syntax used when defining a credential that requires domain authentication
 See WEB INTERFACE CONFIGURATION: Credentials

EXAMPLE OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME USER PASSWORD COMMAND
srv-win-01 WINEXE WIN-01-IE Dom\User01 <password> "C:\Program Files\Internet Explorer\[Link]"

7.2 SERVICE MONITORING TEMPLATES

Back to Service Templates categories

503
X509

Check of X.509 certificate validity

Note: The target server must have an X.509 certificate configured on the requested port.

METROLOGY
State Output
OK OK - Certificate [Link] will expire on 01/30/2014 14:10.
>> The certificate named [Link] is still valid and will expire on
01/30/2014 14:10
WARNING WARNING - Certificate [Link] expires in 288 day(s) (01/30/2014
14:10).
>> The certificate named ''[Link]'' is still valid and will expire in
288 days
Alert on number of days left
CRITICAL Connection refused
>> Unable to connect to the server via SSL

CRITICAL - Certificate '[Link]' expires in 25 day(s) (01/30/2014

14:10).
>> The certificat named ''[Link]'' is still valid and will expire in
25 days
Alert on number of days left

Back to Service Templates categories

504
 7 MONITORING TEMPLATES
SERVICES SECTION
Column Format Def. val. Comment
HOSTNAME text N.A Server name as given in the HOSTS section
NAME text N.A Optional. Monitoring point name. If this value is not set
then the service name would be X509-<vhost>
TEMPLATE X509 N.A mandatory value
VHOST text N.A Optional. HTTP virtual host to check
PORT integer 443 Server access port
TIMEOUT integer 10 Mandatory. Connection timeout
PROXY text N.A Optional. Proxy to use to reach the server. See remarks.
PROXY-AUTH text N.A Optional. Proxy URL to use for credentials values. See
remarks.
WARNING integer 60 Optional. Certificate expiration time warning threshold
(day)
CRITICAL integer 45 Optional. Certificate expiration time critical threshold
(day)
OPTION text N.A Optional. Allowed value: vhost-only

REMARKS

Involved check commands

 check-https-cert no proxy, no port specified (443 by default)
 check-https-cert-proxy proxy, no port specified (443 by default)
 check-https-cert-port specified port (other than 443)
These 3 commands both use the check_http plugin provided by the Nagios Plugin Development
Team.

VHOST column
Required if the server certificate shown in HTTP header is different than the registered one, or if a
proxy server is used. If VHOST is set, the request is sent directly to that VHOST instead of the

7.2 SERVICE MONITORING TEMPLATES

server IP address (corresponding to the name set in HOSTNAME column). In that case a DNS
request is run in order to find the IP address of the VHOST.

PROXY column
The PROXY column syntax is of the form [user:password@]host[:port]. The characters :
and @ must be url-encoded if present in the fields user and password respectively.
Default proxy port is 3128.
The HTTP port must be 443 if a proxy is used. In that case the PORT column is ignored.

EXAMPLES OF USE IN CONTEXT - SERVICES

HOSTNAME TEMPLATE NAME WARN CRIT VHOST PORT PROXY OPTION
lb-01 X509 LB-01-X509 50 25 [Link]
srv-wpub-03 X509 SRV-WPUB-03-X509 50 25 [Link] monitor:monitor@proxy2
srv-pom-01a X509 acme-kb 50 25 [Link] 4443 vhost-only
srv-imap-02 X509 acme-imap 50 25 993

Back to Service Templates categories

505
 APPENDIX A: PLUGINS & CHECK COMMANDS
APPENDIX A:
PLUGINS & CHECK
COMMANDS

506
 APPENDIX A: PLUGINS & CHECK COMMANDS
OVERVIEW

This appendix will take you through the tools used by POM’s monitoring system and how they
interlock with each other, in order to let you create and customize, step by step, your own
monitoring tools.

 PLUGINS
Are the basic building blocks of monitoring in the POM system

 CHECK COMMANDS
Define how a plugin is called in a particular context

 HOST MONITORING TEMPLATES

(A.K.A. Host Templates) are used to declare a machine/host that needs to be monitored, using the
fitting check commands

 SERVICE MONITORING TEMPLATES

(A.K.A. Service Templates) are used to declare a service or application we want to monitor, along
with the adequate check commands

OVERVIEW

507
 APPENDIX A: PLUGINS & CHECK COMMANDS
PLUGINS

Plugins are the basic building blocks of monitoring in the POM system
They are compiled executables or scripts (Perl, shell, etc.) that do the basic work of checking the
status of a service or host and returning the result.
As such, they bear a formatted name of the form check_xxx, where “xxx” is usually an explicit
short name for the check that will be performed by the plugin (e.g.: check_imap or check_ssh).

Note: to instantly distinguish between plugins and the corresponding check commands, take notice of
the separation characters used in the filenames:

 _ (underscore) is used in plugins names

 - (dash) is used in commands names

Example, to check a device called “MacGuffin”:

 The plugin filename will be check_macguffin (with an underscore _ )
 The command name will be check-macguffin (with a dash - )
 The command definition file name will be [Link]

HELP ON PLUGINS
Most plugins come with a help page, that you can display by launching the plugin with the
argument --help or simply -h
The help page will usually give you information on the plugin version, author and maintainer, an
exhaustive list of available options and some usage examples.

PLUGINS

509
POMCC: CLI LAUNCHED BY NAGIOS/NAEMON FOR A SERVICE

To know which command is used for a service on an equipment, the command pomcc will be very
useful to you.

pomcc usage:
pomcc [-cdrHSDh] [--] HOST [SVC]

HOST: The hostname of the service

SVC: The service to fetch
-c, --command: Show CC name
-l, --line: Show CC line with raw macros
-e, --expanded: Show CC line with macros expanded
-H, --host: Hide alert to tell us we forgot the svc name
-S, --sudo: Add 'sudo -u nagios' before the CLI
-D, --debug: Activate debug
-h, --help: Show this help

Example:
pomcc -S dummy temp
check-snmp-netapp-cluster
$USER2$/check_snmp_netapp_cluster -H '$HOSTADDRESS$' -p $_HOSTBASH_SNMP_PORT$ -P
$_HOSTBASH_SNMP_VERSION$ -C $_HOSTBASH_SNMP_COMMUNITY$ -L $_HOSTBASH_SNMP_SEC_LEVEL$ -U
$_HOSTBASH_SNMP_SEC_NAME$ -a $_HOSTBASH_SNMP_AUTH_PROTOCOL$ -A
$_HOSTBASH_SNMP_AUTH_PASSWORD$ -x $_HOSTBASH_SNMP_PRIV_PROTOCOL$ -X
$_HOSTBASH_SNMP_PRIV_PASSWORD$ -w $_SERVICEBASH_WARNING$ -c $_SERVICEBASH_CRITICAL$ -m
$_SERVICEBASH_MODE$ -e $_SERVICEBASH_RETRY$ -t $_SERVICEBASH_TIMEOUT$
sudo -u nagios /opt/pom/plugins/check_snmp_netapp_cluster -H '[Link]' -p '161' -P
'2c' -C 'public' -L 'authPriv' -U 'admin' -a 'MD5' -A 'pompassword' -x 'DES' -X
'pomsecret' -w $ -c $ -m 'TEMP' -e '2' -t '2'

Name of the plugin used:

check-snmp-netapp-cluster

Reminder of the plugin's arguments

$USER2$/check_snmp_netapp_cluster -H '$HOSTADDRESS$' -p $_HOSTBASH_SNMP_PORT$ -P
$_HOSTBASH_SNMP_VERSION$ -C $_HOSTBASH_SNMP_COMMUNITY$ -L $_HOSTBASH_SNMP_SEC_LEVEL$ -U
$_HOSTBASH_SNMP_SEC_NAME$ -a $_HOSTBASH_SNMP_AUTH_PROTOCOL$ -A
$_HOSTBASH_SNMP_AUTH_PASSWORD$ -x $_HOSTBASH_SNMP_PRIV_PROTOCOL$ -X
$_HOSTBASH_SNMP_PRIV_PASSWORD$ -w $_SERVICEBASH_WARNING$ -c $_SERVICEBASH_CRITICAL$ -m
$_SERVICEBASH_MODE$ -e $_SERVICEBASH_RETRY$ -t $_SERVICEBASH_TIMEOUT$

Command executed by POM

sudo -u nagios /opt/pom/plugins/check_snmp_netapp_cluster -H '[Link]' -p '161' -P
'2c' -C 'public' -L 'authPriv' -U 'admin' -a 'MD5' -A 'pompassword' -x 'DES' -X
'pomsecret' -w $ -c $ -m 'TEMP' -e '2' -t '2'

510
 APPENDIX A: PLUGINS & CHECK COMMANDS
LOCATION OF PLUGINS IN THE POM SYSTEM

The various plugins used by POM are installed in three separate directories, depending on their
respective origin.

USER1: Plugins installed by POM – developed by the Nagios Team

/usr/lib64/nagios/plugins

(Plugins installed by POM – developed by the Nagios community)

/usr/lib64/nagios/plugins/contrib

USER2: Plugins installed by POM - developed or customized by POM MonitoringTM

/opt/pom/plugins

USER3: User-specific custom plugins installed by the user or POM integrator

/etc/pom/local/plugins

(User-specific custom scenarios)

/etc/pom/scenarios

These directories are specified in the /etc/nagios/[Link] file when configuring POM,
and can be used in check commands with the macros $USER1$, $USER2$ and $USER3$
[admin@pom ~]$ cat /etc/nagios/[Link]
$USER1$=/usr/lib64/nagios/plugins
$USER2$=/opt/pom/plugins
$USER3$=/etc/pom/local/plugins
$USER4$=/etc/pom/scenarios

PLUGINS
$USER8$=!
$USER9$=;

511
ADDING & CREATING PLUGINS

DEDICATED DIRECTORY
Any plugin you add to POM should be installed in the dedicated directory, corresponding to the
macro $USER3$ ( located by default at /etc/pom/local/plugins ). Plugins in this directory
should also be executable by any user.

To add a pre-existing plugin to your POM system:

 Simply download it from the Web and install it in the proper directory

To create a new plugin dedicated to your specific usage of POM:

 Go to the proper directory
[admin@pom-srv ~]$ cd /etc/pom/local/plugins
 Create the plugin script file using, for example, the vim editor
[admin@pom-srv plugins]$ vim check_newplugin

HELP ON DOWNLOADED PLUGINS

Most plugins available online come with a help page, that you can display by running the plugin
with the argument --help or simply -h

TEST OF CREATED PLUGINS

Once you created your new plugin, it is good practice, before you make POM run it automatically,
to test the script. To do so:
 Go to the plugin directory
[admin@pom-srv ~]$ cd /etc/pom/local/plugins
 Run the script to ensure results are as expected
[admin@pom-srv plugins]$ ./check_newplugin
OK: everything is fine !
 Alternatively, run the script as user nagios
su – nagios –c "etc/pom/local/plugins/check_newplugin"

512
 APPENDIX A: PLUGINS & CHECK COMMANDS
USING A PLUGIN

EXAMPLE OF USE: CHECK_SNMP_PERFDATA

This plugin is rather powerful and complex. Using it as an example will then give you a thorough
idea of how to use plugins in the command line.
Adjusting options for the check_snmp_perfdata plugin will help you manage how perfdata is
displayed (you typically see this information in the status information column of the Events tab in
your POM interface).

Detailed process when using the plugin

As noted in the lists in the following pages, the check_snmp_perfdata plugin is stored in the
directory /opt/pom/plugins/

First of all, to know the available commands for the plugin, run it with the option -h (help)
[root@pomsrv ~]# /opt/pom/plugins/check_snmp_perfdata -h

You will see that a host (argument -H) and an OID (argument -o) are required.
If we want to check, for example, the host [Link] and the OID .[Link].[Link].[Link], we use
the following command:
[root@pomsrv ~]# /opt/pom/plugins/check_snmp_perfdata -H [Link] -o
".[Link].[Link].[Link]"
SNMP OK: snmp: 3.72M|'snmp'=3729134;;;;

PLUGINS
This command line is equivalent to the following use of a template in the spreadsheet file:
In the HOSTS section (the whole HOSTS section configuration will be implicit in following examples)
SITE TEMPLATE IP NAME
MYSITE LINUX [Link] srv01

In the SERVICES section: SNMP service template (these columns will be implicit in following examples)
HOSTNAME TEMPLATE NAME OID
srv01 SNMP SNMP [Link].[Link].[Link]

Our OID corresponds to a subtree rather than a branch, and contains labels, disk names, values,
etc... To better use the plugin, we therefore:
 use the option --subtree 1 that will specify our OID is a subtree
 define an SNMP version (argument -P) and a community (argument -C)
[root@pomsrv ~]# /opt/pom/plugins/check_snmp_perfdata -H [Link] -o
".[Link].[Link].3.1.6" -P 2C -C public --subtree 1
SNMP OK: snmp_1: 3.72M, snmp_2: 2.13M, snmp_3: 18.87k, snmp_4:
8.09k|'snmp_1'=3729166;;;; 'snmp_2'=2138833;;;; 'snmp_3'=18876;;;; 'snmp_4'=8093;;;;
Spreasheet file equivalent for the subtree option in a SERVICES section:
... SUBTREE
... 1

513
The result is not easily readable, because the labels used are generic. We add to our command the
labels OID with the argument --label-oid:
[root@pomsrv ~]# /opt/pom/plugins/check_snmp_perfdata -H [Link] -o
".[Link].[Link].3.1.6" -P 2C -C public --subtree 1 --label-oid
".[Link].[Link].3.1.3"
SNMP OK: C:\\ Label: Serial Number e8b54908: 3.72M, D:\\ Label:ENU Serial Number
43c5e6b9: 2.13M, Virtual Memory: 18.87k, Physical Memory: 8.09k|'C:\\ Label: Serial
Number e8b54908'=3729166;;;; 'D:\\ Label:ENU Serial Number 43c5e6b9'=2138833;;;;
'Virtual Memory'=18875;;;; 'Physical Memory'=8098;;;;
Spreadsheet file equivalent:
... LABEL-OID
... [Link].[Link].[Link]

We are only interested in the "Physical Memory" and "Virtual Memory" informations. We add a filter
to our command, using the argument -i, that supports wilcards like *:
[root@pomsrv ~]# /opt/pom/plugins/check_snmp_perfdata -H [Link] -o
".[Link].[Link].3.1.6" -P 2C -C public --subtree 1 --label-oid
".[Link].[Link].3.1.3" -i "*Memory"
SNMP OK: Virtual Memory: 18.92k, Physical Memory: 8.12k|'Virtual Memory'=18920;;;;
'Physical Memory'=8123;;;;
Spreadsheet file equivalent:
... MATCH_INDEX
... *Memory

The values are not displayed in the correct unit. We add the argument --mult-oid which will
point to the multiplicators table OID:
[root@pomsrv ~]# /opt/pom/plugins/check_snmp_perfdata -H [Link] -o
".[Link].[Link].3.1.6" -C public -P 2C --subtree 1 --label-oid
".[Link].[Link].3.1.3" -i "*Memory" --mult-oid ".[Link].[Link].3.1.4"
SNMP OK: Virtual Memory: 1.23G, Physical Memory: 532.15M|'Virtual Memory'=1239351296;;;;
'Physical Memory'=532152320;;;;
Spreadsheet file equivalent:
... MULT-OID
... [Link].[Link].3.1.4

We also want to display unit names. As we are looking at Bytes, we add the argument --uom B:
[root@pomsrv ~]# /opt/pom/plugins/check_snmp_perfdata -H [Link] -o
".[Link].[Link].3.1.6" -C public -P 2C --subtree 1 --label-oid
".[Link].[Link].3.1.3" -i "*Memory" --mult-oid ".[Link].[Link].3.1.4" --uom 'B'
SNMP OK: Virtual Memory: 1.23GB, Physical Memory: 531.36MB|'Virtual
Memory'=1238106112B;;;; 'Physical Memory'=531365888B;;;;
Spreadsheet file equivalent:
... UOM
... B

