BMC ProactiveNet
Administrator Guide
Supporting
BMC ProactiveNet version 8.6.01
Contacting BMC Software
You can access the BMC Software website at http://www.bmc.com. From this website, you can obtain information about the company, its products, corporate offices, special events, and career opportunities.
United States and Canada
Address BMC SOFTWARE INC 2101 CITYWEST BLVD HOUSTON TX 77042-2827 USA Telephone 1 713 918 8800 or 1 800 841 2031 Fax 1 713 918 8000
Outside United States and Canada
Telephone +01 713 918 8800 Fax +01 713 918 8000
© Copyright 2010 - 2011 BMC Software, Inc.
BMC, BMC Software, and the BMC Software logo are the exclusive properties of BMC Software, Inc., are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other BMC trademarks, service marks, and logos may be registered or pending registration in the U.S. or in other countries. All other trademarks or registered trademarks are the property of their respective owners.
BladeLogic and the BladeLogic logo are the exclusive properties of BladeLogic, Inc. The BladeLogic trademark is registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other BladeLogic trademarks, service marks, and logos may be registered or pending registration in the U.S. or in other countries. All other trademarks or registered trademarks are the property of their respective owners.
AIX, Current, IBM, Informix, Notes, and Tivoli are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both.
Linux is the registered trademark of Linus Torvalds.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
Crystal Reports is a trademark or registered trademark of SAP AG in Germany and in several other countries. UNIX is the registered trademark of The Open Group in the US and other countries.
The information included in this documentation is the proprietary and confidential information of BMC Software, Inc., its affiliates, or licensors. Your use of this information is subject to the terms and conditions of the applicable End User License agreement for the product and to the proprietary and restricted rights notices included in the product documentation.
Restricted rights legend
U.S. Government Restricted Rights to Computer Software. UNPUBLISHED—RIGHTS RESERVED UNDER THE COPYRIGHT LAWS OF THE UNITED STATES. Use, duplication, or disclosure of any data
Customer support
Support website
You can obtain technical support from BMC 24 hours a day, 7 days a week at http://www.bmc.com/support. From this website, you can
■ read overviews about support services and programs that BMC offers ■ find the most current information about BMC products
■ search a database for problems similar to yours and possible solutions ■ order or download product documentation
■ download products and maintenance ■ report a problem or ask a question ■ subscribe to receive proactive e-mail alerts
■ find worldwide BMC support center locations and contact information, including e-mail addresses, fax numbers, and telephone numbers
Support by telephone or e-mail
In the United States and Canada, if you need technical support and do not have access to the web, call 800 537 1813 or send an e-mail message to [email protected]. (In the subject line, enter SupID:yourSupportContractID, such as SupID:12345). Outside the United States and Canada, contact your local support center for assistance.
Before contacting BMC
Have the following information available so that Customer Support can begin working on your issue immediately: ■ product information
― product name
― product version (release number)
― license number and password (trial or permanent) ■ operating system and environment information
― machine type
― operating system type, version, and service pack or other maintenance level such as PUT or PTF ― system hardware configuration
― serial numbers
― related software (database, application, and communication) including type, version, and service pack or maintenance level
■ sequence of events leading to the problem ■ commands and options that you used
■ messages received (and the time and date that you received them) ― product error messages
― messages from the operating system, such as file system full ― messages from related software
License key and password information
If you have questions about your license key or password, contact BMC as appropriate for your location:
■ (USA or Canada) Contact the Order Services Password Team at 1 800 841 2031, or send an e-mail message to
■ (Europe, the Middle East, and Africa) Fax your questions to EMEA Contracts Administration at +31 20 354 8702, or send
an e-mail message to [email protected].
Contents
Chapter 1 Getting started with the BMC ProactiveNet Administration Console 17
Accessing the BMC ProactiveNet Administration Console ...17
Launching the BMC ProactiveNet Administration Console on Windows computers ...18
Launching the BMC ProactiveNet Administration Console on Solaris computers ...20
Using the Search function in the BMC ProactiveNet Administration Console ...21
Configuring cell connection properties to the BMC ProactiveNet Server ...25
Specifying ports in cell connection properties ...28
Setting BMC ProactiveNet Server connection properties ...29
Logging out of and into the BMC ProactiveNet Server from the BMC ProactiveNet Administration Console ...30
Changing your BMC ProactiveNet Administration Console password ...31
BMC ProactiveNet profiles ...31
Accessing online Help ...32
Chapter 2 Managing BMC ProactiveNet Agents 33 Adding Agents ...33
Editing an agent ...35
About Remote Agents ...35
Local Agents vs. Remote Agents ...36
Adding remote agents ...36
Editing remote agents ...39
Connecting, disconnecting, and restarting agents ...40
Deleting a remote agent ...41
How do Tunnel Agents work? ...42
Installing tunnel agents ...44
Tunnel proxy setup ...48
Adding a proxy agent to the BMC ProactiveNet Server ...49
Adding the agent to connect through the proxy agent ...50
Adding a tunnel agent to the BMC ProactiveNet Server ...51
Converting an HTTP/HTTPS Agent to a TCP Agent ...51
Converting an HTTP/Secure or HTTP Agent to HTTPS Agent ...52
Convert TCP Agent to HTTP/HTTPS Agent ...53
Available properties ...55
Properties used by Tunnel Agent ...56
SSL TCP/IP Agent ...57
Connecting to Agents using SSL ...57
Converting a TCP Agent to SSL-TCP/IP Agent ...57
Configuring a SSL TCP/IP Agent ...58
Creating new keystore for the agent controller ...59
Creating new keystore for the agent ...60
Updating the Agent keystore with new self-signed certificate ...61
Updating the Agent keystore with an existing (CA signed) certificate ...62
Updating the Agent Controller keystore with a new self-signed certificate ...63
Updating the Agent Controller keystore with an existing (CA signed) certificate ...64
Examples for Configuring SSL TCP/IP Agents ...65
TCP Proxy Agent ...70
Adding a TCP Proxy Agent ...71
Limitations ...73
Chapter 3 Managing devices 75 Summary of devices ...75
Using device aliases ...76
Avoiding duplicate devices ...77
Creating a device ...78
Selecting monitors for the device ...81
Editing devices ...82
Duplicating devices ...83
Deleting devices ...84
Creating a monitor template ...85
Adding a device from a template ...86
Applying templates to a single device ...89
Warning message ...91
Applying templates to multiple devices ...91
Editing an existing template ...92
Deleting a Template ...94
Changing device associations ...94
Limitations ...95
Domain name ...95
Adding a domain name ...96
Editing a domain name ...96
Port name ...97
Adding a port name ...97
Editing a port name ...98
Delete Port name ...98
Choosing monitors for the device ...99
Creating a group ...100
Group checklist ...101
Working with Dynamic Groups or Rule-based Groups ...101
Applying rules to Dynamic Groups ...102
Defining Group display ...103
Group made by existing groups ...103
Group made by specifying rules ...104
Adding Child Groups ...105
Editing Groups ...107
Deleting Groups ...107
