From MoilaD at dwa.gov.za Tue Apr 5 07:06:24 2011 From: MoilaD at dwa.gov.za (Moila December) Date: Tue, 5 Apr 2011 13:06:24 +0200 Subject: Problem starting Argus Message-ID: <83FD88ADF133424B9018C7D40EE8FADA09DABC55@dhqwex102.internal.dwaf.gov.za> Hi I have downloaded and added the argus package on Solaris 10 but I have problems on accessing it on the browser. I can see both of its daemons are running on the server. Any help will be welcome. Kind Regards Dix DISCLAIMER: This message and any attachments are confidential and intended solely for the addressee. If you have received this message in error, please notify the system manager/sender. Any unauthorized use, alteration or dissemination is prohibited. The Department of Water Affairs and Forestry further accepts no liability whatsoever for any loss, whether it be direct, indirect or consequential, arising from this e-mail, nor for any consequence of its use or storage. From jason at azze.org Tue Apr 5 12:20:29 2011 From: jason at azze.org (Jason Azze) Date: Tue, 5 Apr 2011 12:20:29 -0400 Subject: fping -- "failed to return data about" after Debian Upgrade Message-ID: Hi, arguslist, After upgrading from Debian "Lenny" to the latest testing distribution, argus shows all of my hosts as down. The logs show that both ping and fping failed to return data. For example: Apr 5 11:59:18 netmon01 Argus[8800]: PING failed - returned no data Apr 5 11:59:18 netmon01 Argus[8800]: fping failed to return data about 192.168.20.43* *However, fping and ping are both functional, as can be seen from this sanitized output: netmon01:/var/argus# fping host.mydomain.com host.mydomain.com is alive netmon01:/var/argus# echo $? 0 netmon01:/var/argus# ping host.mydomain.com PING host.mydomain.com (192.168.1.19) 56(84) bytes of data. 64 bytes from host.mydomain.com (192.168.1.19): icmp_req=1 ttl=128 time=0.281 ms 64 bytes from host.mydomain.com (192.168.1.19): icmp_req=2 ttl=128 time=0.160 ms ^C --- host.mydomain.com ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 999ms rtt min/avg/max/mdev = 0.160/0.220/0.281/0.062 ms netmon01:/var/argus# echo $? 0 I'm assuming I broke a dependency somewhere. Can anyone nudge me in the right direction Thanks, Jason From jaw+arguslist at tcp4me.com Tue Apr 5 12:59:15 2011 From: jaw+arguslist at tcp4me.com (jeff weisberg) Date: Tue, 5 Apr 2011 12:59:15 -0400 Subject: fping -- "failed to return data about" after Debian Upgrade In-Reply-To: References: Message-ID: <4FB436C8-BA0D-444C-A6D0-9D58D4AEFC48@tcp4me.com> On 5 Apr 2011, at 12:20 , Jason Azze wrote: > After upgrading from Debian "Lenny" to the latest testing > distribution, > argus shows all of my hosts as down. > > The logs show that both ping and fping failed to return data. For > example: are these programs now installed in a different location? you will need to stop argus; configure --upgrade; make; make install and restart From happisnappy at yahoo.com Tue Apr 5 13:23:49 2011 From: happisnappy at yahoo.com (Ivan) Date: Tue, 5 Apr 2011 10:23:49 -0700 (PDT) Subject: Problem starting Argus In-Reply-To: <83FD88ADF133424B9018C7D40EE8FADA09DABC55@dhqwex102.internal.dwaf.gov.za> Message-ID: <910486.16676.qm@web161701.mail.bf1.yahoo.com> Make sure apache is running, and you have the appropriate cgi references set there. --- On Tue, 4/5/11, Moila December wrote: From: Moila December Subject: Problem starting Argus To: mailman at laertes.tcp4me.com, arguslist at tcp4me.com Date: Tuesday, April 5, 2011, 4:06 AM Hi I have downloaded and added the argus package on Solaris 10 but I have problems on accessing it on the browser. I can see both of its daemons are running on the server. Any help will be welcome. Kind Regards Dix DISCLAIMER: This message and any attachments are confidential and intended solely for the addressee. If you have received this message in error, please notify the system manager/sender.? Any unauthorized use, alteration or dissemination is prohibited.? The