514
 APPENDIX A: PLUGINS & CHECK COMMANDS
As we are looking at Bytes, the multiplicator will be a binary 1024 rather than the decimal 1000
used by default.
To modify our command accordingly, we use the boolean argument --binary-prefix 1:
[root@pomsrv ~]# /opt/pom/plugins/check_snmp_perfdata -H [Link] -o
".[Link].[Link].3.1.6" -C public -P 2C --subtree 1 --label-oid
".[Link].[Link].3.1.3" -i "*Memory" --mult-oid ".[Link].[Link].3.1.4" --uom 'B' --
binary-prefix 1
SNMP OK: Virtual Memory: 1.15GB, Physical Memory: 504.68MB|'Virtual
Memory'=1236598784B;;;; 'Physical Memory'=529203200B;;;;
Spreadsheet file equivalent:
... BINARY-PREFIX
... 1

We also would like to display our values as percentages. For these percentages to be correctly
calculated, we add the maximum values OID, using the argument --max-oid:
[root@pomsrv ~]# /opt/pom/plugins/check_snmp_perfdata -H [Link] -o
".[Link].[Link].3.1.6" -C public -P 2C --subtree 1 --label-oid
".[Link].[Link].3.1.3" -i "*Memory" --mult-oid ".[Link].[Link].3.1.4" --uom 'B' --
binary-prefix 1 --max-oid ".[Link].[Link].3.1.5"
SNMP OK: Virtual Memory: 1.15GB (57.71%), Physical Memory: 506.81MB (49.52%)|'Virtual
Memory'=1239154688B;;;;2146893824 'Physical Memory'=531431424B;;;;1073152000
Spreadsheet file equivalent:
... MAX-OID
... [Link].[Link].3.1.5

PLUGINS
Our thresholds are displayed as "multi"-type values. In the result of our check, the first value stands
for virtual memory, and the second one stands for physical memory.
We can define different thresholds for these two different values by using, for example, the
argument -w '50%,55%' (WARNING threshold is 50% for virtual memory and 55% for physical
memory) and -c '70%,75%'.
[root@pomsrv ~]# /opt/pom/plugins/check_snmp_perfdata -H [Link] -o
".[Link].[Link].3.1.6" -C public -P 2C --subtree 1 --label-oid
".[Link].[Link].3.1.3" -i "*Memory" --mult-oid ".[Link].[Link].3.1.4" --uom 'B' --
binary-prefix 1 --max-oid ".[Link].[Link].3.1.5" -w '50%,55%' -c '70%,75%'
SNMP WARNING: **Virtual Memory: 1.15GB (57.67%)**, Physical Memory: 506.56MB
(49.49%)|'Virtual Memory'=1238237184B;1073446912.00;1502825676.80;;2146893824 'Physical
Memory'=531169280B;536576000.00;751206400.00;;1073152000
Spreadsheet file equivalent:
... WARNING CRITICAL
... 50%,55% 70%,75%

Note: to set global thresholds for our two memory values, we could simply use the -w and -c argument
with only one percentage each, that would then be applied to all corresponding thresholds. As an
example, -w '50%' -c '70%' would set all WARNING thresholds to 50% and all CRITICAL
thresholds to 70%.

515
 Finally, we can replace the default "SNMP" check name at the start of our output line by a more
adequate name, using the argument -n:
[root@pomsrv ~]# /opt/pom/plugins/check_snmp_perfdata -H [Link] -o
".[Link].[Link].3.1.6" -C public -P 2C --subtree 1 --label-oid
".[Link].[Link].3.1.3" -i "*Memory" --mult-oid ".[Link].[Link].3.1.4" --uom 'B' --
binary-prefix 1 --max-oid ".[Link].[Link].3.1.5" -w '50%,55%' -c '70%,75%' -n 'MEM'
MEM WARNING: **Virtual Memory: 1.15GB (57.67%)**, Physical Memory: 506.56MB
(49.49%)|'Virtual Memory'=1238237184B;1073446912.00;1502825676.80;;2146893824 'Physical
Memory'=531169280B;536576000.00;751206400.00;;1073152000
Spreadsheet file equivalent (replacement of previous value for mandatory column NAME):
... NAME
... MEM

Cache ID
POM will create a cache for every plugin command you use. By default, the cache directory name
will be the full command, replacing non-alphanumeric characters with underscores.
If your command is too long, the script will fail due to the unnecessary long directory name.
It is therefore good practice to force POM using a short name for the cache, by adding a cache ID
(argument -I) to your command (here, the ID will be cache):
[root@pomsrv ~]# /opt/pom/plugins/check_snmp_perfdata -H [Link] -o
".[Link].[Link].3.1.6" -C public -P 2C --subtree 1 --label-oid
".[Link].[Link].3.1.3" -i "*Memory" --mult-oid ".[Link].[Link].3.1.4" --uom 'B' --
binary-prefix 1 --max-oid ".[Link].[Link].3.1.5" -w '50%,55%' -c '70%,75%' -n 'MEM'
-I cache
MEM WARNING: **Virtual Memory: 1.15GB (57.67%)**, Physical Memory: 506.56MB
(49.49%)|'Virtual Memory'=1238237184B;1073446912.00;1502825676.80;;2146893824 'Physical
Memory'=531169280B;536576000.00;751206400.00;;1073152000
This option is unused in the spreadsheet file, as a unique OID corresponding to POM is already defined
in the template's check_command

Further improving the output

We used the filter -i to define which information we wanted displayed in the output. Using the
same argument, we can also choose how they will be named in the output.
For example, to display virtual memory as "vmem" and Physical memory as "mem", we use the
syntax -i "Virtual Memory=vmem,Physical Memory=mem":
[root@pomsrv ~]# /opt/pom/plugins/check_snmp_perfdata -H [Link] -o
".[Link].[Link].3.1.6" -C public -P 2C --subtree 1 --label-oid
".[Link].[Link].3.1.3" -i "Virtual Memory=vmem,Physical Memory=mem" --mult-oid
".[Link].[Link].3.1.4" --uom 'B' --binary-prefix 1 --max-oid
".[Link].[Link].3.1.5" -w '50%,55%' -c '70%,75%' -n 'MEM'
MEM WARNING: **vmem: 1.15GB (57.67%)**, mem: 506.56MB
(49.49%)|'vmem'=1238237184B;1073446912.00;1502825676.80;;2146893824
'mem'=531169280B;536576000.00;751206400.00;;1073152000
Spreadsheet file equivalent (replacement of previous value for column MATCH_INDEX):
... MATCH_INDEX
... Virtual Memory=vmem,Physical Memory=mem

Please remember that the examples presented here only apply for very specific and advanced uses of
plugins. The templates we provide are intended to simplify your monitoring as far as possible, by
preventing the manual use of such complex command lines.

 See Monitoring Templates

516
 APPENDIX A: PLUGINS & CHECK COMMANDS
DEFAULT PLUGINS

USER1 PLUGINS – USED BY POM DEFAULT CHECK COMMANDS

They can be found by default in the following directory:
/usr/lib64/nagios/plugins
Unless otherwise specified, relevant info for all these plugins is as follows:
 Version 1.4.16
 Developer Nagios Plugin Development Team
 Maintainer contact nagiosplug-devel@[Link]
Plugin name Check target Additional info Related check commands
check_dhcp DHCP server availability check-dhcp
check-dhcp-offer
check-dhcp-broadcast
check-dhcp-offer-broadcast
check_dig DNS service (via dig) check-dig
check-dig-expect
check_disk_smb SMB disk usage Dev. by Michael Anthon, check-disk-smb
Karl DeBisschop check-disk-smb-auth
check_dummy Basic state info check-echo
check-echo-arg
check-host-nomon
check-undefined
freshness-too-old
check_ftp FTP connectivity check-ftp
check-ftp-ssl
check_http HTTP & HTTPS services check-http
check-http-auth

PLUGINS
check-http-auth-expect
check-http-auth-expect-vhost
check-http-auth-expect-vhost-only
check-http-auth-vhost
check-http-auth-vhost-only
check-http-expect
check-http-expect-vhost
check-http-expect-vhost-only
check-https check-https-auth
check-https-auth-expect
check-https-auth-expect-vhost
check-https-auth-expect-vhost-only
check-https-auth-vhost
check-https-auth-vhost-only
check-https-expect
check-https-expect-return
check-https-expect-vhost
check-https-expect-vhost-only
check-https-hdr
check-https-vhost
check-https-vhost-only
check-http-vhost
check-http-vhost-only
check-http-x509
check-http-x509-vhost
check-http-x509-vhost-only
check-http-x509-vhost-proxy
check-http-x509-vhost-proxy-auth

517
Plugin name Check target Additional info Related check commands
check_imap IMAP connectivity check-imap
check-imap-ssl
check_jmx4perl JMX attribute values on check-jmx
remote Java server check-jmx-alias
check-jmx-alias-base
check-jmx-args
check-jmx-auth
check-jmx-auth-args
check-jmx-mbean-attr-string
check-jmx-mbean-attr-string-path
check-jmx-mbean-attr-unit
check-jmx-mbean-attr-unit-delta
check_ldap LDAP check-ldap
check-ldap-auth
check-ldap-auth-ssl
check-ldap-auth-tls
check-ldap-ssl
check-ldap-tls
check_nrpe NRPE v2.15 check-nrpe
Dev. by Ethan Galstad check-nrpe-args
check-nrpe-args-nossl
check-nrpe-daemon
check-nrpe-nossl
check-nrpe-wc
check-nrpe-wca
check-nrpe-wca-nossl
check-nrpe-wc-nossl
check_ntp_peer NTP server check-ntp-peer
check_ntp_time NTP clock offset check-ntp-time
check_openmanage Dell server (via OpenManage) v3.7.12 check-snmp-openmanage
Dev. by T.H. Amundsen check-snmp-openmanage-only
[Link]@[Link] check-snmp-openmanage-temp
check_ping Connectivity with remote host check-ping
check-ping-address
check_pop POP connectivity check-pop
check-pop-ssl
check_radius RADIUS server connectivity check-radius
check_smtp SMTP connectivity check-smtp
check-smtp-auth
check-smtp-auth-tls
check-smtp-tls
check_snmp Status & info of remote host check-snmp-generic
(via SNMP) check-snmp-hpfan
check_ssh SSH server connectivity check-ssh
check-ssh-version
check_tcp TCP connectivity check-tcp
check-tcp-expect
check-tcp-expectquit
check-tcp-quit
check-tcp-sendexpect
check-tcp-sendexpectquit

518
 APPENDIX A: PLUGINS & CHECK COMMANDS
USER1 PLUGINS – UNUSED BY POM DEFAULT CHECK COMMANDS
The following plugins, although installed by default on your POM system, are not used by POM’s
default check commands. You can choose to call them when creating a new check command, using
the macro $USER1$.
 See Adding & Creating a New Check Command

NPDT plugins
/usr/lib64/nagios/plugins
Like plugins in the previous table, relevant info for all these plugins is as follows:
 Version 1.4.16
 Developer Nagios Plugin Development Team
 Maintainer contact nagiosplug-devel@[Link]
NPDT plugins check_hpjd check_mysql check_real
check_apt check_icmp check_mysql_query check_rpc
check_breeze check_ide_smart check_nagios check_sensors
check_by_ssh check_ifoperstatus check_nntp check_simap
check_clamd check_ifstatus check_nntps check_spop
check_cluster check_ircd check_nt check_ssmtp
check_disk check_jabber check_ntp check_swap
check_dns check_load check_nwstat check_time
check_file_age check_log check_oracle check_udp
check_flexlm check_mailq check_overcr check_ups
check_fping check_mrtg check_pgsql check_users
check_game check_mrtgtraf check_procs check_wave

Contribution plugins

PLUGINS
/usr/lib64/nagios/plugins/contrib
These plugins have been developed by the Nagios community. To get info on each plugin, simply
run it with the --help or -h (help) argument:
Contribution plugins check_ica_master_browser.pl check_oracle_tbs
check_adptraid.sh check_ica_metaframe_pub_apps.pl check_pcpmetric.py
check_apache.pl check_ica_program_neigbourhood.pl check_pcpmetric.pyc
check_apc_ups.pl check_inodes-[Link] check_pfstate
check_appletalk.pl check_inodes.pl check_qmailq.pl
check_arping.pl check_javaproc.pl check_remote_nagios_status.pl
check_asterisk.pl check_joy.sh check_rrd_data.pl
check_axis.sh check_linux_raid.pl check_sap.sh
check_backup.pl check_lmmon.pl check_smart.pl
check_bgpstate.pl check_log2.pl check_smb.sh
check_breeze.pl check_lotus.pl check_snmp_disk_monitor.pl
check_cluster check_maxchannels.pl check_snmp_printer.pl
check_cluster2 check_maxwanstate.pl check_snmp_process_monitor.pl
check_compaq_insight.pl check_mem.pl check_snmp_procs.pl
check_digitemp.pl check_ms_spooler.pl check_sockets.pl
check_dlswcircuit.pl check_mssql.sh check_temp_cpq
check_dns_random.pl check_nagios.pl check_temp_fsc
check_email_loop.pl check_nagios_db.pl check_timeout
check_fan_cpq_present check_nagios_db_pg.pl check_traceroute-pure_perl.pl
check_fan_fsc_present check_netapp.pl check_traceroute.pl
check_flexlm.pl check_nmap.py check_vcs.pl
check_frontpage check_nmap.pyc check_wave.pl
check_hprsc.pl check_ora_table_space.pl check_wins.pl
check_hw.sh check_oracle_instance.pl

519
 APPENDIX A: PLUGINS & CHECK COMMANDS
USER2 PLUGINS – USED BY POM DEFAULT CHECK COMMANDS
These are the plugins specifically developed and/or customized by POM MonitoringTM, that are
used by POM’s default check commands.
You can also call them when creating a new check command, using the macro $USER2$.
 See Adding & Creating a New Check Command
By default, they can be found in the following directory:
/opt/pom/plugins
Unless otherwise specified, relevant info for all these plugins is as follows:
 Version 1.0
 Developed by POM MonitoringTM
 Maintainer contact cpeuvrel@[Link]
Plugin name Check target Add. info Related check commands
check_as400 IBM AS/400 server check-as400
check-as400-option
check-as400-sbs-name
check-as400-wc
check_bw_wsmb.sh Download (via smbclient) check-bw-smb
check_curl HTTP return codes & statistics check-curl
check-curl-hostname
check-curl-proxy
check_db2_health DB2 database ConSol Labs check-db2
check_event EVENT service state check-event
check_filecount Number of files in directory check-filecount
check_ftp_age File age (via FTP) check-ftp-age
check-ftp-age-auth
check_google_analytics Google Analytics info check-google-analytics
check_host Host reachability check-host
check_hpasm HP Proliant server v4.6.3.2 check-snmp-hpasm
ConSol Labs
check_http_hp_p2000 HP P2000 array health check-http-hp-p2000
check_livestatus_freshness Freshness of host/service check-livestatus-freshness-host
check-livestatus-freshness-svc

PLUGINS
check_meta_cause Services state check-meta-cause
(via Mklivestatus) handler-meta
check_mssql_health MSSQL database health ConSol Labs check-mssql
check-mssql-db
check-mssql-query
check_mssql_replmon MSSQL db replication monitor check-mssql-replmon
check-mssql-replmon-self
check_mysql_health MySQL database health ConSol Labs check-mysql
check-mysql-query
check_nagios_health Nagios platform health check-nagios-health
check_netapp3.pl NetApp system status v3.0 check-snmp-netapp
James Beal
check_office365 Office 365 connectivity check-office365
check_oracle_health Oracle database health ConSol Labs check-oracle-health
check-oracle-health-noarg
check-oracle-health-re
check-oracle-health-tnsping
check_oracle_mem Oracle db memory usage check-oracle-mem
check_oracle_sid Oracle database system ID check-oracle-sid
check_oracle_tb Oracle database table check-oracle-tb
check_pom_discovery POM Discovery tool state check-pom-discovery