Chapter 4 Integrating with the BMC Atrium CMDB 109 Benefits of BMC Atrium CMDB integration ...109
User scenario ...110
Creating and editing publication filters in the BMC ProactiveNet Administration Console ...112
Understanding Atrium Filters ...115
Viewing publication history ...116
Viewing computer system CIs ...117
Chapter 5 Configuring and using Remote Actions/Diagnostics 119 What are Remote Actions/Diagnostics? ...119
Properties files ...120
Creating Remote Actions ...121
Defining the performance managed remote actions ...123
Defining the remote action rule and task ...126
Assigning roles to actions ...131
Providing Remote Actions credentials ...131
Working with credential records for event management rules option ...132
Working with credential records for events ...133
Triggering Remote Actions ...138
Defining the remote action policy ...138
Executing remote actions ...141
Adding the AlarmPoint integration ...142
Executing remote actions ...143
Macros for Remote Action ...144
Troubleshooting remote actions ...147
Remote actions\diagnostics exit codes ...148
Chapter 6 Setting up diagnostic commands 151 Diagnostics wizard ...151
Script ...152
Register a user-defined Script command ...152
Editing script commands ...159
Deleting script commands ...159
Creating a detailed diagnostic script for Windows ...159
Log file ...160
Registering a user-defined log file command ...161
Editing a log file command ...165
Deleting a log file command ...166
Preconfigured commands ...166
User-defined commands ...166
Configuration of poll driven detailed diagnostics ...167
Chapter 7 Administering BMC ProactiveNet 171 SSL server certificate for Apache server ...171
Creating a Real SSL server certificate for the Apache Server ...171
Removing the pass-phrase at Apache startup time ...173
Changing the pass-phrase on the private key file ...173
Creating and using your own certificate authority (CA) ...173
Configuring the Apache web server to accept HTTPS connection only ...174
Removing the pass-phrase window displayed during Apache startup ...175
BMC ProactiveNet Security ...175
Securing port communication ...176
Security related FAQs ...177
Customizing the BMC ProactiveNet Operations Console ...183
Customizing event text ...183
Customizing the logo on the Operations Console ...185
Adding background images ...186
Changing the default number of breadcrumbs displayed in the operations console ...187
Improving performance when the navigation tree is loaded in the operations console ...188
Configuring the operations console to automatically switch views ...189
Scheduling downtime ...190
Adding a downtime schedule ...192
Editing or deleting a downtime schedule ...195
Special notes ...196
Changing the default BMC ProactiveNet Agent TCP control port ...196
Determining which TCP control ports are being used ...198
Device application monitors and TCP control ports ...200
Admin tunneling through HTTP ...200
Firewalls and BMC ProactiveNet interfaces ...201
Dealing with TCP/IP port restrictions ...201
Dealing with NAT ...202
Activating the APACHE proxy server ...203
Admin tunnel limitations ...204
Fine tuning BMC ProactiveNet system components ...204
Important information for all configuration files ...205
BMC ProactiveNet Server - Solaris edition ...205
BMC ProactiveNet Server – Windows edition ...206
BMC ProactiveNet Agent – Windows edition ...207
Chapter 8 Managing users 209 Overview ...209
Default users, user groups and roles ...210
Users ...210
Adding or editing users ...211
Associating user(s) to user groups ...213
Deleting users ...213
User Groups ...214
Adding or editing user groups ...214
Deleting user groups ...215
Roles and Permissions ...216
Defining or editing roles and permissions ...216
Deleting roles and permissions ...217
Configuring the system for external authentication ...218
Chapter 9 Deploying multiple ProactiveNet Servers 223 Multiple ProactiveNet Server deployment overview ...223
Configuring an originating ProactiveNet Server ...224
Configuring a central ProactiveNet Server ...227
System requirements ...230
How and where do I begin? ...230
Backward compatibility ...231
Web transaction capture screen field descriptions ...232
Menu bar options ...232
Buttons ...234
Planning a Web Transaction ...236
Creating a web transaction ...238
Need for the transaction file ...238
Launching the Web Transaction Capture tool ...239
Recording a new Web Transaction ...239
Creating a test monitor ...244
Playing a transaction file created with the Web Transaction Capture tool 245 Working with a previously recorded web transaction ...247
Recording another transaction in the same user session ...247
Authentication ...247
How to insert authentication information? ...248
Subtransactions ...249
Working with subtransactions ...250
Configuring a Web Transaction monitor ...251
Web transaction test utility ...254
Pop-up Windows ...255
System authentication pop-up Windows ...255
Browser pop-up Windows ...257
Exporting Web Transaction files ...257
Editing Web Transaction files ...258
Editing Web Transaction files created in BMC ProactiveNet 7.0 and later 258 Editing Web Transaction files created prior to BMC ProactiveNet 7.0 ...263
Content match for Web Transaction monitor ...263
Best practices to record content match ...264
International characters ...264
Extra line feed characters ...264
Web Transaction macro ...265
Types of Web Transaction macros ...266
Managing Web Transaction macros ...267
Usage scenarios ...269
Limitations of Web Transaction capture ...271
Displaying the Infrastructure Management node ...277
Event management policy types ...278
Out-of-the-box event management policies ...279
How event management policies work ...282
Event management policy workflow overview ...282
Event selectors ...283
Event selector groups ...284
Event selection criteria ...285
Timeframes ...285
Evaluation order of event policy types ...286
How dynamic enrichment event management policies work ...287
External enrichment data sources ...287
How to create a new local timeframe ...289
How to add a notification service (notification policies only) ...291
How to create and edit a dynamic enrichment source file ...292
Using the sample PATROL messaging text translation dynamic enrichment source file ...294
How to create an event selector and specify event selection criteria ...297
Alias formulas ...301
Working with Event Alias Formulas ...301
Devices with multiple IP addresses ...306
Creating new standard event management policies ...307
Creating a new standard blackout policy ...308
Creating a new component based enrichment policy ...313
Creating a new component based blackout policy ...318
Creating a new closure policy ...322
Creating a new correlation policy ...325
Creating a new enrichment policy ...329
Creating a new escalation policy ...334
Creating a new notification policy ...338
Creating a new propagation policy ...342
Creating a new recurrence policy ...344
Creating a new remote action policy ...347
Creating a new suppression policy ...347
Creating a new threshold policy ...350
Creating a new timeout policy ...354
Enabling and disabling out-of-the-box standard event management policies ... 356 Creating a new dynamic enrichment event management policy ...357
Enabling out-of-the-box dynamic enrichment event management policies ...369
Enabling a dynamic enrichment location policy ...373
Enabling a dynamic enrichment service contact policy ...377
Enabling a dynamic enrichment PATROL message text translation policy ...381
Importing dynamic enrichment source ...385
Verifying that the policy is running ...386
Editing event selection criteria ...387
Deleting an event selector ...388
Troubleshooting event management policies ...388
Chapter 12 Working with the dynamic data editor 393 Displaying the Infrastructure Management node ...393
Dynamic data definition using the Dynamic Data Editor ...394
Navigating the Dynamic Data Editor ...394
Filtering and sorting the Data List ...396
