I am working on extending net-snmp to write a subagent with agentX.
Now I use the example codes from net-snmp, and compiled to a subagent.
Below is the codes I get from:
http://www.net-snmp.org/wiki/index.php/TUT:Writing_a_MIB_Module
And I succeed to perform snmpget and snmpset to my subagent using agentX.
My questions:
I think the subagent and master agent are listening on a port, how can I find which port they are listening? I have been told the default port is 705, but when I use "netstat", I can't find any process listening on port 705.
How to change the listening port of subagent? Do I need to change in the example code to set the port?
By default, actually, on "anything but windows" the default is to listen to a unix socket located at /var/agentx/master.
You can change the listening address using the API suggested by the other poster, or even using the snmpd.conf configuration file:
agentXSocket tcp:localhost:705
When you create a subagent, it'll read your FOO.conf file where FOO is what you passed to init_snmp("FOO");
The problem is solved:
http://www.net-snmp.org/wiki/index.php/FAQ%3aAgent_12
By adding
netsnmp_ds_set_string(NETSNMP_DS_APPLICATION_ID,
NETSNMP_DS_AGENT_X_SOCKET, "tcp:localhost:705");
in the example codes before the 'init_agent' call.
Thanks!
You need to change the snmpd.conf file
master agentx
AgentXSocket tcp:X.X.X.X:705
And in your agentx code write down these lines before init_agent()
netsnmp_ds_set_string(NETSNMP_DS_APPLICATION_ID, NETSNMP_DS_AGENT_X_SOCKET, "tcp:X.X.X.X:705");
Related
I am trying to use InstallAssist (apicup) on ubuntu box to prepare the configuration file (apiconnect-up.yml) as part of creating an OVA file for management(mgmt) subsys.
I am having an issue with defining interfaces for the host (myhost.domain):
When I try apicup hosts list mgmt command, I get the following:
apicmgt01.lab
* host is missing traffic interface
* host is missing public interface
Device IP/Mask Gateway
eth0 192.168.10.166/255.255.255.0 192.168.10.1
The command I used to create the interfaces, based on IBM KC, is this:
picup iface create mgmt apicmgt01.lab eth0 192.168.10.166/255.255.255.0 192.168.10.1
I tried to google how exactly I need to set the those "traffic" and "public" interfaces with no success.
Note:
IBM knowledge reference mentions public_iface_id right after the command "apicup iface create mgmt ..." but it's not mentioned anywhere in the command itself nor anywhere else in the entire page!
With the scarce resource about the topic, I am struggling to get this part done. Any help will be very much appreciated.
I was just struggling with that, too.
If you run apicup subsys get mgmt you can see close to the output's beginning, there are values for public-iface and traffic-iface.
Make sure it's set to the correct value by running apicup subsys set mgmt public-iface=<iface_name> and apicup subsys set mgmt traffic-iface=<iface_name>.
For the record: I did the following instruction (found them on a website)
I enabled snort sensors (snort_syslog and snortunified).
In alienvault: ~# nano /etc/snort/rules/local.rules
I did the following rule
alert icmp 192.168.1.130 192.168.1.120 -> any any
(msg:"blablabla"; sid:1000004)
Save and exit
After that I did:
alienvault:~# perl /usr/share/ossim/scripts/create_sidmap.pl /etc/snort/rules/
alienvault:~# /etc/init.d/ossim-server restart
For some reasons nothing happens in AlienVault interface in SIEM when I ping 192.168.1.120 from 192.168.1.130.
Any ideas??
I don't know wether it is still relevant but in my opinion there is a mistake in your Snort rule:
The rule in Snort cannot consist of two IP-adresses in the first part of the rule header.
At the point where you declared the IP '192.168.1.120' you have to declare a port.
