OMK Common Settings to Consider Changing
Purpose
There are several general OMK settings as well as application specific settings in opCommon.nmis that customers should consider changing to suit their environment.
Exercise caution while editing /usr/local/omk/conf/opCommon.nmis; if a syntax error is induced all OMK applications will cease to function.
Check out How to make configuration changes to opCommon.nmis and other files for some more details on best practices for modifying the configuration file.
OMK Settings
Authentication
Authentication should be integrated into the enterprise infrastructure to maintain security and scalability.
'authentication' => { 'auth_crowd_password' => '', 'auth_crowd_server' => '', 'auth_crowd_user' => '', 'auth_expire_seconds' => '3600', 'auth_htpasswd_encrypt' => 'crypt', 'auth_htpasswd_file' => '<omk_conf>/users.dat', 'auth_lockout_after' => 0, 'auth_login_motd' => 'Authentication required: default credentials are nmis/nm1888', 'auth_method_1' => 'htpasswd', 'auth_method_2' => 'openaudit', 'auth_method_3' => 'openaudit', 'auth_sso_domain' => '' },
The email section should be configured for the customers environment.
'email' => { 'mail_domain' => 'yourdomain.com', 'mail_from' => 'yourmailname@yourdomain.com', # auth is attempted if both user and password are set 'mail_user' => 'your_user_account@your_domain.com', 'mail_password' => 'your_password', 'mail_server' => 'smtp.yourdomain.com', 'mail_server_port' => 25, 'mail_use_tls' => 'true', # new: do STARTTLS # 'mail_subject_prefix' => '[automatic] ', },
Database
There are several database settings that can be customized as seen below. The most popular attribute we seen changed the the 'db_query_timeout' value.
'database' => { 'db_server' => 'localhost', 'db_port' => '27017', 'db_name' => 'nmis', 'db_admin_port' => '28017', 'db_username' => 'opUserRW', 'db_password' => 'op42flow42', 'db_connection_timeout' => 20000, 'db_query_timeout' => 5000, 'db_ping_timeout' => 2000, 'db_write_concern' => 1, 'db_use_v26_features' => 1, },
NMIS
NMIS is the engine that OMK applications leverage. The NMIS engine can be on the local server or on a remote server. Be sure to configure the 'nmis_host_base' attribute.
'nmis' => { '<nmis_dir>' => '/usr/local/nmis8', '<nmis_logs>' => '/usr/local/nmis8/logs', 'nmisConf' => 'Config', 'nmis_cgi_url_base' => '/cgi-nmis8', 'nmis_dir' => '/usr/local/nmis8', 'nmis_host_base' => 'http://localhost', 'nmis_icon_small' => '<omk_url_base>/icons/nmis_sml.png', 'nmis_max_filtered_table_cache_size' => 100, 'nmis_sensitive_property' => [ 'community', 'privkey', 'privpassword', 'authkey', 'authpassword', 'wmiusername', 'wmipassword', 'username' ], 'prefer_local_nmis' => 'false' },
OMK Daemon
omkd is the web server daemon for OMK applications. There are several attributes that can be changed in this section but be sure to change the 'omkd_secrets' attribute.
'omkd' => { 'omkd_secrets' => [ 'CHANGE_ME_u3207bhcjq1vcpv43e4b' ], 'omkd_workers' => 5, 'omkd_url_base' => 'http://yourserver.yourdomain', },
In Abi2 Products, opCharts-4.X etc 'omkd_url_base' must be set to the FQDN of the current server for a Primary Poller environment.
opEvents
opEvents has many configuration attributes that may be helpful. The following are a few that we suggest reviewing.
'opevents_reports_purge_older_than' => undef, # covers summary reports 'opevents_events_purge_older_than' => undef, # covers events and actions 'opevents_rawlogs_purge_older_than' => undef, # covers raw logs 'opevents_archivelogs_purge_older_than' => undef, # covers archive logs 'opevents_url_base' => 'http://yourserver.yourdomain', 'opeventsd_max_processes' => 10, 'opeventsd_update_rate' => 10,
opCharts
opCharts has many configuration attributes that may be helpful. The following are a few that we suggest reviewing.
'opcharts_url_base' => "http://yourserver.yourdomain/",
In case this option is set, opCharts will also need opcharts_hostname to be set in order to generate the registry data.
Even if they are blank, opcharts_url_base and opcharts_hostname should be defined in the configuration.
opConfig
opConfig has many configuration attributes that may be helpful. The following are a few that we suggest reviewing.
'opconfig_url_base' => "http://yourserver.yourdomain/",
opFlow
opFlow has many configuration attributes that may be helpful. The following are a few that we suggest reviewing.
'opflow_display_dns' => 'true', 'opflow_raw_files_age_days' => 10, 'opflow_resolve_endpoint_dns' => 'false', 'opflow_url_base' => 'http://yourserver.yourdomain/', 'opflow_use_aggregation' => 'false',
opReports
opReports has many configuration attributes that may be helpful. The following are a few that we suggest reviewing.
'opreports_url_base' => 'http://yourserver.yourdomain/', 'default_report_timezone' => 'UTC',
opTrend
opTrend has many configuration attributes that may be helpful. The following are a few that we suggest reviewing.
'optrend_maxthreads' => 10, 'optrend_process_condition_in_nmis' => 'true', 'optrend_seds_control_mutliplier' => 3,