520
 APPENDIX A: PLUGINS & CHECK COMMANDS
Plugin name Check target Add. info Related check commands
check_pom_license POM license validity check-pom-license
check_pomklive Services state (via pomklive) check-pomklive
check_postgres PostgreSQL database health v2.21.0 check-postgresql
Bucardo check-postgresql-c
check-postgresql-w
check-postgresql-wc
check-postgresql-wc-query
check-postgresql-wc-queryname
check_replay Replay a service current status check-replay
check_scenario Web scenario check-scenario-user
check-scenario-user-nohost
check_sftp SFTP check-sftp
check_smb_dir SMB directory check-smb-dir
check_smb_robocopy SMB robocopy check-smb-robocopy
check_smtp_receive SMTP reception statistics check-smtp-receive
check_snmp_alcatel_pbx Alcatel PBX phone status check-snmp-alcatel-pbx
(via SNMP)
check_snmp_alive SNMP description v0.4 check-snmp-alive
check_snmp_aloha Aloha load balancer state check-snmp-aloha
(via SNMP)
check_snmp_aruba Aruba access points users check-snmp-aruba
number (via SNMP)
check_snmp_barracuda_disk Barracuda firewall disk usage check-snmp-barracuda-disk
(via SNMP)
check_snmp_barracuda_hardware Barracuda firewall hardware check-snmp-barracuda-hardware
info (via SNMP)
check_snmp_barracuda_latency Barracuda firewall average check-snmp-barracuda-latency
email latency (via SNMP)
check_snmp_barracuda_messages Barracuda firewall messages check-snmp-barracuda-messages
statistics (via SNMP)
check_snmp_barracuda_queue Barracuda firewall queued check-snmp-barracuda-queue

PLUGINS
messages number (via SNMP)
check_snmp_bgp BGP state (via SNMP) check-snmp-bgp
check_snmp_bluecoat_attack Bluecoat proxy attack check-snmp-bluecoat-attack
(via SNMP)
check_snmp_ccmhistory CCM history (via SNMP) check-snmp-ccmhistory
check_snmp_checkpoint Checkpoint firewall status check-snmp-checkpoint
(via SNMP)
check_snmp_ciscochassis Cisco Chassis status check-snmp-ciscochassis
(via SNMP)
check_snmp_colubris_device_load Colubris network device load check-snmp-colubris-device-load
(via SNMP)
check_snmp_counter Network protocols usage check-snmp-counter
(via SNMP)
check_snmp_cpu CPU usage (via SNMP) check-snmp-cpu
check_snmp_cpu_linux CPU usage on Linux host check-snmp-cpu-linux
(via SNMP)
check_snmp_date Host date (via SNMP) check-snmp-date
check_snmp_disk Disk usage (via SNMP) v0.1 check-snmp-disk
check_snmp_disk_io Disk IO info (via SNMP) check-snmp-disk-io
check_snmp_hwg hwgroup device info check-snmp-hwg
(via SNMP)
check_snmp_ibm_bladecenter IBM Bladecenter status v1.0 check-snmp-ibm-bladecenter
(via SNMP) Eric Schultz
check_snmp_iface Network usage (via SNMP) check-snmp-iface
check-snmp-iface-via
check_snmp_iferror Network errors number check-snmp-iferror
(via SNMP)
check_snmp_juniper Juniper network switch status check-snmp-juniper

521
Plugin name Check target Add. info Related check commands
(via SNMP)
check_snmp_load CPU load (via SNMP) check-snmp-load
check_snmp_loop Loop detection alert check-snmp-loop
(via SNMP)
check_snmp_mem Memory usage (via SNMP) check-snmp-mem
check_snmp_nb_process Number of running processes check-snmp-nb-process
(via SNMP)
check_snmp_netscaler Citrix NetScaler gateway check-snmp-netscaler
status (via SNMP)
check_snmp_netscaler_counter Citrix NetScaler gateway check-snmp-netscaler-counter
statistics (via SNMP)
check_snmp_netscaler_hardware Citrix NetScaler gateway check-snmp-netscaler-hardware
hardware info (via SNMP)
check_snmp_palo_alto_hardware Palo Alto firewall hardware check-snmp-palo-alto-hardware
info (via SNMP)
check_snmp_palo_alto_netstats Palo Alto firewall network check-snmp-palo-alto-netstats
statistics (via SNMP)
check_snmp_perfdata Perfdata (via SNMP) check-snmp-perfdata
check_snmp_printer_paper Printer paper state (via SNMP) check-snmp-printer-paper
check_snmp_printer_toner Printer toner state (via SNMP) check-snmp-printer-toner
check_snmp_qnap_disk QNAP NAS disk usage check-snmp-qnap-disk
(via SNMP)
check_snmp_qnap_fan QNAP NAS fan info (via SNMP) check-snmp-qnap-fan
check_snmp_qos Quality of service (via SNMP) check-snmp-qos
check_snmp_rip RIP router state (via SNMP) check-snmp-rip
check_snmp_riverbed Riverbed state (via SNMP) check-snmp-riverbed
check_snmp_scangaule Scangaule state (via SNMP) check-snmp-scangaule
check_snmp_sla Service level agreement info check-snmp-sla
(via SNMP)
check_snmp_stonegate Stonegate firewall state check-snmp-stonegate
(via SNMP)
check_snmp_stonegate_cluster Stonegate firewall cluster check-snmp-stonegate-cluster
state (via SNMP)
check_snmp_svc Service state and number of check-snmp-proc
instances (via SNMP) check-snmp-svc
check_snmp_synology Synology NAS info (via SNMP) check-snmp-synology
check_snmp_ups UPS state (via SNMP) check-snmp-ups-apc
check_snmp_ups_apc_galaxy APC Galaxy UPS state check-snmp-ups-apc-galaxy
(via SNMP)
check_snmp_ups_hp HP UPS state (via SNMP) check-snmp-ups-hp
check_snmp_uptime Uptime (via SNMP) check-snmp-uptime
check_snmp_vip Real IP address of a node check-snmp-vip
behind Virtual IP (via SNMP)
check_ssh_date System date (via SSH) check-ssh-date
check_ssh_disk Disk usage (via SSH) check-ssh-disk
check_ssh_errpt Error report (via SSH) check-ssh-errpt
check_ssh_ibm_san IBM SAN info (via SSH) check-ssh-ibm-san
check_ssh_load Load average (via SSH) check-ssh-load
check_ssh_lpstat AIX spool statistics (via SSH) check-ssh-lpstat
check_ssh_mem Memory usage (via SSH) check-ssh-mem
check-ssh-swap
check_ssh_nb_process Number of running processes check-ssh-nb-process
(via SSH)
check_ssh_process_age Process age (via SSH) check-ssh-process-age
check_ssh_svc Service state and number of check-ssh-svc
instances (via SSH)
check_ssh_uptime Uptime (via SSH) check-ssh-uptime
check_vmware_api.pl VMWare API status v0.7.0 check-esxcl-config
op5 check-esxcl-cpu

522
 APPENDIX A: PLUGINS & CHECK COMMANDS
Plugin name Check target Add. info Related check commands
check-esxcl-mem
check_vmware_esx_cpu Commands for HOST check-esx-cpu
check_vmware_esx_mem Commands for HOST check-esx-mem
check_vmware_esx_vmfs Commands for HOST check-esx-vmfs
check_vmware_esx_io Commands for HOST check-esx-io
check_vmware_esx_net Commands for HOST check-esx-net
check_vmware_esx_config Commands for HOST check-esx-config
check_vmware_esx_clock Commands for HOST check-esx-clock
check_vmware_esx_uptime Commands for HOST check-esx-uptime
check_vmware_esx_svc Commands for HOST check-esx-svc
check_vmware_esxdc_cpu Commands for DC/VCENTER check-esxdc-cpu
check_vmware_esxdc_mem Commands for DC/VCENTER check-esxdc-mem
check_vmware_esxdc_vmfs Commands for DC/VCENTER check-esxdc-vmfs
check_vmware_esxdc_io Commands for DC/VCENTER check-esxdc-io
check_vmware_esxdc_config Commands for DC/VCENTER check-esxdc-config
check_vmware_snapshots.pl VMWare snapshots info v0.13 check-esx-snapshots
ConSol Labs
check_wbem_alive State (via WBEM) check-wbem-alive
check_wbem_clock Clock offset (via WBEM) check-wbem-clock
check_wbem_cpu CPU state (via WBEM) check-wbem-cpu
check_wbem_disk Disk usage (via WBEM) check-wbem-disk
check_wbem_job Job state (via WBEM) check-wbem-job
check_wbem_nb_job Jobs number (via WBEM) check-wbem-nb-job
check_wbem_network Network usage (via WBEM) check-wbem-network
check_wbem_sbs SBS state (via WBEM) check-wbem-sbs
check_wbem_uptime Uptime (via WBEM) check-wbem-uptime
check_winexe Windows server application check-winexe
check_winexe_cmd Windows server commands check-winexe-cmd
check_winexe_replsum Windows server replication check-winexe-replsum
summary

PLUGINS
check_winexe_updates Windows server updates info check-winexe-updates
check_wmi_clock Clock offset (via WMI) check-wmi-clock
check_wmi_cpu CPU state (via WMI) check-wmi-cpu
check_wmi_ctxlic Citrix license info (via WMI) check-wmi-ctxlic
check_wmi_ctxsess Citrix session info (via WMI) check-wmi-ctxsess
check_wmi_disk Disk usage (via WMI) check-wmi-disk
check_wmi_hyperv Hyper-V virtualization state check-wmi-hyperv
(via WMI)
check_wmi_mem Memory usage (via WMI) check-wmi-mem
check_wmi_nb_process Number of running processes check-wmi-nb-process
(via WMI)
check_wmi_network Network usage (via WMI) check-wmi-network
check_wmi_proc Number of instances of a check-wmi-proc
process (via WMI)
check_wmi_services Service status (via WMI) check-wmi-services
check_wmi_svc Service state and number of check-wmi-svc
instances (via WMI)
check_wmi_swap Swap usage (via WMI) check-wmi-swap
check_wmi_uptime Uptime (via WMI) check-wmi-uptime
check_wsrpe WSRP service availability check-wsrpe
check-wsrpe-args
check-wsrpe-proxy
check-wsrpe-proxy-args
check_xml_polycom Polycom server status check-xml-polycom

523
USER2 PLUGINS – UNUSED BY POM DEFAULT CHECK COMMANDS
These plugins, specifically developed and/or customized by POM MonitoringTM, are installed by
default on your POM system, but are not used by any of POM’s default check commands. You can
choose to call them when creating a new check command, using the macro $USER2$.
 See Adding & Creating a New Check Command
As plugins in the previous table, they can be found by default in the default directory:
/opt/pom/plugins

Unless otherwise specified, relevant info for all these plugins is as follows:
 Version 1.0
 Developed by POM MonitoringTM
 Maintainer contact cpeuvrel@[Link]
Plugin name Check target Version
check_agent_clock Clock offset (via agent)
check_agent_df Disk usage (via agent)
check_agent_linux_cpu CPU usage on Linux host (via agent)
check_agent_linux_load Load average on Linux host (via agent)
check_agent_linux_mem Memory usage on Linux host (via agent)
check_agent_nb_process Number of running processes (via agent)
check_agent_request_url URL requests (via agent)
check_agent_swap Swap usage (via agent)
check_agent_uptime Uptime (via agent)
check_agent_windows_cpu CPU usage on Windows host (via agent)
check_agent_windows_mem Memory usage on Windows host (via agent)
check_agent_windows_network Network usage on Windows host (via agent)
check_mail_loop.sh Mail loop state
check_mail_loop_imap IMAP mail loop state
check_scenario_lib Web scenario
check_smb_get.sh Download (via smbclient)
check_snmp_asa Cisco ASA firewall state (via SNMP)
check_snmp_disk_hrmp Disk HRMP info (via SNMP)
check_snmp_netscaler_cluster Citrix NetScaler gateway cluster state (via SNMP)
check_snmp_raid RAID array state (via SNMP)
check_snmp_sensors Sensor state (via SNMP)
check_snmp_sonicwall_conn SonicWALL VPN connectivity (via SNMP)
check_snmp_sonicwall_vpn SonicWALL VPN state (via SNMP)
check_ssh_backup_arkeia Arkeia backup device status (via SSH) 0.1
check_ssh_zimbra Zimbra mail service zmcontrol status (via SSH)
check_ssh_zombie Zombie processes number (via SSH)
check_vmware_perfcounter.pl VMWare performance statistics
check_wmi WMI info
check_wmi_dc_sync Domain controllers synchronization (via WMI)
check_wmi_scheduled_job Scheduled jobs execution state (via WMI)

524
 APPENDIX A: PLUGINS & CHECK COMMANDS
ADDITIONAL PLUGINS SPECIFIC PROCEDURES

CHECK_SAP_HEALTH PLUGIN
check_sap_health is a plugin created by ConSol Labs. You can download it and find its complete
documentation (in German) on this web page. Before using it, you will need to install the SAP
NetWeaver (SAPNW) Perl module on your SAP server, by performing the few following tasks.

Plugin compilation
After downloading the plugin onto your POM server, you first need to compile it, with the
following command:
tar zxf check_sap_health...[Link] ; cd check_sap_health... ; ./configure ; make

Plugin installation
Once the plugin is compiled, simply copy it to your user-specific plugins directory:
cp plugins-scripts/check_sap_health /etc/pom/local/plugins/check_sap_health

SAPNW module installation – Linux/Unix SAP server

If your SAP platform is installed on a Linux/Unix server, you will need to install sapnwrfc in
order to compile the SAPNW Perl library.

Note: to perform this task, you will need a valid S-user account at [Link]

PLUGINS
The installation procedure for sapnwrfc can be found here, and its SDKcan be downloaded from
this page. Further information on how tu use sapnwrfc can be found on this documentation page.
Once the library is compiled, install it on your POM server for the check_sap_health plugin to
use it and function properly.

SAPNW module installation – Windows SAP server

For SAP platforms installed on a Windows server, use the latest SAPNW RFC module available on
this web page.

525
 APPENDIX A: PLUGINS & CHECK COMMANDS
CHECK COMMANDS

Check commands define how a plugin is called in a particular context.

A check command associates a name and a set of parameters to a plugin (the executable program
that actually does the check). The plugin must return the values 0, 1, 2 or 3, which are interpreted
by POM as OK, WARNING, CRITICAL and UNKNOWN states, respectively.
POM processes a check command from the spreadsheet file, usually located in the CC column of
the SERVICES section.
Application parameters are specified by the variables (or macros) indicated in the command
definition:
 Parameters using the format $_SERVICEBASH_USER$, $_SERVICEBASH_PASSWORD$
and $_SERVICEBASH_PARAM$ must map to fields in the spreadsheet file named USER,
PASSWORD and PARAM, respectively.
Notes:
 It is highly recommended to use the macros $USER1$, $USER2$ and $USER3$ to define
the path to the plugins.
 Every new command defined in the web interface generates a command definition file.
 Commands can also be defined in the POM command-line interface (CLI). In this scenario,
the file must be created in the /etc/pom/local/nagios/ directory and must have the
extension .cfg.

POM’s default check commands definition files can be found in the following directory:
/opt/pom/lib/nagios

They bear a formatted filename of the form [Link], where “xxx” is usually
an explicit short name for the kind of check that will be performed.

Reminder: to instantly distinguish between check commands and plugins, take notice of the separation

CHECK COMMANDS
characters used in the filenames:

 - (dash) is used in commands names

 _ (underscore) is used in plugins names

Example, to check a device called “MacGuffin”:

 The plugin filename will be check_macguffin (with an underscore _ )
 The command name will be check-macguffin (with a dash - )
 The command definition file name will be [Link]

527
HELP ON DEFAULT CHECK COMMANDS

The contents of all default commands can be displayed in the Web interface, from the
Configuration menu > Objects > Commands.

528
 APPENDIX A: PLUGINS & CHECK COMMANDS
ADDING & CREATING A NEW CHECK COMMAND

To add a new check command to the collection at your disposal, you can either create a
configuration file manually from a Linux command-line editor, or use the dedicated tool in the
POM web interface to create it automatically. The latter is recommended, as it performs a syntax
check and allows you to easily modify your command later on.

FROM A LINUX/UNIX COMMAND-LINE EDITOR

Note: a manually created command definition file can be used to define more than one check command.