Filtering slots ...396
Sorting data fields ...397
Working with data instances ...399
Adding a new data instance ...399
Editing slots ...401
Exporting data ...402
Chapter 13 Creating and using user-defined policies 405 Understanding user-defined event policy types ...405
Understanding event processing rules (MRL) for policy types ...405
Format of event processing rules for policy types ...405
How a rule for a policy type is processed ...406
Sources of information about rules ...406
User-defined event policy type creation ...407
Creating user-defined policy types ...407
Defining the policy data class for a new policy type ...407
Defining presentation names for a new policy type ...409
Creating the event processing rule(s) for a new policy type ...410
Chapter 14 Working with BMC ProactiveNet Infrastructure Management 413 Default BMC ProactiveNet Infrastructure Management service model ...413
Roles and permissions ...415
Walkthrough ...415
Displaying the out-of-the-box real-time service model ...415
Sampling context-sensitive information ...417
Packaging support files ...419
Launching remote actions ...420
Common BMC ProactiveNet Infrastructure Management tasks ...422
Navigating the interface ...422
Displaying and understanding the Details and Administer tab data ...424
Details tab data ...424
Administer tab data ...427
Editing infrastructure relationships ...428
Creating logical components ...430
Deleting components ...430
Usage reporting ...431
Executing Remote Actions ...432
Reloading cell configuration ...432
Forcing event propagation ...434
Collecting metrics ...434
Executing other actions ...435
Audit log parameters ...435
Supported component or application types ...436
Sample logs ...437
Audit log properties in the ias.properties file ...437
Creating the support package ...438
Slots for specifying support files ...439
UNIX processing note ...440
Reviewing the audit log of the support package ...441
Background to BPPM Infrastructure Management ...442
How a product component registers and communicates with the IAC ... 442 Registering a remote cell with the Impact Administration Cell ...442
Recreating an Impact Administration Cell ...443
Unregistering with the IAC ...444
Remote actions ...444
Displaying remote cells in the Infrastructure Management tab after upgrading the BMC ProactiveNet Server ...447
Chapter 15 Using the BMC ProactiveNet Administration Console for service monitoring 449 BMC ProactiveNet Administration Console Services Editor tab ...449
Monitoring business services in BMC ProactiveNet ...449
Opening a Service Model View ...450
Viewing service component instances through the navigation pane ...451
Finding service component instances to view ...453
Searching for provider and consumer components ...455
Viewing a service component’s SLM agreements ...456
Viewing property and performance data about a cell ...457
The General subtab ...457
The Workload subtab ...458
The Components subtab ...459
Editing Service Model data in the BMC ProactiveNet Administration Console . 459 Managing Service Model components ...459
Managing Service Model component relationships ...464
Launching BMC Atrium Explorer from the BMC ProactiveNet Administration Console ...469
Using a customized SSL certificate to create a secure connection to the BMC Atrium CMDB ...469
Associate monitors to CIs through the BMC ProactiveNet Administration Console ...470
Associate monitors to CI in Service Model View ...471
Associating monitors to a CI and verifying that they are associated ...472
Associate a monitor to a CI when CI Alias is unknown to the BMC ProactiveNet Server ...473
Associating a monitor to a CI in the Monitor edit page ...474
How aliases are used depends on how the BMC ProactiveNet Servers are deployed ...474
Chapter 16 Managing cells 475 Production cells and test cells ...475
Cell configuration tasks ...476
Configuring mcell.conf parameters ...477
Creating cell-specific configuration files ...480
Configuring event slot propagation ...481
About mcell.dir, the cell directory file ...484
Configuring passive connections ...486
Configuring slots for time stamping ...487
Configuring encryption ...488
Configuring cell exception handling ...493
Reloading cell configuration ...493
Starting or stopping the cell ...494
Stopping or starting a cell on UNIX computers ...495
Starting or stopping a cell on Windows computers ...496
Creating and managing cell groups ...497
Monitoring client to cell interactions ...502
Configuring cell tracing ...503
Configuring mcell.trace ...504
Configuring a destination for cell trace output ...506
Sending trace output to another cell ...507
Event processing errors ...509
Automatic notification of trace configuration changes ...509
Interpreting cell execution failure codes ...510
Using the BMC ProactiveNet Administration Console to manage cells ...511
Connecting or disconnecting a cell ...511
Viewing cell information ...512
Chapter 17 Configuring StateBuilder and gateways 513 Understanding the StateBuilder and gateways ...513
StateBuilder configuration file ...514
statbld return codes ...515
Gateway configuration ...515
Exporting events ...521
Modifying a statbld.conf file to export events ...521
Modifying a gateway.export file to export events ...522
Configuring tracing for StateBuilder ...523
Troubleshooting the StateBuilder process ...523
Chapter 18 Setting up data views for external reports 525 External reports benefits ...525
Performance considerations ...525
Creating dataviews ...526
Populating dataviews ...527
Types of information available in dataviews ...527
Default dataviews ...527
Configuration information ...540
Performance (stats, raw) information ...541
Rate (rolled up, condensed) information ...542
Baseline information ...543
Event information ...543
All alarms and events information ...544
Command line option ...545
Sample data dictionary ...545
Create ASA database interface ...547
Installing the ASA ODBC driver ...547
Connect to ASA database through Crystal Reports ...551
Accessing the ASA database through Microsoft Excel ...551
Creating sample reports using Microsoft Excel ...552
Appendix A mcell.conf file parameters 557 Action result event parameters ...557
Cell configuration parameters ...558
Cell failover configuration parameters ...560
Client communication parameters ...562
Encryption parameters ...564
Event repository cleanup parameters ...565
Heartbeat parameters ...567
Internal cell monitor parameters ...569
KB parameters ...570
Propagation parameters ...570
Deprecated MessageBuffer propagation parameters ...573
Reporting client connection parameters ...574
Service model parameters ...575
State Builder parameters ...575
Getting started with the BMC
ProactiveNet Administration
Console
Accessing the BMC ProactiveNet
Administration Console
You can access BMC ProactiveNet Administrative functions in the following ways: ■ the BMC ProactiveNet Administration Console
■ the Command Line Interface (CLI); for details, see the BMC ProactiveNet Command Line Interface Reference Manual
These administrative functions allow you to modify and manage the BMC
ProactiveNet Server and the BMC ProactiveNet Agent network management areas, such as adding or deleting users, groups, monitored devices, applications, and services, or changing event notifications and thresholds. All operational procedures in this guide (unless explicitly mentioned) use the BMC ProactiveNet
Administration Console interface. For details about using the CLI commands, see the BMC ProactiveNet Command Line Interface Reference Manual.
Some administrative options are also available through the BMC ProactiveNet Operations Console. For details, see the BMC ProactiveNet User Guide.
Before you begin
Ensure that you have successfully installed the BMC ProactiveNet Administration Console on the computer that is hosting the BMC ProactiveNet Server. For
installation instructions, see the BMC ProactiveNet Getting Started Guide.
