Exporting threshold settings in SunMC

> 1. Is there any way to export out the list of current

> thresholds for all monitored servers under SunMC via

> command-line?

You mean with SunMC's built-in es-cli? Not easily. It would be a fair bit of work trying to wrap es-cli in bash/Perl to get it to work. It would be easier to do something like scp the base-modules-d.dat file from every Agent and then scp the corresponding .dat files listed inside. That would give you all config and thresholds in ASCII for every system.

You could also use a Configuration Task within the Console to copy those files to the Server. It could also be scheduled.

Turning those dat files into something more easily readable would then be an exercise in scripting if you want it in your own format (i.e. HTML).

For just detecting a change, "diff" would do fine.

> 2. Closely related, is there any way to have an audit

> trail if any changes are made to the threshold

> settings?

Other than when a module is loaded security info for the person who changes something they're allowed to is not stored anywhere. You may be able to parse server.log on the SunMC Server and try to figure out what went on, but there's noting in the GUI that will show that kind of audit trail.

Using something like the File Watcher module against base-modules-d.dat would show what changes were made over time (and optionally alarm on them) for module load/unload or the changing of load params. The same module pointed to a module .dat file would also pick up threshold changes.

Regards,

Mike.Kirk@HalcyonInc.com

Aronek at 2007-7-6 13:22:32 >

> What is the significance of the base-modules-d.dat

> file? Any difference if I just parse all the .dat

> files in the /var/opt/SUNWsymon/cfg directory?

That file stores all modules currently loaded by an Agent (or if the Agent isn't running: a list of all modules that will be loaded when you turn it on).

The first field in each line of that file corresponds to a .dat file (i.e. if the first field is "fscan+syslog", there should be a corresponding "fscan+syslog.dat" file).

You'll want to look at base-modules-d.dat since you don't want to scan every .dat file (as there could be hundreds). If they aren't listed in base-modules then the modules aren't actually loaded... so I doubt you'd care what the thresholds in those files are.

Regards,

Mike.Kirk@HalcyonInc.com

Aronek at 2007-7-6 13:22:32 >