Configuration

Configuration

The settings below are taken from the file /usr/local/mk/conf/opCommon.nmis (a text file).

The settings detailed here are used across all Opmantek commercial applications.

You may need to restart the omkd daemon / service after making changes to these items.

Application specific configuration items can be found under the wiki space for the given application.

Common Settings to Consider Adjusting

You will need to change the email settings to that of your email server.

Authentication

SectionNameOriginal Value
Possible ValuesDescription
authenticationauth_crowd_password

<password>
authenticationauth_crowd_server

<ip>
authenticationauth_crowd_user

<username>
authenticationauth_expire_seconds3600
<integer>
authenticationauth_htpasswd_encryptcrypt
crypt, plaintext, apache-md5
authenticationauth_htpasswd_file<omk_conf>/users.dat
<relative filepath>
authenticationauth_lockout_after0
<integer>seconds, 0 for none.
authenticationauth_login_motdAuthentication required: default credentials are nmis/nm1888


authenticationauth_method_1htpasswd
htpasswd, openaudit, radias, tacacs, crowd, system, ldaps, ldap, ms-ldap, ms-ldaps, novell-ldap, connectwise, pam, openid_connectopenid_connect supported as at April 2021. See below.
authenticationauth_method_2

htpasswd, openaudit, radias, tacacs, crowd, system, ldaps, ldap, ms-ldap, ms-ldaps, novell-ldap, connectwise, pam, openid_connect
authenticationauth_method_3

htpasswd, openaudit, radias, tacacs, crowd, system, ldaps, ldap, ms-ldap, ms-ldaps, novell-ldap, connectwise, pam, openid_connect
authenticationauth_ms_ldap_attrsAMAccountName


authenticationauth_ms_ldap_baseCN=Users,DC=your_domain,DC=com
<ldap>
authenticationauth_ms_ldap_debugtrue
true, false
authenticationauth_ms_ldap_dn_accCN=Administrator,CN=Users,DC=your_domain,DC=com


authenticationauth_ms_ldap_dn_pswyour_administrator_password
<password>
authenticationauth_ms_ldap_groupCN=Users,DC=your_domain,DC=com
<ldap>
authenticationauth_ms_ldap_serveryour.ip.address.here
<ip>
authenticationauth_ms_ldaps_capathrequired


authenticationauth_ms_ldaps_serveryour.ip.address.here
<ip>
authenticationauth_ms_ldaps_verify



authenticationauth_sso_domain

<domain>

OKTA OpenID specific

SectionNameOriginal Value
Possible ValuesDescription
authenticationauth_method_1openid_connect

Set as per this entry to enable.
authentication → auth_openid_connecttypeokta

As at April 2021, only OKTA is tested and supported
authentication → auth_openid_connecturlhttps://YOUR_SUBDOMAIN.okta.com/oauth2/default/v1/token

You should replace YOUR_SUBDOMAIN with the subdomain provided by OKTA.
authentication → auth_openid_connectpasswordpassword

OKTA specific (do not change).
authentication → auth_openid_connecttest_errorerror_description

OKTA specific (do not change).
authentication → auth_openid_connecttest_successaccess_token

OKTA specific (do not change).
authentication → auth_openid_connectusernameusername

OKTA specific (do not change).
authentication → auth_openid_connect → postclient_idYOUR_CLIENT_ID

You should replace YOUR_CLIENT_ID with the client id provided by OKTA.
authentication → auth_openid_connect → postclient_secretYOUR_CLIENT_SECRET

You should replace YOUR_CLIENT_SECRET with the client secret provided by OKTA.
authentication → auth_openid_connect → postgrant_typepassword

OKTA specific (do not change).
authentication → auth_openid_connect → postscopeopenid

OKTA specific (do not change).
authentication → auth_openid_connect → postpassword


Do not set.
authentication → auth_openid_connect → postusername


Do not set.
authentication → auth_openid_connect → headersacceptapplication/json

OKTA specific (do not change).
authentication → auth_openid_connect → headerscontent_typeapplication/x-www-form-urlencoded

OKTA specific (do not change).

Core

Some core web application settings.

SectionNameOriginal Value
Possible ValuesDescription
coremax_backup_files50
<integer>
corewebsocket_proxy_portundef
<integer>

Database

The database section contains connection details to your MongoDB database.