Connection protocols used to access the BMC ProactiveNet
Server
The BMC ProactiveNet Administration Console can connect to the BMC ProactiveNet Server using one of the following methods:
■ Direct: Use this connection protocol when BMC ProactiveNet components are installed on computers that reside on the same side of the firewall. All
functionality in the Administration tab (General Administration, Event
Management Policies, Dynamic Data Editor, and Infrastructure Management) and the Services Editor tab in the BMC ProactiveNet Administration Console is
accessible through this connection protocol.
■ HTTP Tunnel: Use this connection protocol when the BMC ProactiveNet Server and the BMC ProactiveNet Administration Console are installed on computers that reside on different sides of the firewall. Only the General Administration functionality in the Administration tab is accessible through this connection protocol. The Event Management Policies, Dynamic Data Editor, Infrastructure Management, and Services Editor tabs will be grayed out.
In an HTTPS environment, BMC ProactiveNet encrypts the information relay from the Web interface. The Administration Console uses Secured Socket Layer (SSL) connections and encryption to connect to the BMC ProactiveNet Server.
For more information on Secure Login, see the BMC ProactiveNet Troubleshooting Guide.
Launching the BMC ProactiveNet Administration Console on
Windows computers
Perform the following procedure to start the administration console on Windows computers.
To launch the BMC ProactiveNet Administration Console on Windows computers
1 On the computer where the BMC ProactiveNet Server is installed, go to Start =>
Programs => BMC ProactiveNet Server => BMC ProactiveNet Administration Console.
2 In the BMC ProactiveNet Administration Console Logon screen, specify the following information:
■ Name or IP Address of the BMC ProactiveNet Server that you want to connect
■ User name with access rights to the BMC ProactiveNet Server. The default is admin.
■ Password corresponding to the user name. The default is admin.
■ The type of connection to use to connect to the BMC ProactiveNet Server, either Direct or HTTP Tunnel.
For details about the connection types, see “Accessing the BMC ProactiveNet Administration Console ” on page 17.
3 Click OK.
The BMC ProactiveNet Administration Console is displayed as shown in the following figure.
Multiple Administration Consoles on Windows computers
You can have multiple BMC ProactiveNet Administration Consoles open on the same system. Any new installation of the BMC ProactiveNet Administration Console will be a fresh installation. If a previous version of the Administration Console already exists on a system and you try to install the Administration Console again, the following message is displayed:
“ProactiveNet Admin is already installed in the system. This installation will be a fresh installation and will not upgrade previous Admin.”
For troubleshooting information, see the BMC ProactiveNet Troubleshooting Guide.
Launching the BMC ProactiveNet Administration Console on
Solaris computers
Perform the following procedure to start the administration console on Solaris computers.
To launch the BMC ProactiveNet Administration Console on Solaris computers
1 On the Solaris computer where the BMC ProactiveNet Server is installed, from a command line, enter the following command:
■ pw admin
Note
For remote utilization of BMC ProactiveNet Administration Console, source the profile using the .tmcsh script located in the /usr/pw/pronto/bin directory before entering the pw admin command.
2 Specify the following information:
■ Name or IP Address of the BMC ProactiveNet Server that you want to connect to.
■ User name with access rights to the BMC ProactiveNet Server. The default is admin.
■ Password corresponding to the user name. The default is admin.
■ The type of connection to use to connect to the BMC ProactiveNet Server, either Direct or HTTP Tunnel.
For details about the connection types, see “Accessing the BMC ProactiveNet Administration Console ” on page 17.
3 Click OK.
■ The BMC ProactiveNet Administration Console is displayed as shown in the following figure.
Using the Search function in the BMC ProactiveNet
Administration Console
The Search function provides a method for finding BMC ProactiveNet resources and enables you to search for monitors by applying various filters. This is useful in cases where you want to change all monitors on an existing agent or change all monitors in a certain group. The monitors listed in the search result can be edited. Also, you can select multiple monitors in the search result and edit common control attributes among them.
You access the Search function from the Edit menu in the Administration =>
General Administration view. For details about how to perform a search, see “To use the search function in the BMC ProactiveNet Administration Console” on page 23.
The following filters can be applied to the search:
■ Search for Monitors using the Group filter: When the user selects the Group filter to search for monitors, the remaining search filters are disabled and the user is presented with a list of groups to select from. After the user selects a group and clicks the Search option, the search result displays the list of all monitors that belong to the selected group.
■ Search for Monitors using the Source Agent filter: When the user selects the Source Agent filter to search for monitors, the remaining search filters are disabled and the user is presented with a list of Agents associated with BMC ProactiveNet Server. After the user selects an Agent and clicks the Search option, the search result displays the list of all monitors that have the selected Agent as the Source Agent.
■ Search for Monitors using the Target Device filter: When the user selects the Target Device filter to search for monitors, the remaining search filters are disabled and the user is presented with a list of devices associated with BMC ProactiveNet Server. After the user selects a device and clicks the Search option, the search result displays the list of monitors on the selected device.
■ Search for Monitors using the Monitor Type filter: When the user selects the Monitor Type filter to search for monitors, the remaining filters are disabled and the user is presented with a list of Monitor types for the available monitors. Monitor type option 'ALL' is also allowed.
Note
Previously, the list of Managed object types was presented to the user. Now, the list of Monitor Types is displayed. Managed object types like 'Device' are eliminated from the list now.
When the user selects a Monitor type, the user can refine the search criteria using Attribute Name-value conditions. The Attribute Name-value conditions has the following:
—List of configuration and control attributes for the selected Monitor type —List of operators (Contains, Does not contain, Starts with, Equals, Does not
Equal, Less than, Greater than) —Field to specify attribute value
The user can select an attribute from the list, specify the attribute value, and select the operator to be applied to the selected attribute and its value. For example, if a user selects an attribute 'Statistics Poll Interval', specifies the attribute value as '20 min' and selects the operator as 'Equals', it implies that the search result should display those monitors whose attribute 'Statistics Poll Interval' equals '20 min'. The user can specify multiple Attribute Name-value conditions, by using the 'MORE' option.
If there are multiple Attribute Name-value conditions, users can also indicate whether all the attribute Name-value conditions should be matched or any one of the specified attribute Name-value conditions can be matched.
Note
When Monitor type option 'ALL' is selected, only the control attributes
(PollRate, PollTimeout, DataCollect) and Source Agent attributes are allowed to be used.
The search results show a list of all monitors fulfilling the search criteria. When the search result is displayed, the user can do one of the following:
■ Select one of the monitors and edit/delete the selected monitor ■ Select multiple or all monitors and edit common control attributes ■ Select multiple or all monitors and delete them
To use the search function in the BMC ProactiveNet Administration Console
1 From the menu bar in the BMC ProactiveNet Administration Console, choose
Edit => Search.
2 In the Search for Monitors window, select the required filter option (select the radio button on left), and its associated value from the list.
■ If you select Monitor Type, you can further refine your search by using the Attribute, Operator, and Attribute Value fields.
