-
Notifications
You must be signed in to change notification settings - Fork 9
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Relative include paths are now considered to be in the parent ini-fil… (
#33) * Relative include paths are now considered to be in the parent ini-file's folder * fix a formatting error * rename test config snclient_incl.ini * update test case for config, include from rel. subdir
- Loading branch information
Showing
5 changed files
with
311 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,276 @@ | ||
| [/paths] | ||
| ; exe-path - Path to snclient executable (auto-detected). | ||
| exe-path = | ||
|
|
||
| ; shared-path- Path to shared things. | ||
| shared-path = /etc/snclient | ||
|
|
||
| ; scripts - Path to scripts. | ||
| scripts = ${shared-path}/scripts | ||
|
|
||
| ; certificate-path - Path for certificates. | ||
| certificate-path = ${shared-path} | ||
|
|
||
|
|
||
| [/modules] | ||
| ; WEBServer - Enable HTTP REST API requests via check_nsc_web. | ||
| WEBServer = enabled | ||
|
|
||
| ; NRPEServer - Enable NRPE server. | ||
| NRPEServer = disabled | ||
|
|
||
| ; PrometheusServer - Enable /metrics HTTP server for the agent itself. | ||
| PrometheusServer = enabled | ||
|
|
||
| ; CheckExternalScripts - Enable scripts from /settings/external scripts/... | ||
| CheckExternalScripts = disabled | ||
|
|
||
| ; CheckSystem - Collect windows cpu metrics which can be queried by the check_cpu plugin. | ||
| CheckSystem = enabled | ||
|
|
||
| ; CheckSystemUnix - Collect non-windows cpu metrics which can be queried by the check_cpu plugin. | ||
| CheckSystemUnix = enabled | ||
|
|
||
| ; CheckDisk - Controls wether check_drivesize is allowed or not. | ||
| CheckDisk = enabled | ||
|
|
||
| ; CheckWMI - Controls wether check_wmi is allowed or not. | ||
| CheckWMI = disabled | ||
|
|
||
|
|
||
| [/settings/default] | ||
| ; allowed hosts - List of ips/networks/hostname allowed to connect. | ||
| allowed hosts = 127.0.0.1, ::1 | ||
|
|
||
| ; cache allowed hosts - Cache resolved dns names. | ||
| cache allowed hosts = true | ||
|
|
||
| ; timeout - Timeout when reading packets on incoming sockets. | ||
| timeout = 30 | ||
|
|
||
| ; bind to - Allows you to bind server to a specific local address. | ||
| ; This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. | ||
| bind to = | ||
|
|
||
| ; tls min version - Set minimum allowed tls version, leave empty to allow all versions | ||
| ; or specify one of: tls1.0, tls1.1, tls1.2, tls1.3 | ||
| tls min version = "tls1.1" | ||
|
|
||
|
|
||
| ; log - Configure log properties. | ||
| [/settings/log] | ||
|
|
||
| ; file name - The file to write log data to. | ||
| ; Set this to none or /dev/null to disable log to file or use "stdout" or "stderr" to log there. | ||
| file name = /var/log/snclient/snclient.log | ||
|
|
||
| ; level - Log level to use. Available levels are error,warning,info,debug,trace. | ||
| level = info | ||
|
|
||
|
|
||
| ; log file - Configure log file properties. | ||
| [/settings/log/file] | ||
|
|
||
| ; max size - When file size reaches this it will be truncated to 50% if set to 0 truncation will be disabled. | ||
| max size = 0 | ||
|
|
||
|
|
||
| [/settings/updates] | ||
| ; automatic updates - Update snclient automatically. | ||
| automatic updates = disabled | ||
|
|
||
| ; automatic restart - Automatically restart snclient after update is finished. | ||
| automatic restart = disabled | ||
|
|
||
| ; channel - comma separated list of channel to search for updates. | ||
| channel = stable | ||
|
|
||
| ; pre release - Control if pre releases from the stable channel should be considered as well. | ||
| pre release = false | ||
|
|
||
| ; insecure - - Skip all ssl verifications. | ||
| insecure = false | ||
|
|
||
| ; update hours - Set time range(s) in which updates are allowed. | ||
| update hours = 0-24 | ||
|
|
||
| ; update days - set day range(s) in which updates are allowed. | ||
| update days = mon-sun | ||
|
|
||
|
|
||