Department of Water Affairs and Forestry further accepts no liability whatsoever for any loss, whether it be direct, indirect or consequential, arising from this e-mail, nor for any consequence of its use or storage. _______________________________________________ http://argus.tcp4me.com/ Arguslist at tcp4me.com http://www.tcp4me.com/mailman/listinfo/arguslist From jason at azze.org Tue Apr 5 14:05:44 2011 From: jason at azze.org (Jason Azze) Date: Tue, 5 Apr 2011 14:05:44 -0400 Subject: fping -- "failed to return data about" after Debian Upgrade In-Reply-To: <4FB436C8-BA0D-444C-A6D0-9D58D4AEFC48@tcp4me.com> References: <4FB436C8-BA0D-444C-A6D0-9D58D4AEFC48@tcp4me.com> Message-ID: On Tue, Apr 5, 2011 at 12:59 PM, jeff weisberg wrote: > > On 5 Apr 2011, at 12:20 , Jason Azze wrote: > > After upgrading from Debian "Lenny" to the latest testing distribution, >> argus shows all of my hosts as down. >> >> The logs show that both ping and fping failed to return data. For example: >> > > > are these programs now installed in a different location? > > you will need to stop argus; > configure --upgrade; make; make install > and restart > > Thanks, Jeff. Those programs have not moved, but I recompiled anyway (with the --upgrade) and Argus is happy again. I'm embarrassed to say that I think I did this to myself a few years ago and just forgot the solution. I'm documenting it this time! From argus-02 at jeremykister.com Tue Apr 5 14:06:14 2011 From: argus-02 at jeremykister.com (Jeremy Kister) Date: Tue, 05 Apr 2011 14:06:14 -0400 Subject: feature request Message-ID: <4D9B5A16.1050206@jeremykister.com> it'd be nice to be able to monitor/alert based on multiple values of one command. something like: # user_processes.pl jkister:23 jaw:26 ed:124 # Service Prog { command: user_processes.pl multiple_value_separator: \n } argus would then create a graph with three keys (jkister,jaw,ed) and 3 corresponding datapoints (23,3,124) this is very advantageous if we are telneting somewhere and can grab values all at once instead of making $x telnet attempts. i would propose that if any particular key is seen and missing from a subsequent poll, then that value would be assumed to be zero. -- Jeremy Kister http://jeremy.kister.net./ From george at three6five.com Tue Apr 5 14:32:23 2011 From: george at three6five.com (George Stylianou) Date: Tue, 5 Apr 2011 20:32:23 +0200 Subject: argus - config file web frontend? Message-ID: hi, has anyone managed to develop a front end to edit the config file and are happy to share it. more specifically, im looking for a simple page for adding/removing/changing devices within different groups and referenced files. thanks -- * George Stylianou cisco ccie# 10663 three6five network solutions ** * From richard at three6five.com Tue Apr 5 16:47:36 2011 From: richard at three6five.com (Richard van Katwijk) Date: Tue, 5 Apr 2011 22:47:36 +0200 Subject: argus - config file web frontend? In-Reply-To: References: Message-ID: :) Richard van Katwijk email: richard at three6five.com mobile: +27 83 400 7137 *three**6**five* network solutions On 5 April 2011 20:32, George Stylianou wrote: > hi, > > has anyone managed to develop a front end to edit the config file and are > happy to share it. > > more specifically, im looking for a simple page for > adding/removing/changing > devices within different groups and referenced files. > > thanks > > -- > * > George Stylianou > cisco ccie# 10663 > three6five network solutions > ** > * > _______________________________________________ > http://argus.tcp4me.com/ > Arguslist at tcp4me.com > http://www.tcp4me.com/mailman/listinfo/arguslist > From happisnappy at yahoo.com Thu Apr 7 16:03:57 2011 From: happisnappy at yahoo.com (Ivan) Date: Thu, 7 Apr 2011 13:03:57 -0700 (PDT) Subject: expect: directive fails Message-ID: <315639.61286.qm@web161701.mail.bf1.yahoo.com> Hi, I have a command-alarm? that greps a logfile for the word 'error'. my settings in the alarm says Service prog?? { ... ... command:? grep 'error' somfile.log expect: retries: 3 ... ?