Using an editor such as vim, create a command definition file compliant to the name formatting
used with other commands:
[admin@pom-srv template.d]$ vim [Link]

Contents of the definition file will have to present the following syntax for each command defined:
define command {
command_name check-xxx
command_line $USERn$/check_xxx \
-y $zzz$ \
…
}
Where:
 xxx is an explicit short name for the chosen kind of check target

CHECK COMMANDS
 check_xxx is the plugin file name (plugin has to exist prior to creating the command)
 $USERn$ is the adequate plugin directory (1 or 2 for default plugins, 3 for custom ones)
 y is an available option for the plugin (run the plugin with –h for full list)
 $zzz$ is the corresponding macro
 See plugin options lookup example on next page

529
Example of plugin options lookup:
We want to use the check_disk_smb plugin to monitor disk space using the CIFS protocol. This
plugin is provided with the default plugins package installed in the directory
/usr/lib64/nagios/plugins (corresponding to variable $USER1$).
To create the check command, we must know the options the plugin accepts. For help obtaining
usage information, execute the plugin using ––help or –h on the command line.
/usr/lib64/nagios/plugins/check_disk_smb --help
check_disk_smb v1.4.16 (nagios-plugins 1.4.16)
The nagios plugins come with ABSOLUTELY NO WARRANTY. You may redistribute
copies of the plugins under the terms of the GNU General Public License.
For more information about these matters, see the file named COPYING.
Copyright (c) 2000 Michael Anthon/Karl DeBisschop
Perl Check SMB Disk plugin for Nagios
Usage: check_disk_smb -H <host> -s <share> -u <user> -p <password>
-w <warn> -c <crit> [-W <workgroup>] [-P <port>] [-a <IP>]
-H, --hostname=HOST
NetBIOS name of the server
-s, --share=STRING
Share name to be tested
-W, --workgroup=STRING
Workgroup or Domain used (Defaults to "WORKGROUP")
-a, --address=IP
IP-address of HOST (only necessary if HOST is in another network)
-u, --user=STRING
Username to log in to server. (Defaults to "guest")
-p, --password=STRING
Password to log in to server. (Defaults to an empty password)
-w, --warning=INTEGER or INTEGER[kMG]
Percent of used space at which a warning will be generated (Default: 85%)
-c, --critical=INTEGER or INTEGER[kMG]
Percent of used space at which a critical will be generated (Defaults: 95%)
-P, --port=INTEGER
Port to be used to connect to. Some Windows boxes use 139, others 445 (Defaults to
smbclient default)
If thresholds are followed by either a k, M, or G then check to see if that
much disk space is available (kilobytes, Megabytes, Gigabytes)
Warning percentage should be less than critical
Warning (remaining) disk space should be greater than critical.
Send email to nagios-users@[Link] if you have questions
regarding use of this software. To submit patches or suggest improvements,
send email to nagiosplug-devel@[Link].
Please include version information with all correspondence (when possible,
use output from the --version option of the plugin itself).

We see that the typical usage is:

check_disk_smb -H <host> -s <share> -u <user> -p <password> -w <warn> -c <crit> \
[-W <workgroup>] [-P <port>] [-a <IP>]

We will therefore use this information to manually run the plugin on a given example and check
that it returns the expected result:
[root@pom ~]# /usr/lib64/nagios/plugins/check_disk_smb -H [Link] \
-u administrator -p ’p@ssw0rd’ -s ’c$’
Disk ok - 157.75G (80%) free on \\[Link]\c$ | \
’c$’=40328232960B;178254354841.6;199225455411.2;0;209711005696

530
 APPENDIX A: PLUGINS & CHECK COMMANDS
FROM THE WEB USER INTERFACE

Go the Configuration menu, then to Objects > Commands.

The interface will display the list of both default and user-created commands

CHECK COMMANDS

531
Click on the Create new command button to launch the command creation wizard.

Directory
The directory where your command definition file will be stored. Default is:
/etc/pom/wui/nagios

File
The name of the command definition file, compliant to the following syntax:
[Link]
Contrary to manually created ones, a command definition file created with the web interface
wizard cannot be used to define several commands. If you try to add a new command to an already
existing definition file, you will get this error message when submitting the command:

Name
The name of the check command itself, compliant to the following syntax:
check-xxx

Command
The definition of your check command, which corresponds to the part between the markup
define command { } in the definition file

532
 APPENDIX A: PLUGINS & CHECK COMMANDS
Macros
The different macros you use in your command will depend on the way you plan to use the
command.
 See Macros used in Default Check Commands
Their names and use are rather self-explanatory, with the exception of the authentication macros
like $_HOSTBASH_USER$ and $_SERVICEBASH_USER$, that may require some clarification:
In the particular case your command needs authentication on the host, you will need to use the
macro $_HOSTBASH_USER$, which stands for the USER column of the HOSTS section.
If the command is to be used in a SERVICES section, you will also need to use the macro
$_SERVICEBASH_USER$. However, in this example, the macro $_SERVICEBASH_USER$ does
not correspond to a USER column in the SERVICES section, since user information will already be
provided by the USER column of the HOSTS section.

Submit
Once you completed all fields, press the Submit button. The wizard will then perform a syntax
check, which comes in handy compared to the manual creation process, where errors may go
unnoticed.
If an error is detected, you will get an error message pinpointing the inadequate element:

CHECK COMMANDS
Reset
Use this button to clear all fields

Once your new command is validated, it will appear in the list of available commands.

REGISTERING THE NEW CHECK COMMAND

To begin using the command in your monitoring process, simply add the corresponding monitoring
point to your spreadsheet file, in the SERVICES section
# HEADER SERVICES HOSTNAME NAME CC
SRV-01 SERVICE check-xxx

 See MONITORING ADMINISTRATION: Spreadsheet File – SERVICES section

533
EDITING/DELETING AN EXISTING CHECK COMMAND

Note: as you will notice in the commands list, only the check commands created by the user can be
edited or deleted. Default commands appear in the list only for information purpose.

EDITING A COMMAND
From the list of available commands, click on the Edit button next to the command you want to
modify. This will lead you to the editing wizard:

Only the Name and Command itself can be edited. Just as in the command creation process,
clicking on the Submit button will pass all fields through a syntax check.

DELETING A COMMAND
From the list of available commands, click on the Delete button next to the command you want
to delete.

534
 APPENDIX A: PLUGINS & CHECK COMMANDS
DEFAULT CHECK COMMANDS

Check command name Plugin used Macros used

check-as400 check_as400 HOSTADDRESS
_HOSTBASH_USER
_HOSTBASH_PASSWORD
_SERVICEBASH_MODE
check-as400-option check_as400 _SERVICEBASH_OPTION
HOSTADDRESS
_HOSTBASH_USER
_HOSTBASH_PASSWORD
_SERVICEBASH_MODE
check-as400-sbs-name check_as400 HOSTADDRESS
_HOSTBASH_USER
_HOSTBASH_PASSWORD
_SERVICEBASH_SBS_NAME
check-as400-wc check_as400 _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTADDRESS
_HOSTBASH_USER
_HOSTBASH_PASSWORD
_SERVICEBASH_MODE
check-bw-smb check_bw_wsmb.sh _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
HOSTADDRESS
_SERVICEBASH_SHARE
check-curl check_curl _SERVICEBASH_URL
_SERVICEBASH_VHOST
_SERVICEBASH_USER

CHECK COMMANDS
_SERVICEBASH_PASSWORD
_SERVICEBASH_AUTH
_SERVICEBASH_RETURN
_SERVICEBASH_FOLLOW
_SERVICEBASH_PROXY
_SERVICEBASH_PROXY_PORT
_SERVICEBASH_PROXY_USER
_SERVICEBASH_WARNING
_SERVICEBASH_PROXY_PASSWORD
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
_SERVICEBASH_SIZE_MIN
_SERVICEBASH_AGENT
_SERVICEBASH_SIZE_MAX
check-curl-hostname check_curl HOSTADDRESS
_SERVICEBASH_URL
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_AUTH
_SERVICEBASH_RETURN
_SERVICEBASH_FOLLOW
_SERVICEBASH_PROXY
_SERVICEBASH_PROXY_PORT
_SERVICEBASH_PROXY_USER
_SERVICEBASH_WARNING
_SERVICEBASH_PROXY_PASSWORD
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
_SERVICEBASH_SIZE_MIN
_SERVICEBASH_AGENT
_SERVICEBASH_SIZE_MAX

535
Check command name Plugin used Macros used
check-curl-proxy check_curl _SERVICEBASH_PROXY_AUTH
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_URL
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_AUTH
_SERVICEBASH_RETURN
_SERVICEBASH_FOLLOW
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_AGENT
_SERVICEBASH_PORT
_SERVICEBASH_PROXY_USER
_SERVICEBASH_PROXY_PASSWORD
check-db2 check_db2_health _SERVICEBASH_PASSWORD
_SERVICEBASH_MODE
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_DATABASE
_SERVICEBASH_USER
check-dhcp check_dhcp HOSTADDRESS
_SERVICEBASH_MAC
_SERVICEBASH_IFACE
_SERVICEBASH_TIMEOUT
check-dhcp-broadcast check_dhcp HOSTADDRESS
_SERVICEBASH_MAC
_SERVICEBASH_IFACE
_SERVICEBASH_TIMEOUT
check-dhcp-offer check_dhcp _SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_MAC
_SERVICEBASH_IFACE
_SERVICEBASH_OFFER_IP
check-dhcp-offer-broadcast check_dhcp _SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_MAC
_SERVICEBASH_IFACE
_SERVICEBASH_OFFER_IP
check-dig check_dig _SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_REQUEST
_SERVICEBASH_TYPE
_SERVICEBASH_WARNING
check-dig-expect check_dig _SERVICEBASH_CRITICAL
_SERVICEBASH_EXPECT
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_REQUEST
_SERVICEBASH_TYPE
_SERVICEBASH_WARNING
check-disk-smb check_disk_smb _SERVICEBASH_SHARE
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTADDRESS
_HOSTBASH_MS_USER
_HOSTBASH_MS_PASSWORD
_SERVICEBASH_PORT

536
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
check-disk-smb-auth check_disk_smb _SERVICEBASH_SHARE
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTADDRESS
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_PORT
check-echo check_dummy _SERVICEBASH_STATUS
_SERVICEBASH_OUTPUT
check-echo-arg check_dummy ARG1
ARG2
check-esxcl-config check_vmware_api.pl _HOSTBASH_ESX_PASSWORD
_SERVICEBASH_TIMEOUT
_SERVICEBASH_EXCLUDE
HOSTNAME
HOSTADDRESS
_SERVICEBASH_CLUSTER
_HOSTBASH_ESX_USER
check-esxcl-cpu check_vmware_api.pl _HOSTBASH_ESX_PASSWORD
_SERVICEBASH_TIMEOUT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
HOSTADDRESS
_SERVICEBASH_CLUSTER
_HOSTBASH_ESX_USER
check-esxcl-mem check_vmware_api.pl _HOSTBASH_ESX_PASSWORD
_SERVICEBASH_TIMEOUT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_OPTION
HOSTNAME

CHECK COMMANDS
HOSTADDRESS
_SERVICEBASH_CLUSTER
_HOSTBASH_ESX_USER
check-esx-clock check_vmware_api.pl _HOSTBASH_ESX_PASSWORD
_SERVICEBASH_TIMEOUT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_HOSTBASH_ESX_TARGET
_HOSTBASH_ESX_NAME
_HOSTBASH_ESX_USER
check-esxcl-svc check_vmware_api.pl _HOSTBASH_ESX_PASSWORD
_SERVICEBASH_TIMEOUT
_SERVICEBASH_SERVICE_NAME
HOSTNAME
HOSTADDRESS
_SERVICEBASH_CLUSTER
_HOSTBASH_ESX_USER
check-esx-config check_vmware_api.pl _HOSTBASH_ESX_PASSWORD
_SERVICEBASH_TIMEOUT
_SERVICEBASH_EXCLUDE
HOSTNAME
_HOSTBASH_ESX_TARGET
_HOSTBASH_ESX_NAME
_HOSTBASH_ESX_USER
check-esx-cpu check_vmware_api.pl _HOSTBASH_ESX_PASSWORD
_SERVICEBASH_TIMEOUT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_HOSTBASH_ESX_TARGET

537
Check command name Plugin used Macros used
_HOSTBASH_ESX_NAME
_HOSTBASH_ESX_USER
check-esxdc-config check_vmware_api.pl _SERVICEBASH_TIMEOUT
_SERVICEBASH_EXCLUDE
HOSTNAME
HOSTADDRESS
_HOSTBASH_ESX_USER
_HOSTBASH_ESX_PASSWORD
check-esxdc-cpu check_vmware_api.pl _SERVICEBASH_TIMEOUT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
HOSTADDRESS
_HOSTBASH_ESX_USER
_HOSTBASH_ESX_PASSWORD
check-esxdc-io check_vmware_api.pl _SERVICEBASH_TIMEOUT
_SERVICEKERNEL_WARNING
_SERVICEKERNEL_CRITICAL
_SERVICEDEVICE_WARNING
_SERVICEDEVICE_CRITICAL
_SERVICEQUEUE_WARNING
_SERVICEQUEUE_CRITICAL
HOSTNAME
HOSTADDRESS
_HOSTBASH_ESX_USER
_HOSTBASH_ESX_PASSWORD
check-esxdc-mem check_vmware_api.pl _SERVICEBASH_TIMEOUT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
HOSTADDRESS
_HOSTBASH_ESX_USER
_HOSTBASH_ESX_PASSWORD
check-esxdc-svc check_vmware_api.pl _SERVICEBASH_TIMEOUT
_SERVICEBASH_SERVICE_NAME
HOSTNAME
HOSTADDRESS
_HOSTBASH_ESX_USER
_HOSTBASH_ESX_PASSWORD
check-esxdc-vmfs check_vmware_api.pl _SERVICEBASH_TIMEOUT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_INCLUDE
_SERVICEBASH_EXCLUDE
HOSTNAME
HOSTADDRESS
_HOSTBASH_ESX_USER
_HOSTBASH_ESX_PASSWORD
check-esx-io check_vmware_api.pl _HOSTBASH_ESX_PASSWORD
_SERVICEBASH_TIMEOUT
_SERVICEKERNEL_WARNING
_SERVICEKERNEL_CRITICAL
_SERVICEDEVICE_WARNING
_SERVICEDEVICE_CRITICAL
_SERVICEQUEUE_WARNING
_SERVICEQUEUE_CRITICAL
HOSTNAME
_HOSTBASH_ESX_TARGET
_HOSTBASH_ESX_NAME
_HOSTBASH_ESX_USER
check-esx-mem check_vmware_api.pl _HOSTBASH_ESX_PASSWORD
_SERVICEBASH_TIMEOUT
_SERVICEBASH_WARNING

538
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
_SERVICEBASH_CRITICAL
HOSTNAME
_HOSTBASH_ESX_TARGET
_HOSTBASH_ESX_NAME
_HOSTBASH_ESX_USER
check-esx-net check_vmware_api.pl _HOSTBASH_ESX_PASSWORD
_SERVICEBASH_TIMEOUT
HOSTNAME
_HOSTBASH_ESX_TARGET
_HOSTBASH_ESX_NAME
_HOSTBASH_ESX_USER
check-esx-snapshots check_vmware_snapshots.pl _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_EXCLUDE
_SERVICEBASH_INCLUDE
HOSTADDRESS
_HOSTBASH_ESX_USER
_HOSTBASH_ESX_PASSWORD
_SERVICEBASH_MODE
check-esx-svc check_vmware_api.pl _HOSTBASH_ESX_PASSWORD
_SERVICEBASH_TIMEOUT
_SERVICEBASH_SERVICE_NAME
HOSTNAME
_HOSTBASH_ESX_TARGET
_HOSTBASH_ESX_NAME
_HOSTBASH_ESX_USER
check-esx-uptime check_vmware_api.pl _HOSTBASH_ESX_PASSWORD
_SERVICEBASH_TIMEOUT
_SERVICEBASH_CRITICAL
HOSTNAME
_HOSTBASH_ESX_TARGET
_HOSTBASH_ESX_NAME
_HOSTBASH_ESX_USER