The solution you need looks like the following (if i get you right):
alert icmp 192.168.120 any -> 192.168.1.130 any (msg:"blablabla"; sid:1000004)
And also the other way:
alert icmp 192.168.1.130 any -> 192.168.1.120 any (msg:"blablabla"; sid:1000005)
For writing rules in the correct syntax take a look at the manual of snort: http://manual.snort.org/node29.html#SECTION00423000000000000000
I hope that this can help you.
/Chris
when I am starting WebLogic admin server with local host:port no/console I am getting the following error:
Console/Management requests or requests with <require-admin-traffic> specified to 'true' can only be made through an administration channel.
How to overcome this error?
You can manualy change your config.xml, find the <require-admin-traffic> element and change it's value to false.
This is because the option administration-port-enabled is set to true in config.xml
(available under ../MW_HOME/user_projects/domains/config)
<administration-port-enabled>false</administration-port-enabled>
Perfect. Or you can use the administration port you entered when configuring the server to use the admin server, which will be different from the default one. The default one 7001, the default for the admin server is 9002 and you can only access it via https.
Not downvoting the answer as it is accepted and maybe useful for users which can't recover their admin port, but this is obviously not best practise.
Once you open config.xml under the folder ../config,
change this row from 'true' to 'false':
true
It should then be ok.
Skender Kollcaku
You are most probably trying to use the administration console on the application port. You need the administration port.
Go to your domain directories (ex. /opt/weblogic/domains/mydomain)
Go into sub-directory config
Run grep "administration-port" config.xml
This will give you a port number, like: <administration-port>12345</administration-port>
Use that port to connect to /console/.
ex: https://YOUR-SERVER:12345/console/
This is much preferable to using the application port for the console, like #Peter pointed out.
I am trying to use the ElasticSearch module (https://github.com/cleverage/play2-elasticsearch) with my Play 2 application. In the readme, it says I should add the following to my application.conf:
## define local mode or not
elasticsearch.local=false
## list clients
elasticsearch.client="192.168.0.46:9300"
# ex : elasticsearch.client="192.168.0.46:9300,192.168.0.47:9300"
What is local mode? What is my client URL supposed to be? I can not find any information on what these options should be. With my current options, I get a NoNodeAvailableException.
Some people suggest:
elasticsearch.local=false elasticsearch.client=mynode1:9200,mynode2:9200
But what is mynode1 and mynode2? It doesn't work with my application. Can anyone help? Thanks
What is local mode?
If elaticsearch.local=true, a elasticsearch node is started in your application ( embedded )
What is my client URL supposed to be?
It's your host:port, but the port is the tcp transport define on your elasticsearch node.
By default, the port start on 9300 ( http://www.elasticsearch.org/guide/reference/modules/transport.html )
I can not find any information on what these options should be. With my current options, I get a NoNodeAvailableException.
I think you have a problem on port number.
mynode1 and mynode2 are elasticsearch nodes.
Do you have any Elasticsearch node running?
On which IP address?
Can you try to connect on these nodes using curl, for example:
curl localhost:9200
Or
curl YOURIPADDRESS:9200
If one of this is successful, then configure your play app using YOURIPADDRESS:9300 as Nicolas Boire wrote before.
If no one is successful, check that you have installed Elasticsearch and launched it before.
HTH
I've just had the same problem, be sure that you respect the version requirements written in the table : https://github.com/cleverage/play2-elasticsearch
At the beginning, I set up the latest version of the plugin 0.8.1 but my ElasticSearch version was 1.0.2.
By starting ES with version 0.9.13, it worked.
I'm running a classic style application in Sinatra and I would like to obtain a URL which the application is bound to. For example, if I start it in a development environment I would expect to get: http://localhost:4567/ while in production environment this would point to: http://example.com/
I know it is possible to retrieve it from the request. However, I need it in configuration block. How to do it?
Use the bind host and bind port method:
set :bind, 'example.com'
set :port, 80
should work.
taken from here. at the beginning of the page you can find how to implement them in you app (just copy it in front of your gets)