background 
Kris' Tech Blog ( and stuff ) Home About Kris Contact Kris

Categories


All by Date

Linux

Security

Networks

Religion

General





Kris Springer's Tech Blog - Xymon Powershell Client
Xymon Powershell Client 11-28-18
Kris Springer


I love my Xymon server. It gathers all sorts of data and graphs it and notifies me of issues. As a tech it's the one tool that I always implement with any client/employer that I'm involved with. I started using it way way back in the day when it was called Big Brother, and I'm still using it today, 20 years later. Information is the key to being a good tech. When collecting data from Windows machines I used to use the BBWin client, but times and OS's have changed significantly, so the Xymon Powershell Client is what I currently use. It has it's limitations but for the core data that needs collected. I can even push/run additional Powershell scripts from my xymon server out to the client's without having to touch the client directly. It's great! Here's my installation instructions with some additional goodies at the end.

IMPORTANT NOTES:
  • I'm assuming you already have a functioning Xymon Server that can collect data, and that you know how to edit it's 'hosts' file.
  • Data is sent out from the client on the default port 1984. If the network blocks that there is a way to use 443, but it takes some additional customization on both the server and client. See details for that below.
  • If BBwin was previously installed on the client machine you need to stop the service, disable it, and/or delete BBwin altogether.
  • If you get purple columns on your server webpage even though the clientdata shows that data is being collected, you need to increase the MAXMSG_CLIENT=1024 amount in 'xymonserver.cfg' on the server and restart the xymon-server service. Basically the PSclient is throwing too much data at the server and it's getting truncated.
  • You can name a host whatever you want in the Xymon Server ‘hosts’ file, but if your custom name doesn’t match the client’s unique hostname you’ll have to add CLIENT:itsHostname at the end of the line for that host. There is a way to statically define a custom hostname in the client config, but it’s best to use the client’s real hostname.
  • Custom host test options and tolerance levels can be defined on the Xymon Server in the 'analysis.cfg' file. The PSclient creator's instructions state something different, but currently it doesn't work. When editing the 'analysis.cfg' file on the Xymon server it takes a few cycles for changes to reflect on the dashboard webpage. Don't be alarmed if it takes 15-20 min to see results.
  • Original source files including doc file with detailed config variables are found at
    https://sourceforge.net/p/xymon/code/HEAD/tree/sandbox/WinPSClient/
  • The remote script push/run feature could be used/viewed as hacking/malware. Be sure you take all security precautions and have permission by the system owners.


TO INSTALL ON WINDOWS CLIENT MACHINE:
  1. Download the following 3 files from https://sourceforge.net/p/xymon/code/HEAD/tree/sandbox/WinPSClient/
    xymonclient.ps1
    nssm.exe
    xymonclient_config.xml
  2. Create C:\Program Files\xymon folder and copy the 3 files into it.
  3. Right-click the files and 'unblock' them. This may not be necessary depending on how you copied the files to the server, but Windows security features usually blocks them because they’re downloaded files.
  4. Edit the xymonclient_config.xml file and define your Xymon server name, path of the log file, and the few other items that you care about. It should look like this. <XymonSettings> <servers>xymonserver.yourdomainname.com</servers> <clientlogfile>c:\program files\xymon\xymonclient.log</clientlogfile> <clientconfigfile>c:\program files\xymon\clientconfig.cfg</clientconfigfile> <clientfqdn>0</clientfqdn> <clientlower>0</clientlower> <wanteddisks>2 3 4</wanteddisks> <clientremotecfgexec>1</clientremotecfgexec> <externalscriptlocation>c:\program files\xymon\ext</externalscriptlocation> <externaldatalocation>c:\program files\xymon\tmp</externaldatalocation> </XymonSettings>
  5. Open a Powershell window in Administrator mode and enter the following command to get the hostname of the client machine. You need this to define it in the Xymon server ‘hosts’ file. This is case sensitive, unique, and how the Xymon server links incoming client data to the name defined on the Xymon webpage. 
    hostname
  6. Run the following commands to install and start the client service. 
    cd 'C:\Program Files\xymon'
.\xymonclient.ps1 install
.\xymonclient.ps1 start
    NOTE: if you get a 'scripts disabled' error just run the following command, choose Y for Yes, and then try the install command again. 
    Set-ExecutionPolicy RemoteSigned
  7. That's it on the client machine. Now add this new client into your Xymon Server's 'hosts' file and you should see results populating within a minute.

After getting everything working you should zip up your 3 files and stick them somewhere for easy download so you can quickly access them when adding additional client systems later. I added mine as a menu item on my Xymon Server webpage.


See my newer post if you want to have the client send it's data back to the server over SSL





© Copyright 2024 WarriorSon Productions. All rights reserved.