CHECK COMMANDS
check-esxvm-config check_vmware_api.pl _HOSTBASH_ESX_PASSWORD
_SERVICEBASH_TIMEOUT
_SERVICEBASH_EXCLUDE
HOSTNAME
_HOSTBASH_ESX_TARGET
_HOSTBASH_ESX_NAME
_HOSTBASH_ESX_USER
check-esx-vmfs check_vmware_api.pl _HOSTBASH_ESX_PASSWORD
_SERVICEBASH_TIMEOUT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_INCLUDE
_SERVICEBASH_EXCLUDE
HOSTNAME
_HOSTBASH_ESX_TARGET
_HOSTBASH_ESX_NAME
_HOSTBASH_ESX_USER
check-esxvm-tools check_vmware_api.pl _HOSTBASH_ESX_PASSWORD
_SERVICEBASH_TIMEOUT
HOSTNAME
_HOSTBASH_ESX_TARGET
_HOSTBASH_ESX_NAME
_HOSTBASH_ESX_USER
check-event check_event HOSTNAME
check-event-tagged check_event HOSTNAME
_SERVICEBASH_TAG
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-filecount check_filecount _SERVICEBASH_PATH
_SERVICEBASH_FILE_ONLY

539
Check command name Plugin used Macros used
_SERVICEBASH_RECURSIVE
_SERVICEBASH_MODE
check-ftp check_ftp _SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-ftp-age check_ftp_age _SERVICEBASH_EXCLUDE
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
_SERVICEBASH_PROTO
HOSTADDRESS
_SERVICEBASH_PATH
_SERVICEBASH_INCLUDE
check-ftp-age-auth check_ftp_age _SERVICEBASH_PATH
_SERVICEBASH_INCLUDE
_SERVICEBASH_EXCLUDE
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
_SERVICEBASH_PROTO
HOSTADDRESS
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
check-ftp-ssl check_ftp _SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-google-analytics check_google_analytics _SERVICEBASH_UOM
_SERVICEBASH_WEBSITE
_SERVICEBASH_GLOGIN
_SERVICEBASH_GPASSWORD
_SERVICEBASH_METRICS
check-host check_host HOSTADDRESS
_HOSTBASH_TIMEOUT
_HOSTBASH_PACKET
_HOSTBASH_INTERVAL
check-host-nomon check_dummy
check-http check_http _SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_PATH
_SERVICEBASH_METHOD
check-http-auth check_http _SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_AUTH
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_PATH
_SERVICEBASH_METHOD
check-http-auth-expect check_http _SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL

540
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_AUTH
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_PATH
_SERVICEBASH_EXPECT_OUTPUT
check-http-auth-expect-vhost check_http _SERVICEBASH_EXPECT_OUTPUT
_SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_AUTH
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_PATH
check-http-auth-expect-vhost-only check_http _SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_AUTH
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_PATH
_SERVICEBASH_EXPECT_OUTPUT
check-http-auth-vhost check_http _SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING

CHECK COMMANDS
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_AUTH
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_PATH
check-http-auth-vhost-only check_http _SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_AUTH
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_PATH
_SERVICEBASH_METHOD
check-http-expect check_http _SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_PATH
_SERVICEBASH_EXPECT_OUTPUT
check-http-expect-vhost check_http _SERVICEBASH_EXPECT_OUTPUT
_SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW

541
Check command name Plugin used Macros used
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_PATH
check-http-expect-vhost-only check_http _SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_PATH
_SERVICEBASH_EXPECT_OUTPUT
check-http-hp-p2000 check_http_hp_p2000 HOSTADDRESS
_HOSTBASH_USER
_HOSTBASH_PASSWORD
_SERVICEBASH_MODE
check-https check_http _SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_PATH
_SERVICEBASH_METHOD
check-https-auth check_http _SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_AUTH
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_PATH
_SERVICEBASH_METHOD
check-https-auth-expect check_http _SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_AUTH
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_PATH
_SERVICEBASH_EXPECT_OUTPUT
check-https-auth-expect-vhost check_http _SERVICEBASH_EXPECT_OUTPUT
_SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_AUTH
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_VHOST

542
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
_SERVICEBASH_PATH
check-https-auth-expect-vhost-only check_http _SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_AUTH
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_PATH
_SERVICEBASH_EXPECT_OUTPUT
check-https-auth-vhost check_http _SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_AUTH
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_PATH
check-https-auth-vhost-only check_http _SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_AUTH
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_PATH
_SERVICEBASH_METHOD

CHECK COMMANDS
check-https-expect check_http _SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_PATH
_SERVICEBASH_EXPECT_OUTPUT
check-https-expect-return check_http _SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_RETURN
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_PATH
_SERVICEBASH_METHOD
check-https-expect-vhost check_http _SERVICEBASH_EXPECT_OUTPUT
_SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_PATH

543
Check command name Plugin used Macros used
check-https-expect-vhost-only check_http _SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_PATH
_SERVICEBASH_EXPECT_OUTPUT
check-https-hdr check_http _SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
HOSTADDRESS
HOSTADDRESS
_SERVICEBASH_PORT _SERVICEBASH_PATH
check-https-vhost check_http _SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_PATH
check-https-vhost-only check_http _SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_PATH
_SERVICEBASH_METHOD
check-http-vhost check_http _SERVICEBASH_METHOD
_SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_PATH
check-http-vhost-only check_http _SERVICEBASH_FOLLOW
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_AGENT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_PATH
_SERVICEBASH_METHOD
check-http-x509 check_http _SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-http-x509-vhost check_http _SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT

544
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_WARNING
check-http-x509-vhost-only check_http _SERVICEBASH_TIMEOUT
_SERVICEBASH_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-http-x509-vhost-proxy check_http _SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
_SERVICEBASH_PROXY_ADDRESS
_SERVICEBASH_PROXY_PORT
_SERVICEBASH_VHOST
_SERVICEBASH_WARNING
check-http-x509-vhost-proxy-auth check_http _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
_SERVICEBASH_PROXY_ADDRESS
_SERVICEBASH_PROXY_PORT
_SERVICEBASH_PROXY_AUTH
_SERVICEBASH_VHOST
check-imap check_imap _SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-imap-ssl check_imap _SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-jmx check_jmx4perl HOSTADDRESS

CHECK COMMANDS
_SERVICEBASH_PORT
_SERVICEBASH_CONFIG
_SERVICEBASH_CHECK
check-jmx-alias check_jmx4perl _SERVICEBASH_CRITICAL
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_ALIAS
_SERVICEBASH_WARNING
check-jmx-alias-base check_jmx4perl _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_ALIAS
_SERVICEBASH_BASE
check-jmx-args check_jmx4perl _SERVICEARGS
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_CONFIG
_SERVICEBASH_CHECK
check-jmx-auth check_jmx4perl _SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_CONFIG
_SERVICEBASH_CHECK
check-jmx-auth-args check_jmx4perl _SERVICEBASH_CONFIG
_SERVICEBASH_CHECK
_SERVICEARGS
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_USER

545
Check command name Plugin used Macros used
_SERVICEBASH_PASSWORD
check-jmx-mbean-attr-string check_jmx4perl _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_MBEAN
_SERVICEBASH_ATTRIBUTE
check-jmx-mbean-attr-string-path check_jmx4perl _SERVICEBASH_PATH
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_MBEAN
_SERVICEBASH_ATTRIBUTE
check-jmx-mbean-attr-unit check_jmx4perl _SERVICEBASH_UNIT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_MBEAN
_SERVICEBASH_ATTRIBUTE
check-jmx-mbean-attr-unit-delta check_jmx4perl _SERVICEBASH_UNIT
_SERVICEBASH_DELTA
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_MBEAN
_SERVICEBASH_ATTRIBUTE
check-ldap check_ldap _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_BASEDN
_SERVICEBASH_SEARCH
check-ldap-auth check_ldap _SERVICEBASH_PASSWORD
_SERVICEBASH_SEARCH
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_BASEDN
_SERVICEBASH_USER
check-ldap-auth-ssl check_ldap _SERVICEBASH_PASSWORD
_SERVICEBASH_SEARCH
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_BASEDN
_SERVICEBASH_USER
check-ldap-auth-tls check_ldap _SERVICEBASH_PASSWORD
_SERVICEBASH_SEARCH
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_BASEDN
_SERVICEBASH_USER

546
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
check-ldap-ssl check_ldap _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_BASEDN
_SERVICEBASH_SEARCH
check-ldap-tls check_ldap _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_BASEDN
_SERVICEBASH_SEARCH
check-livestatus-freshness-host check_livestatus_freshness HOSTNAME
_HOSTBASH_ADDITIONAL_FRESHNESS_LATENCY
check-livestatus-freshness-svc check_livestatus_freshness HOSTNAME
SERVICEDESC
_SERVICEBASH_ADDITIONAL_FRESHNESS_LATENCY
check-mail-loop-imap check_mail_loop_imap HOSTNAME
SERVICEDESC
HOSTADDRESS
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_IMAP_EMAIL
_SERVICEBASH_RELAY_EMAIL
_SERVICEBASH_FOLDER
_SERVICEBASH_TLS
_SERVICEBASH_SSL
_SERVICEBASH_INSECURE
_SERVICEBASH_PORT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL

CHECK COMMANDS
_SERVICEBASH_TIMEOUT
check-meta-cause check_meta_cause SERVICEDESC
check-mssql check_mssql_health _SERVICEBASH_MODE
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
check-mssql-db check_mssql_health _SERVICEBASH_MODE
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_DATABASE
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
check-mssql-query check_mssql_health _SERVICEBASH_MODE
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
_SERVICEBASH_LABEL
_SERVICEBASH_QUERY
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
check-mssql-replmon check_mssql_replmon _SERVICEBASH_PUBLISHER

547
Check command name Plugin used Macros used
_SERVICEBASH_PUBLICATION
_SERVICEBASH_DATABASE
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_SUBSCRIBER
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_DISTRIBUTOR
check-mssql-replmon-self check_mssql_replmon _SERVICEBASH_PUBLISHER
_SERVICEBASH_PUBLICATION
_SERVICEBASH_DATABASE
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_DISTRIBUTOR
check-mysql check_mysql_health _SERVICEBASH_DATABASE
_SERVICEBASH_MODE
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
check-mysql-query check_mysql_health _SERVICEBASH_DATABASE
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
_SERVICE_QUERY
_SERVICEBASH_LABEL
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
check-nagios-health check_nagios_health _SERVICEBASH_LABELS
_SERVICEBASH_PARAMETERS
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-nrpe check_nrpe HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_COMMAND
check-nrpe-args check_nrpe _SERVICESAFEARGLIST
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_COMMAND
check-nrpe-args-nossl check_nrpe _SERVICESAFEARGLIST
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_COMMAND
check-nrpe-daemon check_nrpe HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_TIMEOUT
check-nrpe-nossl check_nrpe HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_COMMAND
check-nrpe-wc check_nrpe _SERVICEBASH_WARNING

548
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
_SERVICEBASH_CRITICAL
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_COMMAND
check-nrpe-wca check_nrpe _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_ARG
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_COMMAND
check-nrpe-wca-nossl check_nrpe _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_ARG
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_COMMAND
check-nrpe-wc-nossl check_nrpe _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_COMMAND
check-ntp-peer check_ntp_peer _SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-ntp-peer -address check_ntp_peer _SERVICEBASH_ADDRESS
_SERVICEBASH_PORT

CHECK COMMANDS
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
check-ntp-time check_ntp_time HOSTADDRESS
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
check-office365 check_office365 _SERVICEBASH_CRITICAL
_SERVICEBASH_CACHE_AGE
_SERVICEBASH_MODE
_SERVICEBASH_SERVICE_NAME
HOSTNAME
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_WARNING
check-oracle-health check_oracle_health _SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_ARGUMENT
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_MODE
check-oracle-health-noarg check_oracle_health _SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS

549
Check command name Plugin used Macros used
_SERVICEBASH_PORT
_SERVICEBASH_MODE
check-oracle-health-re check_oracle_health _SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_ARGUMENT
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_MODE
check-oracle-health-tnsping check_oracle_health _SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
check-oracle-mem check_oracle_mem _SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-oracle-sid check_oracle_sid _SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-oracle-tb check_oracle_tb _SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_TABLESPACE
_SERVICEBASH_THRESHOLD
check-ping check_ping _SERVICEBASH_LOSS_CRITICAL
_SERVICEBASH_PACKETS
HOSTADDRESS
_SERVICEBASH_RTA_WARNING
_SERVICEBASH_LOSS_WARNING
_SERVICEBASH_RTA_CRITICAL
check-ping-address check_ping _SERVICEBASH_LOSS_CRITICAL
_SERVICEBASH_PACKETS
_SERVICEBASH_ADDRESS
_SERVICEBASH_RTA_WARNING
_SERVICEBASH_LOSS_WARNING
_SERVICEBASH_RTA_CRITICAL
check-pom-discovery check_pom_discovery _SERVICEBASH_TYPE
_SERVICEBASH_NETWORK
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-pom-ix check_pom_ix HOSTNAME
SERVICEDESC
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_APPLICATION
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-pom-license check_pom_license HOSTNAME
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-pomklive check_pomklive HOSTNAME HOSTNAME
check-pop check_pop _SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-pop-ssl check_pop _SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_WARNING

550
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
_SERVICEBASH_CRITICAL
check-postgresql check_postgres _SERVICEBASH_PASSWORD
_SERVICEBASH_MODE
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_DATABASE
_SERVICEBASH_USER
check-postgresql-c check_postgres _SERVICEBASH_PASSWORD
_SERVICEBASH_MODE
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_DATABASE
_SERVICEBASH_USER
check-postgresql-w check_postgres _SERVICEBASH_PASSWORD
_SERVICEBASH_MODE
_SERVICEBASH_WARNING
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_DATABASE
_SERVICEBASH_USER
check-postgresql-wc check_postgres _SERVICEBASH_PASSWORD
_SERVICEBASH_MODE
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_DATABASE
_SERVICEBASH_USER

CHECK COMMANDS
check-postgresql-wc-query check_postgres _SERVICEBASH_PASSWORD
_SERVICEBASH_MODE
_SERVICEBASH_QUERY
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_DATABASE
_SERVICEBASH_USER
check-postgresql-wc-queryname check_postgres _SERVICEBASH_PASSWORD
_SERVICEBASH_MODE
_SERVICEBASH_QUERYNAME
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_DATABASE
_SERVICEBASH_USER
check-qualys check_qualys HOSTNAME
SERVICEDESC
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_IP
_SERVICEBASH_DATE
_SERVICEBASH_REPORT_TEMPLATE_ID
_SERVICEBASH_REPORT_TEMPLATE_NAME
_SERVICEBASH_RETRY
_SERVICEBASH_WARNING

551
Check command name Plugin used Macros used
_SERVICEBASH_CRITICAL
check-radius check_radius _SERVICEBASH_PASSWORD
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_CONFIG
_SERVICEBASH_USER
check-replay check_replay HOSTNAME
SERVICEDESC
_SERVICEBASH_PREFIX
check-scenario _SERVICEBASH_SCENARIO
HOSTADDRESS
_SERVICEBASH_URL
check-scenario-nohost _SERVICEBASH_SCENARIO
_SERVICEBASH_URL
check-scenario-user check_scenario HOSTADDRESS
_SERVICEBASH_URL
_SERVICEBASH_SCENARIO
check-scenario-user-nohost check_scenario _SERVICEBASH_URL
_SERVICEBASH_SCENARIO
check-sftp check_sftp _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
check-smb-dir check_smb_dir _SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_MODE
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTADDRESS
_SERVICEBASH_SHARE
_SERVICEBASH_DIRECTORY
_SERVICEBASH_MASK
check-smb-robocopy check_smb_robocopy _SERVICEBASH_INSTANCE
_SERVICEBASH_MAXTIME
HOSTADDRESS
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_SHARE
check-smtp check_smtp _SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_FROM
_SERVICEBASH_WARNING
check-smtp-auth check_smtp _SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_FROM
_SERVICEBASH_WARNING
check-smtp-auth-tls check_smtp _SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
HOSTADDRESS
_SERVICEBASH_PORT