Figure 1 on page 24 shows the Search for Monitors window with the Monitor Type search criteria selected.
Figure 1: Search for Monitors with Monitor Type refining
3 Click OK.
4 The results of the search are displayed in the Search Results window as shown in
Figure 2 on page 25.
Figure 2: Example of Search Results
5 In the Search Results window, perform the following actions:
■ To edit a monitor, select the required monitor from the list and click Edit. ■ To edit common control attributes of all monitors retrieved by the Search
function, click Edit All.
■ To delete a monitor, select the required monitor from the list and click Delete. ■ Click Cancel to close the Search Results window.
Configuring cell connection properties to the
BMC ProactiveNet Server
The first Impact Manager (cell) that you install is connected automatically to the BMC ProactiveNet Server. If you create additional cells, the connection between BMC ProactiveNet Server and each additional cell must be configured.
To configure cell connection properties to the server and Impact Manager (cell)
1 From the menu bar, choose Edit => Configure => Administration Settings.
2 In the Configure Administration Settings dialog box, click the Impact Managers tab.
3 Select a cell or cell group.
4 If necessary, click Advanced to display the Cell Properties section of the dialog box.
Note
If you select a cell group, changes are applied to all the cells contained in the cell group. If you select a single cell, changes are applied only to the individual cell.
5 Use Table 1 on page 26 to set cell connection properties as required.
Table 1: Cell connection properties
Property Description
Name displays the name of the cell whose properties you are changing Host displays the name of the host computer where the cell is installed Port displays the port number the cell uses to connect to the host computer
Timeout specifies the length of time the console waits to receive data from the cell; default is 30 seconds
BMC ProactiveNet saves any negative Timeout values that you type as positive values. Refresh Freq sets the time interval between polls of the cell; default is 60 seconds
BMC ProactiveNet saves any negative Refresh Freq values that you type as positive values. Attempts sets the number of times the console attempts to connect to a cell; default is 10
BMC ProactiveNet saves any negative Attempts values that you type as positive values. Connect Freq time interval between connection attempts; default is 5 seconds
BMC ProactiveNet saves any negative Connect Freq values that you type as positive values. Encrypted Mode enables and disables encryption of data between the console and the cell; default is
enabled (selected)
Auto Connect enables and disables automatic connection to the cell at logon; default is disabled (cleared) Auto Switch enables and disables automatic and continuous switching of the connection from the
backup cell to the primary cell after failover, using the value set in Connect Freq as the interval; default is disabled
Property Description
Use Port Range enables and disables using a specified range of local ports (on the console) for establishing a connection between the console and a cell.
Designating a port range is useful if the console must communicate to a cell through a firewall with only specific ports available for communication. The console scans through the specified port range until a port is connected to the cell or the connection fails because the port range is exhausted.
■ For using port range, once you select the Use Port Range check box, BMC
ProactiveNet automatically changes the Min Port No. and Max Port No. values to 1. ■ You must have at least four open ports within the port range, including the Min Port
No. and the Max Port No.
Min Port No. specifies the lower limit of the port range Max Port No. specifies the upper limit of the port range
Auto Bind enables and disables the automatic connection attempt of the console to the first network card it encounters. Clear this option to bind to a specific IP address.
If only one network card exists, ensure that Auto Bind is selected. See Specifying ports in cell connection properties on page 28 for additional information.
IP Address specifies the IP address assigned to the local network card to which the console connects; available only if Auto Bind is cleared
To configure cell connection properties in the jserver
This feature enables you to configure the cell connection properties directly in the jserver. You need to log in as an admin user to perform this operation. To configure the server cell settings, follow these steps:
1 From the menu bar, choose Edit => Configure => Server Impact Manager
Properties.
■ Or, from the Event Management Policies tab, right-click on the cell and choose
Edit => Server Impact Manager Properties.
■ Or, from the Dynamic Data Editor tab, right-click on the cell and choose Edit
=> Server Impact Manager Properties.
2 In the Edit Server Cell Settings dialog box, select a cell to edit.
3 Use Table 1 on page 26 to set cell connection properties as required.
Note
You can configure cell connection properties only on individual cells, and not on cell groups.
4 Click OK to save changes and close the dialog box.
To apply IP address, encrypted mode, and maximum and minumum port cell
connection properties to connections to the jserver
By default, when you use the Administration Console to configure connections to a remote cell, those changes are not applied to connections opened by the jserver to the remote cell. To extend the connection properties to the connections opened by the jserver, follow these steps:
1 In a text editor, open the pw/admin/etc/ix.properties file.
2 Set pronet.admin.applyCellConnectionPropertiesInJserver=true.
3 Save and close the file.
4 Restart the Administration Console.
Specifying ports in cell connection properties
The following circumstances require that you provide more specific information about communications between the console and the cell:
■ the presence of a network interface card (NIC) between the console and the cell ■ the presence of a firewall between the console and the cell
■ using a multi-homed computer for the console
In these circumstances, you must select Use Port Range and specify the limits of the port range and then select either Auto Bind or a particular IP address.
The Auto Bind option configures the console to connect to an NIC before it can connect to a cell. If you specify no particular NIC, the console automatically attempts to connect to the first NIC it encounters.
On a multi-homed computer, you can specify the NIC by selecting the IP address that the card is using from the IP Address list box. If Auto Bind is not enabled, you must specify a port range for the network card to which the console binds.
Note
If the console is running on a computer that is acting as a gateway between multiple subnets, the network card that you bind to must be on the same subnet as the cell to which the console connects.
Setting BMC ProactiveNet Server connection
properties
In addition to adding and deleting connections in the console configuration, you must configure the connections themselves, as described in this section.
To configure a BMC ProactiveNet Server
1 From the menu bar of the BMC ProactiveNet Administration Console, choose
Edit => Configure => Administration Settings.
2 In the Configure Administration Settings dialog box, click the Login Servers tab.
3 Modify any of the BMC ProactiveNet Server configuration parameters listed in
Table 2 on page 29, as needed:
Table 2: BMC ProactiveNet Server Configuration Parameters
Field Description
Heartbeat Rate specifies the frequency, in minutes, at which the console sends a signal to the connected BMC IAS to determine whether the BMC IAS is functioning. The default heartbeat rate is 1.
Enable Port Range specifies the maximum and minimum port number for the console to use in establishing a connection to a BMC IAS
Designating a port range is useful if the console must communicate to a cell through a firewall with only specific ports available for communication. The console scans through the ports in the specified range until a port, local to the console, is connected to the cell or fails because the port range is exhausted.
Field Description
Auto Reconnect enables and disables automatic attempts to reconnect to the BMC ProactiveNet Server when the connection has been dropped
The Administration Console will attempt to reconnect to the server at the
Frequency and for the Number of Retries that you specify. If, after the final try the server is still not reconnected, an error message is displayed stating that the server is down, and you must manually restart the server and log back on to the
Administration Console.
A status message is displayed in the status area of the Administration Console showing the number of reconnection attempts.