| [/settings/updates/channel] | ||
| ; stable - This is the stable release channel. | ||
| stable = https://api.github.com/repos/ConSol-monitoring/snclient/releases | ||
|
|
||
| ; dev - This url is for the development channel. | ||
| dev = https://api.github.com/repos/ConSol-monitoring/snclient/actions/artifacts | ||
|
|
||
| ; custom - Any other url works as well. | ||
| ; custom - https://company-server.local/snclient/snclient-${goos}-${goarch} | ||
|
|
||
| ; local - Even local files can be checked. | ||
| ; local - file://z:\updates\snclient-${goos}-${goarch} | ||
|
|
||
|
|
||
| [/settings/updates/channel/dev] | ||
| ; github token - the dev channel requires a github token to download the update | ||
| ;github token = <GITHUB-TOKEN> | ||
|
|
||
|
|
||
| [/settings/NRPE/server] | ||
| ; insecure - - Skip all ssl verifications | ||
| insecure = false | ||
|
|
||
| ; allow nasty characters - This option determines whether or not the we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments. | ||
| allow nasty characters = false | ||
|
|
||
| ; port - Port to use for NRPE. | ||
| port = 5666 | ||
|
|
||
| ; allow arguments - This option determines whether or not the we will allow clients to specify arguments to commands that are executed. | ||
| allow arguments = false | ||
|
|
||
| ; use ssl - This option controls if SSL will be enabled. | ||
| use ssl = true | ||
|
|
||
| ; certificate - SSL certificate to use for the ssl server. | ||
| certificate = ${certificate-path}/server.crt | ||
|
|
||
| ; certificate key - ssl private key to use for the ssl server. | ||
| certificate key = ${certificate-path}/server.key | ||
|
|
||
| ; client certificates - require client certificate (list of pem files). | ||
| ;client certificates = ${certificate-path}/client1.pem, ${certificate-path}/client2.pem | ||
|
|
||
|
|
||
| ; Windows system - Section for windows system checks and system settings | ||
| [/settings/system/windows] | ||
|
|
||
| ; default buffer length - Contols the counter bucket size ex.: for cpu counter. | ||
| default buffer length = 1h | ||
|
|
||
|
|
||
| ; Unix system - Section for non windows system checks | ||
| [/settings/system/unix] | ||
|
|
||
| ; default buffer length - Contols the counter bucket size ex.: for cpu counter. | ||
| default buffer length = 1h | ||
|
|
||
|
|
||
| ; External script settings - General settings for the external scripts module (CheckExternalScripts). | ||
| [/settings/external scripts] | ||
|
|
||
| ; timeout - The maximum time in seconds that a command can execute. (if more then this execution will be aborted). | ||
| ; NOTICE this only affects external commands not internal ones. | ||
| timeout = 60 | ||
|
|
||
| ; Allow certain potentially dangerous characters in arguments - This option determines whether or not | ||
| ; we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments. | ||
| allow nasty characters = false | ||
|
|
||
| ; Allow arguments when executing external scripts - This option determines whether or not the we will allow | ||
| ; clients to specify arguments to commands that are executed. | ||
| allow arguments = false | ||
|
|
||
| ; Script root folder - Root path where all scripts are contained (You can not upload/download scripts outside this folder). | ||
| script root = ${scripts} | ||
|
|
||
| ; Load all scripts in a given folder - Load all (${script path}/*.*) scripts in a given directory and use them as commands. | ||
| script path = | ||
|
|
||
| ; ignore perfdata - Do not parse performance data from the output | ||
| ignore perfdata = no | ||
|
|
||
|
|
||
| ; External scripts - A list of scripts available to run from the CheckExternalScripts module. | ||
| ; Syntax is: `command=script arguments` | ||
| [/settings/external scripts/scripts] | ||
|
|
||
|
|
||
| ; script: default - The configuration section for the default script. | ||
| [/settings/external scripts/scripts/default] | ||
|
|
||
| ; ignore perfdata - Do not parse performance data from the output | ||