552
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
_SERVICEBASH_FROM
_SERVICEBASH_WARNING
check-smtp-receive check_smtp_receive _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_FROM
_SERVICEBASH_TO
check-smtp-tls check_smtp _SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_FROM
_SERVICEBASH_WARNING
check-snmp-alcatel-pbx check_snmp_alcatel_pbx _SERVICEBASH_IP_DOMAIN_ID
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_RETRY
SERVICEDESC
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_MODE
_HOSTBASH_SNMP_PORT
check-snmp-alive check_snmp_alive _HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL

CHECK COMMANDS
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_RETRY
SERVICEDESC
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_HOSTBASH_SNMP_PORT
check-snmp-aloha check_snmp_aloha _SERVICEBASH_LISTENER
HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_TYPE
check-snmp-aruba check_snmp_aruba _HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
_SERVICEBASH_MODE
HOSTADDRESS
_HOSTBASH_SNMP_PORT

553
Check command name Plugin used Macros used
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-barracuda-disk check_snmp_barracuda_disk _HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_HOSTBASH_SNMP_PORT
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-barracuda-hardware check_snmp_barracuda_hardware _HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
_SERVICEBASH_MODE
HOSTADDRESS
_HOSTBASH_SNMP_PORT
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-barracuda-latency check_snmp_barracuda_latency _HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_HOSTBASH_SNMP_PORT
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-barracuda-messages check_snmp_barracuda_messages _HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_HOSTBASH_SNMP_PORT
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-barracuda-queue check_snmp_barracuda_queue _HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT

554
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
HOSTADDRESS
_HOSTBASH_SNMP_PORT
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-bgp check_snmp_bgp HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-bluecoat-attack check_snmp_bluecoat_attack HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_TIMEOUT
check-snmp-ccmhistory check_snmp_ccmhistory _SERVICEBASH_TIMEOUT
HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_CRITICAL
check-snmp-checkpoint check_snmp_checkpoint _HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_RETRY
SERVICEDESC
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_HOSTBASH_SNMP_PORT
check-snmp-ciscochassis check_snmp_ciscochassis HOSTADDRESS

CHECK COMMANDS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_TIMEOUT
check-snmp-colubris-device-load check_colubris_device_load _HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_RETRY
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_FILTER
_HOSTBASH_SNMP_PORT
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-counter check_snmp_counter _HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_RETRY
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_MODE
_HOSTBASH_SNMP_PORT

555
Check command name Plugin used Macros used
_SERVICEBASH_IGNORE_TCP_ERROR
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-cpu check_snmp_cpu _HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_RETRY
SERVICEDESC
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_TYPE
_HOSTBASH_SNMP_PORT
check-snmp-cpu-linux check_snmp_cpu_linux _HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_RETRY
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_HOSTBASH_SNMP_PORT
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-date check_snmp_date _HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_TYPE
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_RETRY
HOSTADDRESS
_SERVICEBASH_TIMEOUT
_HOSTBASH_SNMP_PORT
_HOSTBASH_TIMEZONE
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-disk check_snmp_disk _SERVICEBASH_RESERVED
_HOSTBASH_SNMP_VERSION
_SERVICEBASH_PARTITION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_RETRY

556
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
SERVICEDESC
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_TYPE
_HOSTBASH_SNMP_PORT
check-snmp-disk-io check_snmp_disk_io _HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_RETRY
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_TYPE
_HOSTBASH_SNMP_PORT
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-generic check_snmp _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_LABEL
HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_OID
check-snmp-hpasm check_hpasm HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_TYPE
check-snmp-hpfan check_snmp _SERVICEBASH_CRITICAL
HOSTADDRESS

CHECK COMMANDS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_WARNING
check-snmp-hwg check_snmp_hwg HOSTADDRESS
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_SENSOR
check-snmp-ibm-bladecenter check_snmp_ibm_bladecenter _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_MODE
_SERVICEBASH_ITEM_NUM
check-snmp-iface check_snmp_iface _SERVICEBASH_TYPE_IGNORE
_HOSTBASH_SNMP_VERSION
_SERVICEBASH_TYPE
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_PORT
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_SERVICEBASH_SPEED_IN
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_SPEED_OUT
_SERVICEBASH_WARNING
_SERVICEBASH_IGNORE_STATE
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_IGNORE_OP_STATE

557
Check command name Plugin used Macros used
_SERVICEBASH_RETRY
SERVICEDESC
_SERVICEBASH_IGNORE_NEW
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_BSD
_SERVICEBASH_TYPE_ALLOW
_HOSTBASH_SNMP_PORT
check-snmp-iface-via check_snmp_iface _SERVICEBASH_TYPE_IGNORE
_SERVICEBASH_SNMP_VERSION
_SERVICEBASH_TYPE
_SERVICEBASH_SNMP_COMMUNITY
_SERVICEBASH_PORT
_SERVICEBASH_SNMP_SEC_LEVEL
_SERVICEBASH_SNMP_SEC_NAME
_SERVICEBASH_SNMP_AUTH_PROTOCOL
_SERVICEBASH_SNMP_AUTH_PASSWORD
_SERVICEBASH_SNMP_PRIV_PROTOCOL
_SERVICEBASH_SPEED_IN
_SERVICEBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_SPEED_OUT
_SERVICEBASH_WARNING
_SERVICEBASH_IGNORE_STATE
_SERVICEBASH_CRITICAL HOSTNAME
_SERVICEBASH_IGNORE_OP_STATE
_SERVICEBASH_RETRY SERVICEDESC
_SERVICEBASH_IGNORE_NEW
_SERVICEBASH_TIMEOUT
_SERVICEBASH_SNMP_HOST
_SERVICEBASH_BSD
_SERVICEBASH_TYPE_ALLOW
_SERVICEBASH_SNMP_PORT
check-snmp-iferror check_snmp_iferror _SERVICEBASH_TIMEOUT
_HOSTBASH_SNMP_VERSION
_SERVICEBASH_INDEX
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING_ERR
_SERVICEBASH_CRITICAL_ERR
HOSTNAME
_SERVICEBASH_WARNING_DISCARD
SERVICEDESC
_SERVICEBASH_CRITICAL_DISCARD
HOSTADDRESS
_SERVICEBASH_RETRY
_HOSTBASH_SNMP_PORT
check-snmp-juniper check_snmp_juniper _HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_TIMEOUT
SERVICEDESC

558
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
_SERVICEBASH_MODE
HOSTADDRESS
_HOSTBASH_SNMP_PORT
check-snmp-load check_snmp_load _HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_RETRY
SERVICEDESC
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_TYPE
_HOSTBASH_SNMP_PORT
check-snmp-loop check_snmp_loop _SERVICEBASH_TIMEOUT
_SERVICEBASH_RETRY
HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_CREDENTIALS
_SERVICEBASH_DURATION
check-snmp-mem check_snmp_mem _HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL

CHECK COMMANDS
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_TYPE
_SERVICEBASH_WARNING
HOSTNAME
_SERVICEBASH_CRITICAL
SERVICEDESC
_SERVICEBASH_RETRY
HOSTADDRESS
_SERVICEBASH_TIMEOUT
_HOSTBASH_SNMP_PORT
check-snmp-nb-process check_snmp_nb_process _HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TYPE
_SERVICEBASH_RETRY
HOSTADDRESS
_SERVICEBASH_TIMEOUT
_HOSTBASH_SNMP_PORT
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-netapp check_netapp3.pl _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY

559
Check command name Plugin used Macros used
_SERVICEBASH_MODE
check-snmp-netscaler check_snmp_netscaler _HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_TIMEOUT
SERVICEDESC
_SERVICEBASH_MODE
HOSTADDRESS
_HOSTBASH_SNMP_PORT
check-snmp-netscaler-counter check_snmp_netscaler_counter _HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_TIMEOUT
SERVICEDESC
_SERVICEBASH_MODE
HOSTADDRESS
_HOSTBASH_SNMP_PORT
check-snmp-netscaler-hardware check_snmp_netscaler_hardware _HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_TIMEOUT
SERVICEDESC
_SERVICEBASH_MODE
HOSTADDRESS
_HOSTBASH_SNMP_PORT
check-snmp-openmanage check_openmanage HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-openmanage-only check_openmanage HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_TYPE
check-snmp-openmanage-temp check_openmanage _SERVICEBASH_CRITICAL
HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_WARNING
check-snmp-palo-alto-hardware check_snmp_palo_alto_hardware _HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME

560
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
_SERVICEBASH_MODE
HOSTADDRESS
_HOSTBASH_SNMP_PORT
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-palo-alto-netstats check_snmp_palo_alto_netstats _HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_TIMEOUT
SERVICEDESC
HOSTADDRESS
_HOSTBASH_SNMP_PORT
check-snmp-perfdata check_snmp_perfdata HOSTNAME
SERVICEDESC
HOSTADDRESS
_HOSTBASH_SNMP_PORT
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY

CHECK COMMANDS
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_RETRY
_SERVICEBASH_TIMEOUT
_SERVICEBASH_OID
_SERVICEBASH_LABEL
_SERVICEBASH_DESCRIPTION
_SERVICEBASH_MATCH_INDEX
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_LABEL_OID
_SERVICEBASH_WARNING_OID
_SERVICEBASH_CRITICAL_OID
_SERVICEBASH_MIN
_SERVICEBASH_MIN_OID
_SERVICEBASH_MAX
_SERVICEBASH_MAX_OID
_SERVICEBASH_UOM
_SERVICEBASH_MULTIPLICATOR
_SERVICEBASH_MULTIPLICATOR_OID
_SERVICEBASH_COUNT
_SERVICEBASH_SUM_TOTAL
_SERVICEBASH_SUM_ONLY
_SERVICEBASH_AVG_TOTAL
_SERVICEBASH_AVG_ONLY

561
Check command name Plugin used Macros used
_SERVICEBASH_FETCH_REINDEX
_SERVICEBASH_BINARY_PREFIX
_SERVICEBASH_SUBTREE
_SERVICEBASH_COUNTER
_SERVICEBASH_OUTPUT_PATTERN
_SERVICEBASH_OUTPUT_CUSTOM
_SERVICEBASH_LABEL_IGNORE_SNMP_IDX
_SERVICEBASH_CRITICAL_ERRORS
_SERVICEBASH_REVERSE_THRESHOLD
check-snmp-printer-paper check_snmp_printer_paper _HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_RETRY
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_HOSTBASH_SNMP_PORT
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-printer-toner check_snmp_printer_toner _HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_RETRY
SERVICEDESC
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_HOSTBASH_SNMP_PORT
check-snmp-proc check_snmp_svc _SERVICEBASH_PROCESS
_HOSTBASH_SNMP_VERSION
_SERVICEBASH_ARGS
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_TYPE
_SERVICEBASH_MIN
HOSTNAME
_SERVICEBASH_MAX
SERVICEDESC
_SERVICEBASH_RETRY
HOSTADDRESS
_SERVICEBASH_TIMEOUT
_HOSTBASH_SNMP_PORT
check-snmp-qnap-disk check_snmp_qnap_disk _SERVICEBASH_CRITICAL
HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_WARNING

562
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
check-snmp-qnap-fan check_snmp_qnap_fan _SERVICEBASH_CRITICAL
HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_WARNING
check-snmp-qos check_snmp_qos _SERVICEBASH_CLASSES
HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_INTERFACE
check-snmp-rip check_snmp_rip HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-riverbed check_snmp_riverbed _HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_RETRY
SERVICEDESC
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_MODE
_HOSTBASH_SNMP_PORT
check-snmp-scangaule check_snmp_scangaule _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTADDRESS

CHECK COMMANDS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_MODE
check-snmp-sla check_snmp_sla HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_DATACENTER
check-snmp-stonegate check_snmp_stonegate _HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_RETRY
SERVICEDESC
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_MODE
_HOSTBASH_SNMP_PORT
check-snmp-stonegate-cluster check_snmp_stonegate_cluster _HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD

563
Check command name Plugin used Macros used
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_RETRY
_SERVICEBASH_TIMEOUT
_SERVICEBASH_MEMBERS
_SERVICEBASH_NAME
_HOSTBASH_SNMP_PORT
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-svc check_snmp_svc _HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_TYPE
_SERVICEBASH_MIN
_SERVICEBASH_MAX
_SERVICEBASH_RETRY
HOSTADDRESS
_SERVICEBASH_TIMEOUT
_HOSTBASH_SNMP_PORT
_SERVICEBASH_SERVICE_NAME
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
check-snmp-synology check_snmp_synology _HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTNAME
_SERVICEBASH_RETRY
SERVICEDESC
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_HOSTBASH_SNMP_PORT
check-snmp-ups-apc check_snmp_ups _SERVICEBASH_TEMP
_SERVICEBASH_LOAD
HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_RUNTIME
check-snmp-ups-apc-galaxy check_snmp_ups_apc_galaxy _SERVICEBASH_TEMP
_SERVICEBASH_LOAD
HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_RUNTIME
check-snmp-ups-hp check_snmp_ups_hp _SERVICEBASH_TEMP
_SERVICEBASH_LOAD
HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_RUNTIME
check-snmp-uptime check_snmp_uptime _HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_HOSTBASH_SNMP_SEC_LEVEL
_HOSTBASH_SNMP_SEC_NAME

564
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
_HOSTBASH_SNMP_AUTH_PROTOCOL
_HOSTBASH_SNMP_AUTH_PASSWORD
_HOSTBASH_SNMP_PRIV_PROTOCOL
_HOSTBASH_SNMP_PRIV_PASSWORD
_SERVICEBASH_CRITICAL
_SERVICEBASH_RETRY
HOSTNAME
_SERVICEBASH_TIMEOUT
SERVICEDESC
_SERVICEBASH_PERSISTENT
HOSTADDRESS
_SERVICEBASH_TYPE
_HOSTBASH_SNMP_PORT
check-snmp-vip check_snmp_vip HOSTADDRESS
_HOSTBASH_SNMP_VERSION
_HOSTBASH_SNMP_COMMUNITY
_SERVICEBASH_TIMEOUT
check-ssh check_ssh HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_TIMEOUT
check-ssh-date check_ssh_date _SERVICEBASH_CRITICAL
HOSTADDRESS
_HOSTBASH_SSH_PORT
_HOSTBASH_SSH_USER
_SERVICEBASH_WARNING
check-ssh-disk check_ssh_disk _SERVICEBASH_CRITICAL
_SERVICEBASH_PARTITION
HOSTADDRESS
_HOSTBASH_SSH_USER
_HOSTBASH_SSH_PORT
_SERVICEBASH_WARNING
check-ssh-errpt check_ssh_errpt _SERVICEBASH_CRITICAL

CHECK COMMANDS
HOSTADDRESS
_HOSTBASH_SSH_PORT
_HOSTBASH_SSH_USER
_SERVICEBASH_WARNING
check-ssh-ibm-san check_ssh_ibm_san _SERVICEBASH_CRITICAL
_SERVICEBASH_MODE
_SERVICEBASH_OPTION
HOSTADDRESS
_HOSTBASH_SSH_PORT
_HOSTBASH_SSH_USER
_SERVICEBASH_WARNING
check-ssh-load check_ssh_load _SERVICEBASH_CRITICAL
HOSTADDRESS
_HOSTBASH_SSH_PORT
_HOSTBASH_SSH_USER
_SERVICEBASH_WARNING
check-ssh-lpstat check_ssh_lpstat _SERVICEBASH_CRITICAL
HOSTADDRESS
_HOSTBASH_SSH_PORT
_HOSTBASH_SSH_USER
_SERVICEBASH_WARNING
check-ssh-mem check_ssh_mem _SERVICEBASH_CRITICAL
_SERVICEBASH_TYPE
HOSTADDRESS
_HOSTBASH_SSH_PORT
_HOSTBASH_SSH_USER
_SERVICEBASH_WARNING
check-ssh-nb-process check_ssh_nb_process _SERVICEBASH_CRITICAL
HOSTADDRESS
_HOSTBASH_SSH_USER