4 Click Apply to save the changes, or click OK to save and exit the dialog box.
Logging out of and into the BMC ProactiveNet
Server from the BMC ProactiveNet
Administration Console
You can log out of the BMC ProactiveNet Server and log in from the BMC ProactiveNet Administration Console interface without closing the console.
To log out of the BMC ProactiveNet Server from the Administration Console
1 From the menu bar of the BMC ProactiveNet Administration Console, choose
Server => Logout.
2 In the Logout Confirmation dialog box, click Yes.
To log on to the BMC ProactiveNet Server from the Administration Console
1 From the menu bar of the BMC ProactiveNet Administration Console, choose
Server => Login.
2 In the BMC ProactiveNet Administration Console Logon screen, specify the following information, enter the password for the user name that you are using to log on to the BMC ProactiveNet Server and click OK.
■ The default password is admin.
Changing your BMC ProactiveNet
Administration Console password
To keep your password secure, you should change it periodically.
To change the BMC ProactiveNet Administration Console password
1 From the menu bar, choose Server => Change Password.
2 In the Change Password dialog box, in the Old Password box, enter your current password.
3 In the New Password and Confirm New Password boxes, enter a new password.
4 Click OK.
Your password for the BMC ProactiveNet Administration Console logon is changed immediately.
Note
If you forget your password, your administrator must clear the encrypted form of your password from the configuration file. The next time that you log on, you will enter a new password, and you will be prompted to confirm it. This operation sets your new password.
In a setup where LDAP authentication is used, administrators must change password from the LDAP server and not within the BMC ProactiveNet Administration Console.
BMC ProactiveNet profiles
BMC ProactiveNet acknowledges the following two types of profiles when logging into the product:
■ Admin ■ User
BMC ProactiveNet Administrator manages profiles (and access rights) for individual users.
Admin profile
Administrators have unlimited access to BMC ProactiveNet. They can configure the environment, define individual user profiles, and perform full administrative functions.
User profile
The BMC ProactiveNet administrator creates user profiles, and can restrict users’ access to BMC ProactiveNet features. The user profile (as set by the administrator) governs the functionality available to each user in the BMC ProactiveNet Operations Console.
BMC ProactiveNet enables the administrator to assign access rights at both micro and macro levels.
Accessing online Help
Choose Help => Online Help to access online versions of the BMC ProactiveNet documentation. Context sensitive Help is provided through Help buttons on the various dialog boxes and windows within the BMC ProactiveNet Administration Console.
Managing BMC ProactiveNet
Agents
Adding Agents
Use the Add Agent option to add an agent after a device has already been set up. To set up the device and the agent simultaneously, see About Remote Agents on page 35.
The BMC ProactiveNet local agent (BMC ProactiveNet Agent) resides on the
computer where the BMC ProactiveNet Server is installed. Remote agents are agents that reside on computers outside of the BMC ProactiveNet Server.
To add an agent after the device is set up
1 If not already done, install the agent software on the system where you want to add the agent.
For information about installing the agent software, see the BMC ProactiveNet Getting Started Guide.
2 In the Administration Console, in the Administration => General
Administration tab, expand the Devices folder.
a Drill down to the Instance level.
b Right-click the instance where you want to add the agent and click Agent =>
Add Agent.
3 In the Add Agent window, enter data in the required fields and select a Connection option.
■ Control Port - The default control port (TCP connection port) is 12124. Change the port if 12124 is forbidden by a firewall or if it is being used by an existing application.
To change the port, click Close, and then see Changing the default BMC ProactiveNet Agent TCP control port on page 196.
■ Agent Name - BMC ProactiveNet inserts the device name that you specified. ■ Agent IP Address - BMC ProactiveNet inserts the IP Address (or name of the
Agent if using DNS) that you specified in the IP Address field when you created the device.
■ Associated Device - BMC ProactiveNet lists devices with the same IP address. By default, the one created on the previous screen is selected.
■ Connection Options.
—Direct Access using TCP/IP - Select if the remote agent uses TCP/IP.
—Direct Access using SSL TCP/IP - Select if the remote agent uses SSL TCP/IP. —HTTP Tunnel Proxy - Select if the remote agent uses an HTTP Tunnel. For
installation and configuration of the remote agent, see “Installing tunnel agents on page 44.
—TCP Proxy - Select if the remote agent uses TCP Proxy. For further details, see TCP Proxy Agent on page 70.
4 Click Next to create the agent.
■ When the agent is created, a second Add Agent window is displayed, in which you can choose the monitor for the device
5 Choose the monitor.
6 Follow the procedure in Choosing monitors for the device on page 99.
To view the new agent, expand (or close and expand) the Agents folder. To view the monitor, expand (or close and expand) the Monitors folder.
If a problem occurs while you are adding an agent, BMC ProactiveNet displays an error message. For more information, see SSL server certificate for Apache server on page 171.
Editing an agent
You can edit the properties of the BMC ProactiveNet Agent by using the BMC ProactiveNet Administration Console.
To edit agent properties
1 In the Administration Console in the Administration => General
Administration tab, open the Advanced Options folder.
2 Expand the Agent folder and locate the agent from the list.
3 Right-click the agent and select Edit.
4 In the Edit Remote Agent dialog box, change the values as necessary and click
OK.
About Remote Agents
The BMC ProactiveNet Agent is responsible for spawning the creation of monitors, collecting data, and delivering data to BMC ProactiveNet Server for storage in the database.
Remote Agents are those agents that reside on computers outside BMC ProactiveNet Server. The Local Agent (aka BMC ProactiveNet Server Agent) resides on BMC ProactiveNet Server.
Figure 3 on page 36 shows how to associate any number of BMC ProactiveNet Agents with a BMC ProactiveNet Server. BMC ProactiveNet Agent cannot be
connected to more than one server simultaneously. Once a BMC ProactiveNet Server is disconnected from a BMC ProactiveNet Agent, the BMC ProactiveNet Agent becomes available to be connected to any another BMC ProactiveNet Server.
Note
If BMC ProactiveNet Server or BMC ProactiveNet Agent is rebooted or shut down for any reason, or if the network goes down, everything reconnects automatically on restart.
Figure 3: Connecting Server and Agents
Local Agents vs. Remote Agents
Generally, all monitors that require direct access to the device’s local resource will require an agent to be on that same computer. For example, to parse a log file, the agent will need to reside on the device where the log file exists in order to access it. An easy way to know if an agent is required on the device for which you want to add a monitor is by noting the configuration parameters for the monitor. If 'Source Agent' is one of the configuration parameters, then you have the ability to run the monitor from any BMC ProactiveNet Agent. Two exceptions apply:
■ Windows monitors - These system monitors have a Source Agent configuration parameter, but can monitor systems without an agent.
■ Agent’s status monitors must always be done from BMC ProactiveNet Server source agent.
Note
BMC ProactiveNet Agent residing on the BMC ProactiveNet Server must always be labeled BMC ProactiveNet Server for this monitor to work correctly.
Adding remote agents
Use this procedure to add new BMC ProactiveNet Agents to the computer where the BMC ProactiveNet Server is installed.