} Which should mean that if no text is returned, then the alarm should stay green right ?? Is this the proper setting for that behavior ? THanks Ivan G. From perez_brun at hotmail.com Thu Apr 7 16:20:48 2011 From: perez_brun at hotmail.com (Gonzalo Perez Brun) Date: Thu, 7 Apr 2011 17:20:48 -0300 Subject: feature request In-Reply-To: <4D9B5A16.1050206@jeremykister.com> References: <4D9B5A16.1050206@jeremykister.com> Message-ID: Yes, It 'd very nice. This it's can improof snmp test, madeing our customs OIDs. test just ones for many values.... Gonzalo. > Date: Tue, 5 Apr 2011 14:06:14 -0400 > From: argus-02 at jeremykister.com > To: arguslist at tcp4me.com > Subject: feature request > > it'd be nice to be able to monitor/alert based on multiple values of one > command. > > something like: > # user_processes.pl > jkister:23 > jaw:26 > ed:124 > # > > Service Prog { > command: user_processes.pl > multiple_value_separator: \n > } > > argus would then create a graph with three keys (jkister,jaw,ed) and 3 > corresponding datapoints (23,3,124) > > this is very advantageous if we are telneting somewhere and can grab > values all at once instead of making $x telnet attempts. > > i would propose that if any particular key is seen and missing from a > subsequent poll, then that value would be assumed to be zero. > > -- > > Jeremy Kister > http://jeremy.kister.net./ > > > _______________________________________________ > http://argus.tcp4me.com/ > Arguslist at tcp4me.com > http://www.tcp4me.com/mailman/listinfo/arguslist From jason at azze.org Thu Apr 7 17:44:57 2011 From: jason at azze.org (Jason Azze) Date: Thu, 7 Apr 2011 17:44:57 -0400 Subject: expect: directive fails In-Reply-To: <315639.61286.qm@web161701.mail.bf1.yahoo.com> References: <315639.61286.qm@web161701.mail.bf1.yahoo.com> Message-ID: On Thu, Apr 7, 2011 at 4:03 PM, Ivan wrote: > Hi, > > I have a command-alarm that greps a logfile for the word 'error'. > > my settings in the alarm says > > Service prog { > ... > ... > command: grep 'error' somfile.log > expect: > retries: 3 > > ... > } > > Which should mean that if no text is returned, then the alarm should > stay green right ?? > > Is this the proper setting for that behavior ? > Ivan, The docs say: expect a regular expression that needs to match the output from the command. if not specified, the exit code from the program will be used to determine success or failure. grep returns nothing to stdout if it doesn't find your string, but it returns 1 to stderr. So maybe try 1 for the expect: value. Jason From richard at three6five.com Mon Apr 11 06:43:05 2011 From: richard at three6five.com (Richard van Katwijk) Date: Mon, 11 Apr 2011 12:43:05 +0200 Subject: Monitoring RADIUS Message-ID: Hi, Does anyone have any advice on getting Argus to monitor FreeRADIUS? The docs just say to "set server_status=1 in the config", which i have done (in fact it was like this by default), and examples only show the Argus config as needing to be: --- Service UDP/RADIUS --- with no additional parameters. However, Argus continues to show radius as down. I can confirm that the radius status server is working: --- root at server / # echo "Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 1" | radclient localhost:18120 status adminsecret Received response ID 180, code 2, length = 140 FreeRADIUS-Total-Access-Requests = 0 FreeRADIUS-Total-Access-Accepts = 6 FreeRADIUS-Total-Access-Rejects = 0 FreeRADIUS-Total-Access-Challenges = 0 FreeRADIUS-Total-Auth-Responses = 6 FreeRADIUS-Total-Auth-Duplicate-Requests = 0 FreeRADIUS-Total-Auth-Malformed-Requests = 0 FreeRADIUS-Total-Auth-Invalid-Requests = 0 FreeRADIUS-Total-Auth-Dropped-Requests = 0 FreeRADIUS-Total-Auth-Unknown-Types = 0 --- Also the Argus instance and the radius server are on the same machine, so that should eliminate any firewall issues. Thanks in advance, Richard