565
Check command name Plugin used Macros used
_HOSTBASH_SSH_PORT
_SERVICEBASH_WARNING
check-ssh-process-age check_ssh_process_age _SERVICEBASH_CRITICAL
_SERVICEBASH_PROCESS
_SERVICEBASH_EXCLUDE
HOSTADDRESS
_HOSTBASH_SSH_USER
_HOSTBASH_SSH_PORT
_SERVICEBASH_WARNING
check-ssh-svc check_ssh_svc _SERVICEBASH_MAX
_SERVICEBASH_PROCESS
HOSTADDRESS
_HOSTBASH_SSH_USER
_HOSTBASH_SSH_PORT
_SERVICEBASH_MIN
check-ssh-swap check_ssh_mem _SERVICEBASH_CRITICAL
_SERVICEBASH_TYPE
HOSTADDRESS
_HOSTBASH_SSH_PORT
_HOSTBASH_SSH_USER
_SERVICEBASH_WARNING
check-ssh-uptime check_ssh_uptime _HOSTBASH_SSH_USER
_SERVICEBASH_PERSISTENT
_SERVICEBASH_CRITICAL
HOSTNAME
SERVICEDESC
HOSTADDRESS
_HOSTBASH_SSH_PORT
check-ssh-version check_ssh HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_TIMEOUT
_SERVICEBASH_VERSION
check-tcp check_tcp _SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-tcp-expect check_tcp _SERVICEBASH_TIMEOUT
_SERVICEBASH_EXPECT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-tcp-expectquit check_tcp _SERVICEBASH_TIMEOUT
_SERVICEBASH_EXPECT
_SERVICEBASH_QUIT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-tcp-quit check_tcp _SERVICEBASH_TIMEOUT
_SERVICEBASH_QUIT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-tcp-sendexpect check_tcp _SERVICEBASH_TIMEOUT
_SERVICEBASH_SEND
_SERVICEBASH_EXPECT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_WARNING

566
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
_SERVICEBASH_CRITICAL
check-tcp-sendexpectquit check_tcp _SERVICEBASH_TIMEOUT
_SERVICEBASH_SEND
_SERVICEBASH_EXPECT
_SERVICEBASH_QUIT
HOSTADDRESS
_SERVICEBASH_PORT
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
check-undefined check_dummy
check-wbem-alive check_wbem_alive HOSTADDRESS
_HOSTBASH_WBEM_USER
_HOSTBASH_WBEM_PASSWORD
_SERVICEBASH_TYPE
check-wbem-clock check_wbem_clock HOSTADDRESS
_HOSTBASH_WBEM_USER
_HOSTBASH_WBEM_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TYPE
_HOSTBASH_TIMEZONE
check-wbem-cpu check_wbem_cpu HOSTNAME
SERVICEDESC
HOSTADDRESS
_HOSTBASH_WBEM_USER
_HOSTBASH_WBEM_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TYPE
check-wbem-disk check_wbem_disk HOSTNAME
SERVICEDESC

CHECK COMMANDS
HOSTADDRESS
_HOSTBASH_WBEM_USER
_HOSTBASH_WBEM_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TYPE
check-wbem-job check_wbem_job HOSTNAME
SERVICEDESC
HOSTADDRESS
_HOSTBASH_WBEM_USER
_HOSTBASH_WBEM_PASSWORD
_SERVICEBASH_TYPE
_SERVICEBASH_JOB
_SERVICEBASH_AS_USER
check-wbem-nb-job check_wbem_nb_job HOSTNAME
SERVICEDESC
HOSTADDRESS
_HOSTBASH_WBEM_USER
_HOSTBASH_WBEM_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TYPE
_SERVICEBASH_MODE
check-wbem-network check_wbem_network HOSTNAME
SERVICEDESC
HOSTADDRESS
_HOSTBASH_WBEM_USER
_HOSTBASH_WBEM_PASSWORD
_SERVICEBASH_WARNING

567
Check command name Plugin used Macros used
_SERVICEBASH_CRITICAL
_SERVICEBASH_TYPE
_SERVICEBASH_LINE
check-wbem-sbs check_wbem_sbs HOSTNAME
SERVICEDESC
HOSTADDRESS
_HOSTBASH_WBEM_USER
_HOSTBASH_WBEM_PASSWORD
_SERVICEBASH_TYPE
_SERVICEBASH_SBS
check-wbem-uptilme check_wbem_uptime HOSTNAME
SERVICEDESC
HOSTADDRESS
_HOSTBASH_WBEM_USER
_HOSTBASH_WBEM_PASSWORD
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_PERSISTENT
_SERVICEBASH_TYPE
check-winexe check_winexe HOSTADDRESS
_HOSTBASH_MS_USER
_HOSTBASH_MS_PASSWORD
_SERVICEBASH_COMMAND
check-winexe-cmd check_winexe_cmd _SERVICEBASH_COMMAND
HOSTADDRESS
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_REGEXP
check-winexe-replsum check_winexe_replsum HOSTADDRESS
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
check-winexe-updates check_winexe_updates HOSTADDRESS
_HOSTBASH_MS_USER
_HOSTBASH_MS_PASSWORD
check-wmi-clock check_wmi_clock _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTADDRESS
_HOSTBASH_MS_USER
_HOSTBASH_MS_PASSWORD
_HOSTBASH_MS_WORKGROUP
check-wmi-cpu check_wmi_cpu _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTADDRESS
_HOSTBASH_MS_USER
_HOSTBASH_MS_PASSWORD
_HOSTBASH_MS_WORKGROUP
check-wmi-ctxlic check_wmi_ctxlic _SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_USER
_SERVICEBASH_PASSWORD
_SERVICEBASH_WARNING
check-wmi-ctxsess check_wmi_ctxsess _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_SERVICEBASH_USER
_SERVICEBASH_WORKGROUP
_HOSTBASH_MS_PASSWORD
check-wmi-disk check_wmi_disk _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL

568
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
_SERVICEBASH_PARTITION
HOSTADDRESS
_HOSTBASH_MS_USER
_HOSTBASH_MS_PASSWORD
_HOSTBASH_MS_WORKGROUP
check-wmi-hyperv check_wmi_hyperv _SERVICEBASH_CRITICAL
_SERVICEBASH_OPTION
HOSTADDRESS
_HOSTBASH_MS_USER
_HOSTBASH_MS_PASSWORD
_SERVICEBASH_WARNING
check-wmi-mem check_wmi_mem _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_HOSTBASH_MS_USER
_HOSTBASH_MS_PASSWORD
_HOSTBASH_MS_WORKGROUP
check-wmi-nb-process check_wmi_nb_process _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_HOSTBASH_MS_USER
_HOSTBASH_MS_PASSWORD
_HOSTBASH_MS_WORKGROUP
check-wmi-network check_wmi_network _SERVICEBASH_CRITICAL
HOSTADDRESS
_HOSTBASH_MS_USER
_HOSTBASH_MS_PASSWORD
_SERVICEBASH_WARNING
check-wmi-proc check_wmi_proc _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL

CHECK COMMANDS
_SERVICEBASH_TIMEOUT
_SERVICEBASH_PROCESS
HOSTADDRESS
_HOSTBASH_MS_USER
_HOSTBASH_MS_PASSWORD
_HOSTBASH_MS_WORKGROUP
check-wmi-services check_wmi_services _SERVICEBASH_START_MODE
_SERVICEBASH_INCLUDE_DNAME
_SERVICEBASH_INCLUDE_NAME
_SERVICEBASH_EXCLUDE_DNAME
_SERVICEBASH_EXCLUDE_NAME
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_HOSTBASH_MS_USER
_HOSTBASH_MS_PASSWORD
_HOSTBASH_MS_WORKGROUP
check-wmi-scheduled-job check_scheduled_job HOSTADDRESS
_HOSTBASH_MS_USER
_HOSTBASH_MS_PASSWORD
_HOSTBASH_MS_WORKGROUP
_SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
_SERVICEBASH_TIMEOUT
_SERVICEBASH_JOB
check-wmi-svc check_wmi_svc _SERVICEBASH_SERVICE_NAME
_SERVICEBASH_TIMEOUT
HOSTADDRESS
_HOSTBASH_MS_USER
_HOSTBASH_MS_PASSWORD
_HOSTBASH_MS_WORKGROUP

569
Check command name Plugin used Macros used
check-wmi-swap check_wmi_swap _SERVICEBASH_WARNING
_SERVICEBASH_CRITICAL
HOSTADDRESS
_HOSTBASH_MS_USER
_HOSTBASH_MS_PASSWORD
_HOSTBASH_MS_WORKGROUP
check-wmi-uptime check_wmi_uptime _HOSTBASH_MS_PASSWORD
_HOSTBASH_MS_WORKGROUP
_SERVICEBASH_PERSISTENT
_SERVICEBASH_CRITICAL
HOSTNAME
SERVICEDESC
HOSTADDRESS
_HOSTBASH_MS_USER
check-wsrpe check_wsrpe _SERVICEBASH_URL
_SERVICEBASH_COMMAND
check-wsrpe-args check_wsrpe _SERVICEBASH_URL
_SERVICEBASH_COMMAND
_SERVICEBASH_ARGUMENTS
check-wsrpe-proxy check_wsrpe _SERVICEBASH_URL
_SERVICEBASH_COMMAND
_SERVICEBASH_PROXY
check-wsrpe-proxy-args check_wsrpe _SERVICEBASH_URL
_SERVICEBASH_COMMAND
_SERVICEBASH_ARGUMENTS
_SERVICEBASH_PROXY
check-xml-polycom check_xml_polycom _SERVICEBASH_TIMEOUT
HOSTADDRESS
_HOSTBASH_USER
_HOSTBASH_PASSWORD
_SERVICEBASH_MODE
freshness-too-old check_dummy
handler-meta check_meta_cause _SERVICEBASH_META
LASTSERVICECHECK
SERVICESTATETYPE
COMMANDFILE
host-alert-mail pomalert NOTIFICATIONAUTHORNAME
NOTIFICATIONCOMMENT
HOSTNAME
HOSTALIAS
HOSTADDRESS
HOSTSTATE
LASTHOSTSTATECHANGE
LASTHOSTCHECK
HOSTOUTPUT
_HOSTBASH_NOTES
CONTACTNAME
_HOSTBASH_POM_SITE
CONTACTGROUPNAME
CONTACTEMAIL
_CONTACTBASH_LANGUAGE
NOTIFICATIONTYPE
host-alert-smstools pomalert NOTIFICATIONAUTHORNAME
NOTIFICATIONCOMMENT
HOSTNAME
HOSTALIAS
HOSTADDRESS
HOSTSTATE
LASTHOSTSTATECHANGE
LASTHOSTCHECK
HOSTOUTPUT

570
 APPENDIX A: PLUGINS & CHECK COMMANDS
Check command name Plugin used Macros used
_HOSTBASH_NOTES
CONTACTNAME
_HOSTBASH_POM_SITE
CONTACTGROUPNAME
CONTACTPAGER
_CONTACTBASH_LANGUAGE
NOTIFICATIONTYPE
ochp-command logger TIMET
ocsp-command logger TIMET
service-alert-mail pomalert _SERVICEBASH_POM_SITE
NOTIFICATIONAUTHORNAME
CONTACTEMAIL
NOTIFICATIONCOMMENT
HOSTNAME
HOSTALIAS
HOSTADDRESS
HOSTSTATE
SERVICEDESC
SERVICESTATE
LASTSERVICESTATECHANGE
LASTSERVICECHECK
CONTACTNAME
SERVICEOUTPUT
CONTACTGROUPNAME
_HOSTBASH_NOTES
_CONTACTBASH_LANGUAGE
_HOSTBASH_POM_SITE
NOTIFICATIONTYPE
service-alert-smstools pomalert _SERVICEBASH_POM_SITE
NOTIFICATIONAUTHORNAME
CONTACTPAGER
NOTIFICATIONCOMMENT

CHECK COMMANDS
HOSTNAME
HOSTALIAS
HOSTADDRESS
HOSTSTATE
SERVICEDESC
SERVICESTATE
LASTSERVICESTATECHANGE
LASTSERVICECHECK
CONTACTNAME
SERVICEOUTPUT
CONTACTGROUPNAME
_HOSTBASH_NOTES
_CONTACTBASH_LANGUAGE
_HOSTBASH_POM_SITE
NOTIFICATIONTYPE

571
 NAME INDEX / GLOSSARY
NAME INDEX /
GLOSSARY
Note: this index only references topics that are not explicitly featured in the Table of Contents

 Go back to the Table of Contents

3
3COM (network switch)
Monitoring template 361

A
AD (Active Directory)
Enabling LDAPS in AD 222
Monitoring template 482
AIX (server)
Monitoring template 315
Monitoring template (via SSH) 316
Aloha (load balancer)
Monitoring template 339
AP (Access Point)
Shape in Maps tab 53
Apache (web server)
Involvement in SSO via Kerberos authentication 230
Restart procedure 144
APM (Application Performance Management)
APPLIPERF section of the spreadsheet file 266
Aruba (wi-fi mobility controller)
Monitoring template 340
AS/400 (IBM system)
AS400 Monitoring template 317
AS400-WBEM Monitoring template 318
Language setup on an AS/400 244
ASA (Adaptive Security Appliance)
Monitoring template 368
Shape in Maps tab 53
Astaro (firewall)
Monitoring template 369
Authentication
Assume Root privileges on POM server 134
Autologin 235
Configuration in POM WUI 97

573
 Credentials configuration 106
LDAP/LDAPS/LDAPTLS authentication 222
Renewing SSL certificate 144
SMTP authentication 232
SSL certificate at first WUI connection 130
SSO via Kerberos authentication 227
Autologin
Autologin authentication method 235
Automaps
Setting up 159
AWS (Amazon Web Services)
AWS Monitoring template 390
AWS-ALARM Monitoring template 483
AWS-BILLING Monitoring template 484
Monitoring an AWS infrastucture with POM 218

B
Backup
POM platform backup copies 138
Barracuda (spam firewall)
Monitoring template 370
Beaglebone (open source hardware)
Setup as a POM console 153
BIG-IP (Local Traffic Manager)
F5-BIGIP monitoring template 345
BladeCenter (IBM server)
Monitoring template 320
Bluecoat (proxy appliance)
Bluecoat monitoring template 341
Bluecoat-AV monitoring template 342
Bookmarks
in Logs tab 63
Brocade (network switch)
monitoring template 343

C
CA (Certificate Authority)
Create a CA 222
CCM (Cisco Call Manager)
Monitoring template 344
Check commands
Creation of new check commands 529
Deafult check commands available in POM 535
Edition & deletion of check commands 534
Help on check commands 528
Notifications customization 295
Overview 527
Registering a check command in the spreadsheet file 533
check_interval
Role in alerting process 20
check_snmp_iface
Role in weathermaps 50
Checkpoint (firewall)

574
 NAME INDEX / GLOSSARY
Monitoring template 371
CIDR (Classless Inter-Domain Routing)
CIDR notation in Inventory tab 38
POM server IP address notation 127
Cisco
ASA Monitoring template 368
Available shapes in Maps 53
CCM Monitoring template 344
Cisco switch Monitoring template 362
PIX Monitoring template 378
Citrix
NetScaler Monitoring template 376
Color code
In Events tab 22
In Logs tab 56
Configuration
Configuration spreadsheet file 247
Configuration state in POM WUI 111
POM configuration files directory 116, 117
POM server initial configuration 126
POM web interface configuration 89
Reloading POM configuration manually (pomgen) 273
Credentials
Configuration in POM WUI 106
in POM-Agent 176
CRITICAL state See States
CSR (Certificate Signing Request)
Create a CSR 224
CSR generation for POM platform 144

D
Database
Shape in Maps tab 53
DB (DataBase) See Database
DB2 (database)
Monitoring template 463
DC-SYNC
Monitoring template 485
Debug
Technical support in POM WUI 102
Dell
iDRAC Monitoring template 348
DHCP (Dynamic Host Configuration Protocol)
Monitoring template 422
Discovery
Overview 36
DNS (Domain Name System)
DNS lookup in Smart Discovery 38
Monitoring template 423
Downtimes
Configuration in POM WUI 110
In Events tab 27
Setup via HTTP request 304
Drive