To add agents
1 In the Administration Console in the Administration => General
Administration tab, expand the Advanced Options folder, right-click the Agent folder and select Add Remote Agent.
The Add Device and Agent window is displayed.
2 In the Add Device and Agent window, enter the following required information and click Next.
■ Device Type - Select a device type from the list.
■ Device Name - Enter a descriptive name for the device.
■ IP Address - Enter the IP address (or name of the Agent if using DNS) you are adding to the BMC ProactiveNet system. Example: 208.176.147.83.
3 Specify Control attributes on Control tab.
4 Click Next.
5 Specify Group Membership on the Groups Tab.
6 Click Next to open the Remote Diagnostics tab.
■ Protocol Types – rexec, rlogin, rsh, ssh, and telnet. Select a Protocol Type from the list.
■ PortNo – Enter the port number where the remote service is running. Initially, the default PortNo of the selected Protocol Type is displayed.
■ Local User Name – Mandatory when using the rsh and rlogin Protocol Type. The user name on the local system from where the DD is fired. Enter the Local User Name.
■ Remote User Name – Mandatory for all Protocol Types. Enter the Remote User Name.
■ Remote User Password – Mandatory for rexec, rlogin, telnet, and ssh Protocol Types. Enter the Remote User Password. Confirm the Remote User Password. ■ Remote System Prompt – Mandatory when using rlogin and telnet Protocol
Types.
Note
■ The user should give a complete remote system prompt while using rlogin and telnet protocols. For example, if the remote system prompt is
[root@kadamba root]#, then the user should enter correctly in the remote system prompt field. If the user uses partial system prompt, i.e. # instead of [root@kadamba root]#, then the system is prevented from logging into the remote device. The maximum number of characters supported for remote system prompt is 512 characters.
■ The rhosts file works only on the rhosts authentication. There is no password-based authentication. It is users responsibility to set the proper rhosts
authentication before using the rhost protocol.
■ For details about protocol types, see Diagnostics wizard on page 151.
7 Click Next to open the Baseline tab.
8 If required, select the device from which baseline values of existing monitors must be copied to new monitors being created on the new device.
9 Click Next.
10 In the window that seeks server connection details, fill in the required fields. ■ Control Port - The default Control Port (TCP connection port) is 12124. Change
the Control Port when 12124 is forbidden by a Firewall, or because it is being used by an existing application.
To change, click Close, then see: TCP Control Ports. For a Windows Agent, see: Changing BMC ProactiveNet Agent (NT/2000/2003) Control Port. Otherwise, accept the default 12124 and continue with the next step.
■ Agent Name - The default value is the Device Name specified on the previous screen.
■ Agent IP Address - The default value is the IP Address (or name of the Agent if using DNS) entered in the IP Address field.
■ Associated Device - The lists devices with the same IP address are listed. By default, the one created on the previous screen is selected.
11 In the window that seeks server connection details, select a Connection option. ■ Select Direct Access using TCP/IP option if the remote agent uses TCP/IP. ■ Select Direct Access using SSL TCP/IP option if the remote agent uses SSL TCP/
IP. For more information, see SSL TCP/IP Agent on page 57.
■ Select HTTP Tunnel Proxy option if the remote agent uses an HTTP Tunnel. Refer Tunnel Agent topic for information on installation and configuration of the remote agent.
■ Select TCP Proxy option if the remote agent is to be proxied behind another TCP Remote Agent. TCP Proxy Agent on page 70.
12 Click Next to create the agent and add monitors.
When the agent is created, the second Add Agent window is displayed to allow selection of monitors for the device.
a Choose the monitor.
b Follow the procedure detailed in Choosing monitors for the device on page 99.
To view the new agent, expand (or close/expand) the Agents folder. To view the monitor, expand (or close/expand) the Monitors folder.
For information, see SSL server certificate for Apache server on page 171.
To view the new agent, expand (or close/expand) the Agents folder. To view the monitor, expand (or close/expand) the Monitors folder.
13 Select the monitors to be created on the Agent.
14 Click Finish.
■ BMC ProactiveNet registers the new agent and creates the specified monitors. The status of each action is listed on the screen.
15 Click OK to complete the procedure.
Editing remote agents
When the system date/time has been changed on an Agent computer, then the Agent must be restarted to resume data collection. You can also use the BMC ProactiveNet Administration Console to edit remote agent properties.
To edit remote agent properties
1 In the Administration Console, expand the Advanced Options and Agents folders.
2 Right-click the Agent to be edited and select Edit. The Edit Remote Agent window is displayed.
3 Choose from the following:
■ Control Port - The default Control Port (TCP connection port) is 12124. You change the Control Port when 12124 is forbidden by a Firewall, or because it is used by an existing application.
To change, click Close, then see: About TCP Control Ports. For a Windows Agent, see: Changing BMC ProactiveNet Agent (NT/2000/2003) Control Port. Otherwise, accept the default 12124 and continue with the next step.
To change, click Close, then see: About TCP Control Ports. For a Windows Agent, see: Changing BMC ProactiveNet Agent (NT/2000/2003) Control Port. Otherwise, accept the default 12124 and continue with the next step.
■ Agent Name - Edit or rename the agent. (You cannot edit or rename 'BMC ProactiveNet Server').
■ Agent IP Address - Change the agent IP address. ■ Associated Device - Device associated with this agent.
4 Click OK. Note
If you have changed any values, click OK before doing a reconnect. If you do not click OK, changes made will not be saved.
Connecting, disconnecting, and restarting agents
Use the Administration Console to connect, disconnect, and restart local and remote agents.
To connect, disconnect, and restart agents
1 In the Administration Console in the Administration => General
Administration tab, expand the Advanced Options folder and then the Agent folder.
2 Right-click the Agent to be connected, disconnected, or restarted.
■ Connect Agent - Select to connect the Agent to this BMC ProactiveNet Server. If dimmed, the agent is already connected.
■ Disconnect Agent - Select to disconnect the Agent from this BMC ProactiveNet Server. If dimmed, this agent is already disconnected.
■ Restart Agent - Select to restart the Agent. (This works only if the agent status is 'Connection Active').
Deleting a remote agent
When you delete an Agent from the Advanced folder, the device corresponding to the Agent remains in the Devices folder, but all monitors which relied upon the Agent are deleted (i.e., system monitors of the Agent or monitors using the Agent as source IP).
Note
On deleting an Agent, the Administration Console displays the message 'all monitors associated with Agent will be deleted'. This can be construed as that the device will also be deleted, which is not always the case. To remove the device, which contained the Agent, you need to delete it from the Devices folder using the Administration Console. However, if you create a new device/agent pair, a certain number of default monitors are automatically added (i.e., Agent Status, Node Ping, System, and so on).
When the agent is deleted, these default monitors also get deleted. If there are no other monitors tied to the device at this point, the device also gets deleted. If you wish to permanently remove the Agent, you need to use the un-install function.
To delete an agent
1 From the Administration Console in the Administration => General
Administration tab, expand the Advanced Options folder and then the Agent folder.