| ignore perfdata = no | ||
|
|
||
| ; command - Command to execute | ||
| command = | ||
|
|
||
|
|
||
| ; Wrapped scripts - A list of wrapped scripts (ie. script using a template mechanism). | ||
| ; The template used will be defined by the extension of the script. | ||
| ; Thus a foo.ps1 will use the ps1 wrapping from the wrappings section. | ||
| ; Syntax is: `command=script` | ||
| [/settings/external scripts/wrapped scripts] | ||
|
|
||
|
|
||
| ; Command aliases - A list of aliases for already defined commands (with arguments). | ||
| ; An alias is an internal command that has been predefined to provide a single command without arguments. | ||
| ; Be careful so you don't create loops (ie check_loop=check_a, check_a=check_loop) | ||
| [/settings/external scripts/alias] | ||
|
|
||
|
|
||
| ; alias: default - The configuration section for the default alias | ||
| [/settings/external scripts/alias/default] | ||
|
|
||
| ; ignore perfdata - Do not parse performance data from the output | ||
| ignore perfdata = no | ||
|
|
||
| ; command - Command to execute | ||
| command = | ||
|
|
||
|
|
||
| ; Script wrappings - A list of templates for defining script commands. | ||
| ; Enter any command line here and they will be expanded by scripts placed under | ||
| ; the wrapped scripts section. | ||
| ; %SCRIPT% will be replaced by the actual script and | ||
| ; %ARGS% will be replaced by any given arguments. | ||
| [/settings/external scripts/wrappings] | ||
|
|
||
| ; Batch file - Command used for executing wrapped batch files | ||
| bat = ${script root}\\%SCRIPT% %ARGS% | ||
|
|
||
| ; Visual basic script - Command line used for wrapped vbs scripts | ||
| vbs = cscript.exe //T:30 //NoLogo ${script root}\\lib\\wrapper.vbs %SCRIPT% %ARGS% | ||
|
|
||
| ; Powershell Wrapping - Command line used for executing wrapped ps1 (powershell) scripts | ||
| ps1 = cmd /c echo If (-Not (Test-Path "${script root}\%SCRIPT%") ) { Write-Host "UNKNOWN: Script `"%SCRIPT%`" not found."; exit(3) }; ${script root}\%SCRIPT% $ARGS$; exit($lastexitcode) | powershell.exe /noprofile -command - | ||
|
|
||
|
|
||
| ; Web server - Section for http REST service | ||
| [/settings/WEB/server] | ||
| ; password - must be changed from default value, set to empty string to disable passwords. | ||
| ; password can be stored encrypted when using the format: <HASH>:<hashed password>, ex.: SHA256:... | ||
| ; supported hash algorithms are SHA256, you can use "snclient hash" to generate password hashes. | ||
| password = CHANGEME | ||
|
|
||
| ; use ssl - This option controls if SSL will be enabled. | ||
| use ssl = true | ||
|
|
||
| ; port - Port to use for WEB server. | ||
| port = 8443 | ||
|
|
||
| ; certificate - ssl certificate to use for the ssl server | ||
| certificate = ${certificate-path}/server.crt | ||
|
|
||
| ; certificate key - ssl private key to use for the ssl server | ||
| certificate key = ${certificate-path}/server.key | ||
|
|
||
| ; allow nasty characters - This option determines whether or not the we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments. | ||
| allow nasty characters = false | ||
|
|
||
| ; allow arguments - This option determines whether or not the we will allow clients to specify arguments to commands that are executed. | ||
| allow arguments = true | ||
|
|
||
|
|
||
| [/settings/Prometheus/server] | ||
| ; port - Port to use for WEB server. | ||
| port = 9999 | ||
|
|
||
| ; use ssl - This option controls if SSL will be enabled. | ||
| use ssl = false | ||
|
|
||
|
|
||
| ; INCLUDED FILES - Files to be included in the configuration | ||
| [/includes] | ||
| local = snclient_local*.ini |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| [/settings/WEB/server] | ||
| port = 11122 | ||
| use ssl = true | ||
| password = INCL01PW | ||
|
|
||
| [/includes] | ||
| local = subdir/snclient_local*.ini |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| [/settings/WEB/server] | ||
| use ssl = false | ||
| password = INCL02PW |