575
 HDD shape in Maps tab 53
Managing large drives on POM server 152
Duplication
POM platform duplication procedure 139

E
EMC (Storage area network)
Monitoring template 382
ERRPT
Monitoring template 406
ESX (Elastic Sky X hypervisor)
ESX Monitoring template 391
ESX-CL Monitoring template 486
ESX-SNAPSHOTS Monitoring template 487
ESX-VC Monitoring template 488
ESX-VC-VMFS Monitoring template 489
ESX-VMFS Monitoring template 490
Monitoring a VMWare infrastucture with POM 214
Events
Deactivate pop-in window in Events tab 157
Default settings for the Events view 156
Events tab Common usage 19
Events tab Customization 156

F
F5
F5-BIGIP monitoring template 345
Filters
In Events tab 30
in Inventory tab 40
In Logs tab 60
Firewall
Astaro Monitoring template 369
Barracuda Monitoring template 370
Checkpoint Monitoring template 371
Cisco ASA Monitoring template 368
Cisco PIX Monitoring template 378
Fortigate 200b Monitoring template 373
Fortigate Monitoring template 372
IronPort Monitoring template 374
McAfee Stonegate Monitoring template 379
Palo-Alto Monitoring template 377
Shape in Maps tab 53
Fortigate (firewall)
Monitoring template 372
Fortigate 200b (firewall)
Monitoring template 373
Fortinet See Fortigate
FTP (File Transfer Protocol)
Default Monitoring template 425
File age Monitoring template (via FTP) 426
FTPS (File Transfer Protocol - Secured)
Monitoring template 427

576
 NAME INDEX / GLOSSARY
FW (FireWall) See Firewall

G
Gateway
Citrix NetScaler Monitoring template 376
Shape in Maps tab 54
GoogleMaps API
Base for geographical maps 51
GPL (GNU General Public License)
for OpenPOM 21
Guest-config
Deactivate monitoring of guest-config in a VMWare environment 217
Guest-tools
Deactivate monitoring of guest-tools in a VMWare environment 217
GW (GateWay) See Gateway

H
H3C (network switch)
Monitoring template 346
Hard drive See Drive
HARD state See States
HDD (Hard Disk Drive) See Drive
Host Templates
Overview 308
HP (Hewlett-Packard)
HP 5130 Monitoring template 347
HP ILO Monitoring template 349
HP P2000 Monitoring template 319
HP switch Monitoring template 363
HP UPS Monitoring template 332
HP 5130 (network switch)
Monitoring template 347
HTML (HyperLink Markup Language)
Export formats for reports 86
HTPL See Host Templates
HTTP (HyperText Transfer Protocol)
Monitoring template 428
HTTPS (HyperText Transfer Protocol - Secured)
Monitoring template 430
Hypervision
General principle 199
Hypervisor 200
Satellite 200
Hypervisor
In a VMWare/ESX context 214
In an AWS context 218
in POM-Hypervision 200

I
IAD (Integrated Access Device)
Shape in Maps tab 53
IBM

577
 AS400 Monitoring template 317
AS400-wbem Monitoring template 318
IBM BladeCenter Monitoring template 320
ICMP (Internet Control Message Protocol)
POM server installation 120
Iconset
Custom iconsets in Maps tab 161
iDRAC (integrated Dell Remote Access Controller)
Monitoring template 348
ILO (HP Integrated Lights Out)
Monitoring template 349
IMAP (Internet Message Access Protocol)
Monitoring template 432
IMAPS (Internet Message Access Protocol - Secured)
Monitoring template 433
Installation
POM installation directory 116, 117
POM server installation procedure 122
Inventory
Inventory tab Common usage 35
Inventory tab Customization 158
Overview 36
IP (Internet Protocol)
monitoring template 350
IronPort (firewall)
Monitoring template 374
ISDN (Integrated Services Digital Network)
Shape in Maps tab 53

J
Juniper (network switch)
Juniper EX Monitoring template 351
Juniper SA Monitoring template 352

K
Kerberos (authentication protocol)
SSO via Kerberos authentication 227

L
Language
Language setup on an IBM AS/400 244
POM platform language setup 146
LDAP (Lightweight Directory Access Protocol)
LDAP Monitoring template 434
LDAP parameters in POM WUI 98
LDAP/LDAPS/LDAPTLS authentication 222
LDAPS Monitoring template 436
LDAPTLS Monitoring template 438
Shape in Maps tab 54
LDAPS (LDAP over SSL) See LDAP
LDAPTLS (LDAP over STARTTLS) See LDAP
License

578
 NAME INDEX / GLOSSARY
Management in POM Interface 97
Linux/Unix
Activate SNMP 149
Display POM platform Linux version 136
Linux monitoring template 321
Monitoring a Linux/Unix system with POM 213
NRPE monitoring template 322
Setting up SYSLOG formatted logs on a Linux system 162
UCD statistics monitoring template 323
list-ds 267
Livebox (Orange router)
Monitoring template 353
Logs
LOGMATCH section of the spreadsheet file 268
Logs tab Common usage 55
Logs tab Customization 162
NXLOG Configuration 162
Processing of log lines through POM 269
RSYSLOG Configuration 162
Setting up SYSLOG formatted logs in Windows 162
Setting up SYSLOG formatted logs on Linux 162
SYSLOG facilities 61
SYSLOG severity levels 61

M
Maps
Adding a custom iconset 161
Display graphs in the Maps tab pop-ins 160
Geographical maps 51
Maps tab Common usage 41
Maps tab Customization 159
Modifying a map background 160
Modifying an existing map background 160
On-demand site maps in POM-Multisite 206
Setting up automaps 159
max_check_attempts
Role in alerting process 20
McAfee
Stonegate Monitoring template 379
Meta-indicator
in POM-Multisite 202
META section of the spreadsheet file 257, 258
Role in hypervision 199
Migration
POM platform migration procedure 139
Models
Usage in the spreadsheet file for POM-Multisite 202
MSSQL (Microsoft Database)
Monitoring template 465
MSSQLREPL
Monitoring template 469
Multiservice Templates
Overview 395
MUX (MUltipleXer)

579
 Shape in Maps tab 53
MySQL (database)
Monitoring template 470

N
NAS (Network Attached Storage)
QNAP Monitoring template 386
Synology Monitoring template 387
Negative lookahead See Regular Expressions
NetApp (Storage Area Network)
Monitoring template 383, 384
NetASQ (Security device)
Monitoring template 375
NetScaler (Citrix secure access gateway)
Monitoring template 376
Network
Activate SNMP on network devices 150
Monitoring template 440
nomon
"No Monitoring" tag 254
Nortel (network switch)
Default Monitoring template 354
Nortel 8600 series Monitoring template 364
Notifications
Customization 293
Disable in Event tray 28
Disable in Events tray 29
Enable in Events tray 29
Notification periods 108
Notifications periods definition in HOSTS section 255
Sender address 289
Setup 288
SMS notifications 290
Working hours settings 167
NRPE (Nagios Remote Plugin Extractor)
Host Monitoring template 322
Service Monitoring template 411
NTP (Network Time Protocol)
Define NTP server 127
NXLOG (Windows logging tool) See Logs

O
OFFICE365
Monitoring template 493
OK state See States
OpenFiler
Monitoring template 385
Operators
in Events tab search 31
in Logs tab search 60
Oracle (Database)
Monitoring template 472
Orange

580
 NAME INDEX / GLOSSARY
Livebox Monitoring template 353

P
P2000 (HP system)
Monitoring template 319
Packages
Configure POM-HA to ignore certain RPM packages 194
POM RPM packages information 137
pomcfg 127
sudo 134
yum 136
Palo-Alto (firewall)
Monitoring template 377
Partition
Increase partition size 141
Password
Changing passwords in POM 234
Password encryption 234
PBX (Private Branch eXchange)
Shape in Maps tab 53
PCRE (Perl Compatible Regular Expressions)
PCRE expressions 270
PDA (Personal Digital Assistant)
Shape in Maps tab 54
PDF (Portable Document Format)
Export formats for reports 86
Periods See Time-periods
PIX (Private Internet eXchange)
Monitoring template 378
Shape in Maps tab 53
Plugins
check_interval 20
check_snmp_iface 50
Creation 512
Default plugins available in POM 517, 525
Help on plugins 509
max_check_attempts 20
Overview 509
Plugins directories 510, 511
retry_interval 20
Polycom
Polycom HDX desktop device monitoring template 325
Polycom server monitoring template 324
POM
Monitoring template 326
POM web interface
Configuration 89
Creation of check commands 531
First connection 130
POM-Base
Monitoring template 327
pomcfg
POM server initial configuration 127
role in SMTP authentication 232

581
POM-Discovery
Monitoring template 494
pomgen (POM config GENeration tool)
Automatic execution 273
Execution from a command-line session 274
Execution from the WUI 273
POM-HA (High Availability)
Monitoring template 328
pompwd
Password encryption tool 234
POP (Post Office Protocol)
Monitoring template 445
POPS (Post Office Protocol - Secured)
Monitoring template 446
POSIX (Portable Operating System Interface)
POSIX regular expressions in widgets 76
PostgreSQL (database)
Monitoring template 477
Printer
Monitoring template 329
Profiles
Configuration in POM WUI 90

Q
QNAP (Network Attached Storage)
Monitoring template 386

R
RADIUS (authentication server and protocol)
Monitoring template 449
Reboot
POM server 135
RegEx (Regular Expression) See Regular expressions
Regular expressions
in Widgets 76
PCRE expressions 270
Regular Expressions
Negative lookahead RegEx 476
Release
Display current release of POM 136
Reports
Customizing reports 166
Reports tab Common usage 83
Reports tab Customization 166
Working hours settings 167
Restore
POM platform restoration procedure 138
retry_interval
Role in alerting process 20
Riverbed (bandwidth optimization device)
Monitoring template 355
Robocopy
Monitoring template 495

582
 NAME INDEX / GLOSSARY
Root
logging in as Root on POM server 134
Rotate See Screen rollover
Route
Add a persistent route to POM server 151
Router
Default Monitoring template 356
Orange Livebox Monitoring template 353
RPM (Redhat Package Manager) See Packages
RRD (Round-Robin Database)
Loading interval 76
Role in working hours settings 167
RSA (Rivest-Shamir-Adleman cryptosystem)
Generating SSH encryption keys 285
RSYSLOG (Linux/Unix logging tool) See Logs
RT (Real Time)
Real-time index 57

S
Samba (protocol)
Involvement in SSO via Kerberos authentication 228
SMB directory Monitoring template 500
SMB share Monitoring template 499
SAN (Storage Area Network)
EMC Monitoring template 382
NetApp Monitoring template 383, 384
Satellite
in POM-Hypervision 200
Scangaule (sensor device)
Monitoring template 330
Scenarios See Web scenarios
Scheduled job
Monitoring template 497
Screen rollover
Configuration 170
Service Templates
Multiservice templates 395
Overview 393
SFTP (SSH FTP)
Monitoring template 450
Shutdown
Downtimes configuration in POM WUI 110
POM server 135
SIP (Session Initiation Protocol)
Shape in Maps tab 53
Sizing
Increase partition size 141
POM server requirements 120
SLA (Service Level Agreement)
Availability widget 76, 77
Smart Discovery See Discovery
Smart Inventory See Inventory
SMB See Samba
SMS (Short Message Service)

583
 SMS notifications 290
SMTP (Simple Mail Transfer Protocol)
Monitoring template 451
SMTP authentication 232
SMTPTLS (Simple Mail Transfer Protocol over TLS)
Monitoring template 452
SNMP (Simple Network Management Protocol)
Activation on Linux/Unix 149
Activation on network devices 150
Activation on Windows 147
Monitoring template 453
Overview 147
POM server installation 120
Role in weathermaps 50
SNMP 5.3 Monitoring template 358
SNMP 5.5 Monitoring template 359
SNMP Default Monitoring template 357
SNMP interrogation in Discovery tab 38
SOFT state See States
Split brain
Resolution in POM-HA 193
SSH (Secure SHell)
AIX-SSH monitoring template 316
Default Monitoring template 360
Generating SSH encryption keys 285
Monitoring a device via SSH 284
Monitoring template 455
SFTP (FTP via SSH) monitoring template 450
SSL (Secure Sockets Layer)
LDAP-SSL support in POM 225
SSL certificate
Create a certificate authority 222
Creation 222
Generation 144
Install a certificate in AD 225
POM WUI first connection 130
Renew POM platform's certificate 144
Sign & accept an SSL certificate 224
SSO (Single Sign-On)
SSO via Kerberos authentication 227
STARTTLS
LDAP-STARTTLS support in POM 225
States
Color code in Events tray 22
Devices states in Inventory tab 37
OK, WARNING, CRITICAL, UNKNOWN, SOFT, HARD 20
State summary widget 79, 80, 81
Symbology in Maps tab 42
Stonegate (McAfee firewall)
Monitoring template 379
STP (Spanning Tree Protocol)
Shape in Maps tab 53
STPL See Service Templates
sudo
Assume superuser privileges 134

584
 NAME INDEX / GLOSSARY
Survivor
in a split-brain issue 193
Switch
3COM switch Monitoring template 361
Cisco switch monitoring template 362
H3C switch monitoring template 346
HP switch Monitoring template 363
Juniper EX Monitoring template 351
Juniper SA Monitoring template 352
Nortel 8600 Monitoring template 364
Nortel default Monitoring template 354
Switchover
Preventing switchover in POM-HA 193
Server role swap in POM-HA 191
Synology (Network Attached Storage)
Monitoring template 387
SYSLOG See Logs

T
TCP (Transmission Control Protocol)
Monitoring template 456
Technical support
Contact 5
Open a support channel 102
Time-periods
Configuration in POM WUI 108
Working hours settings 167
Timezone
Definition in HOSTS section 255
TLS (Transport Layer Security)
LDAP-TLS support in POM 225

U
Ucopia (wi-fi access portal)
Monitoring template 365
UNKNOWN state See States
Update
POM platform (yum update) 136
Upgrade
POM platform (yum update) 136
UPS (Uninterrupted Power Supply)
Monitoring template 331
Monitoring template (HP brand) 332
Users
Configuration in POM WUI 95
UTM (United Threat Management)
Monitoring template 380

V
Variables
Simple- and loop-variables in Models 203
Version

585
 Display current version of POM 136
Victim
in a split-brain issue 193
View levels
Description 30
Italics in Events tray 22
VIP (Virtual IP address)
Role in POM-HA 191
VM (Virtual Machine)
Migrating POM from a VM to physical machine 139
Monitoring a VM in a VMWare/ESX context 216
Monitoring a VM in an AWS context 219
VMWare (virtualization software)
Monitoring a VMWare infrastucture with POM 214
VoIP (Voice over Internet Protocol)
Shape in Maps tab) 53
VPN (Virtual Private Network)
Shape in Maps tab 53
VTL (Virtual Tape Library)
Monitoring template 388

W
WARNING state See States
Web
Monitoring template 458
Web interface See POM web interface
Web scenarios
Configuration 297
Execution via POM-Agent 178
Monitoring template 496
Wildcards
in Events tab search 31
in Logs tab search 60
Windows
Activate SNMP 147
Monitoring a Windows system with POM 212
Monitoring template to launch Windows executables 503
Restart a Windows service with an event-handler 282
Setting up SYSLOG formatted logs on a Windows system 162
Windows 2000 monitoring template 333
Windows Agent monitoring template 335
Windows default monitoring template 334
Windows monitoring template (via WMI) 336
WMI setup 238
WINEXE
Monitoring template 503
WMI (Windows Management Instrumentation)
Windows monitoring template (via WMI) 336
WMI setup 238
Working hours
Setting up working hours 167
WSRP (Web Services for Remote Portlets)
WSRPE Monitoring template 461
WUI (Web User Interface) See POM web interface

586
 NAME INDEX / GLOSSARY
X
X509 (certificate)
X509 certificate validity monitoring template 504

Y
yum
POM server update 136

587
© Copyright POM MonitoringTM 2016