2 Right-click the Agent to delete, and select Delete.
■ If the Remote Agent is currently monitoring applications, a Warning message is displayed.
Note
Do not delete BMC ProactiveNet Server! It must always appear in the Agent folder. The Confirm Deletion window is displayed.
3 Click OK.
To confirm that the agent has been deleted, close and expand the Agents folder.
Tech tip
To permanently remove the Agent, you must uninstall it. For UNIX or Linux Agents, you can uninstall the agent whether the Administration Console is open or not. For Windows Agents, however, you must close the Administration Console first. For instructions for uninstalling the agent, see the BMC ProactiveNet Getting Started Guide.
How do Tunnel Agents work?
When BMC ProactiveNet Server is outside the firewall, and BMC ProactiveNet Agent is inside, using an HTTP tunnel aids in BMC ProactiveNet Agent deployment without any changes to the Firewall configuration.
Note
In case BMC ProactiveNet Server is inside the firewall and BMC ProactiveNet Agent is outside, this type of tunneling will not work. In such cases, it is best to open the Firewall for outgoing connections on port 12124 and use normal TCP/IP Agents. Alternatively, you could open the Firewall to incoming connections on port 80 and make agents Tunneled Agents. However, this results in additional load on the CPU.
Most Firewall configurations allow outgoing connections on port 80. HTTP tunnel acts as a virtual socket connecting BMC ProactiveNet Agent (inside the Firewall) to BMC ProactiveNet Server (outside the Firewall). BMC ProactiveNet HTTP proxies send and receive messages on behalf of the Agent Controller and Agent.
The Agent side of the HTTP Proxy acts as the HTTP client which sends POST to Apache Web servlet on BMC ProactiveNet Server. From the Agent and Agent Controller point of view, a simple socket connection is being used (which just happens to be over a tunnel).
Figure 4: Tunneled Agent Connections - Proxy Embedded in Agent
BMC ProactiveNet Server identifies proxies using the tunnel ID assigned to the Agent during installation. The Tunnel ID is stored in the Agent’s pronet.conf file. If the assigned tunnel ID does not match the actual tunnel ID set in pronet.conf file, the Agent will not connect. The pronet.conf file also tells the Agent proxy which URL to connect to. As shown in the figure 'Tunneled Agent Connections - Proxy Embedded in Agent', the URL should point to the Apache Web servlet on BMC ProactiveNet Server.
Note
The Agent Tunnel always uses port 12124. To change the port number because of a conflict, you must open the pronet.conf file and change it there. You cannot change the port number via the console.
Supported modes
Tunnel Agents run in both the HTTP and HTTPS modes, but, it is advised to not use secure tunneling.
Limitations
■ Tunnel Agents put additional load on CPU usage and I/O of the host computer due to embedded HTTP proxy. The impact is proportional to the amount of data being collected by the Agent. Generally, it is an additional 1-5 percent on CPU usage. ■ Tunnel Agent connection is virtual, and requires Agent proxy to connect before
data transfer. Adding/editing monitors to Tunnel Agents requires more time. Tunnel Agent does not perform as well as standard BMC ProactiveNet Agents. Although there is no limit on how much data can be collected with a tunnel Agent, in general, poll frequencies and number of instances supported will not be as high as regular BMC ProactiveNet Agents.
■ AIX agents cannot be connected in secure tunnel mode.
■ The .jre file used in Red Hat Linux versions 7.1 and 9 is 1.3.1, and .jre on BMC ProactiveNet Server is 1.4.2. Due to this mismatch in the .jre files, BMC ProactiveNet Agent cannot connect in the Tunnel mode.
■ Windows Server will not perform the desired number of retries as mentioned by the pronet.conf entry "pronet.apps.agent.pollperiod.allowednoreplies.tcp=2" when an agent is unreachable. The agent will be set as “AgentUnreachable” immediately.
Note
The process 'tunnelproxy', which shows up under 'pw process list', is the one that takes care of tunnel connections on the server side. However, this does not affect the way tunnel agents are configured.
Installing tunnel agents
This section provides procedures for how to install tunnel agents based on your operating system.
To install tunnel agents
1 Log on to the Agent computer as 'root' (Solaris, AIX, Linux, and HP-UX) or with Administrative privileges (Windows).
2 Insert the BMC ProactiveNet CD.
3 Follow the appropriate instructions given below based on the operating system of the Agent computer.
To install a Solaris Agent as a tunnel agent
1 Open Command prompt.
2 Go to CD (Disc 2) => BMC ProactiveNet Agent => Solaris folder.
3 Execute setupagent.sh specifying Tunnel as additional parameter. The actual command is as follows:
■ ./setupagent.sh tunnel
4 On the prompt, specify the installation path. For example: /datadisk/tunnelagent
5 Accept the Terms and other prompts.
6 On the prompt, specify the unique Tunnel ID. For example: MyTunnel33. The Tunnel ID is an alphanumeric string (maximum length 32 characters). Special characters and spaces are not supported.
7 This Tunnel ID is stored in pronet.conf file on the Agent computer. installDirectory /pw/pronto/custom/conf/pronet.conf
8 Enter 'true' when prompted to 'Allow Secure Tunneling'. This is optional. Secure mode includes Authenticated, Encrypted, and Compressed methods for sending information through the Tunnel.
9 Specify BMC ProactiveNet Server location on the following prompt:
■ Enter the server name/IP address that you want to connect to:
Location is the name or IP Address of the host. For non-DNS environments, include the computer and domain name (server.mycompany.com).
In case BMC ProactiveNet Server is using a port other than 80, you need to append that server port number to the IP address. For BMC ProactiveNet Server using port 8080, specify Server IP as xxx.xxx.xxx.xxx:8080.
10 The installation program records the information, and completes the installation. ■ On completion of the process, the message 'Proactive Agent Installation
Completed' is displayed.
To install an AIX Agent as a tunnel agent
1 Open Command prompt.
2 Go to CD (Disc 2) => BMC ProactiveNet Agent => AIX folder.
3 Execute setupagent.sh specifying Tunnel as additional parameter. The actual command is as follows:
■ ./setupagent.sh tunnel
4 On the prompt, specify the installation path. For example: /datadisk/tunnelagent.
5 Accept the Terms and other prompts.
6 On the prompt, specify the unique Tunnel ID. For example: MyTunnel33. The Tunnel ID is an alphanumeric string (maximum length 32 characters). Special characters and spaces are not supported.
■ This Tunnel ID is stored in pronet.conf file on the Agent computer. <installedpath>/pw/pronto/custom/conf/pronet.conf
7 Enter 'false' when prompted to 'Allow Secure Tunneling'. AIX agents cannot be configured in secure mode
8 Specify BMC ProactiveNet Server location on the following prompt: ■ Enter the server name/IP address that you want to connect to:
Location is the name or IP Address of the host. For non-DNS environments, include the computer and domain name (server.mycompany.com).
In case BMC ProactiveNet Server is using a port other than 80, you need to append that server port number to the IP address. For example: for BMC