SectionNameOriginal Value
Possible ValuesDescription
databasedb_admin_port28017
<integer>
databasedb_connection_timeout20000
<integer>
databasedb_namenmis
<name>
databasedb_passwordop42flow42
<password>
databasedb_ping_timeout2000
<integer>
databasedb_port27017
<integer>
databasedb_query_timeout5000
<integer>
databasedb_serverlocalhost
<hostname>
databasedb_use_v26_features1
<integer>
databasedb_usernameopUserRW
<username>
databasedb_write_concern1
<integer>

Directories

SectionNameOriginal Value
Possible ValuesDescription
directories<omk_backup><omk_base>/backups
<relative url>
directories<omk_base>/usr/local/omk
<absolute url>
directories<omk_bin><omk_base>/bin
<relative url>
directories<omk_cgi><omk_base>/cgi-bin
<relative url>
directories<omk_conf><omk_base>/conf
<relative url>
directories<omk_data><omk_base>/data
<relative url>
directories<omk_lib_json><omk_lib>/json
<relative url>
directories<omk_lib><omk_base>/lib/
<relative url>
directories<omk_logs><omk_base>/log
<relative url>
directories<omk_models><omk_base>/models
<relative url>
directories<omk_network><omk_var>/network
<relative url>
directories<omk_oae_reports><omk_base>/reports
<relative url>
directories<omk_performance><omk_var>/perf
<relative url>
directories<omk_public><omk_base>/public
<relative url>
directories<omk_reports_ondemand><omk_base>/var/reports/on-demand
<relative url>
directories<omk_reports><omk_base>/var/reports
<relative url>
directories<omk_schedule><omk_conf>/schedule # opreports report schedules
<relative url>
directories<omk_schema><omk_base>/schema
<relative url>
directories<omk_templates><omk_base>/templates
<relative url>
directories<omk_topn><omk_var>/topn
<relative url>
directories<omk_var><omk_base>/var
<relative url>


DNS

SectionNameOriginal Value
Possible ValuesDescription
dnsdns_cache604800
<integer>cache node-to-ip relationships for X seconds
dnsdns_retry7200
<integer>retry dns queries after X, ie. cache negative responses that long

Email

The email settings are used to email scheduled Queries and Reports. These should be changed to your required email server's settings.

To change these using the GUI in Open-AudIT navigate to menu -> Admin -> Configuration -> Email

You may need to restart the omkd daemon / service after making changes to these items.

The file these settings are stored in is (Linux) /usr/local/omk/conf/opCommon.nmis and (Windows) c:\omk\conf\opCommon.nmis.

The settings are common to all Opmantek commercial applications.


SectionNameOriginal Value
Possible ValuesDescription
emailmail_domainyourdomain.com
<domain>
emailmail_fromyourmailname@yourdomain.com
<email>
emailmail_serversmtp.yourdomain.com
<fqdn>
emailmail_server_port25
<integer>
emailmail_subject_prefix[automatic]


emailmail_use_tlstrue
true, false
emailmail_useryour_user_account@your_domain.com
<username>Used for SMTP authentication. Leave empty to skip authentication
emailmail_passwordyour_password
<password>Used for SMTP authentication. Leave empty to skip authentication


Icons

SectionNameOriginal Value
Possible ValuesDescription
iconsalert_critical<omk_url_base>/icons/alert_critical.png
<relative filepath>
iconsalert_degraded<omk_url_base>/icons/alert_warning.png
<relative filepath>
iconsalert_fatal<omk_url_base>/icons/alert_critical.png
<relative filepath>
iconsalert_major<omk_url_base>/icons/alert_major.png
<relative filepath>
iconsalert_minor<omk_url_base>/icons/alert_minor.png
<relative filepath>
iconsalert_normal<omk_url_base>/icons/alert_normal.png
<relative filepath>
iconsalert_reachable<omk_url_base>/icons/alert_normal.png
<relative filepath>
iconsalert_unknown<omk_url_base>/icons/alert_unknown.png
<relative filepath>
iconsalert_unreachable<omk_url_base>/icons/alert_critical.png
<relative filepath>
iconsalert_warning<omk_url_base>/icons/alert_warning.png
<relative filepath>

Macro

SectionNameOriginal Value
Possible ValuesDescription
macrohelloworld


macrosomenumber1234


Module Configs

SectionNameOriginal Value
Possible ValuesDescription
module_configsmodule_base/usr/local/opmantek
<filepath>
module_configsmodule_host



NMIS

The NMIS section contains attributes related to the connected NMIS application.

SectionNameOriginal Value
Possible ValuesDescription
nmis<nmis_dir>/usr/local/nmis8
<filepath>
nmis<nmis_logs>/usr/local/nmis8/logs
<filepath>
nmisnmis_cgi_url_base/cgi-nmis8
<url path>
nmisnmis_dir/usr/local/nmis8
<filepath>
nmisnmis_host_basehttp://localhost
<url>
nmisnmis_icon_small<omk_url_base>/icons/nmis_sml.png
<relative url>
nmisnmis_max_filtered_table_cache_size100
<integer>
nmisnmis_sensitive_property['community','privkey','privpassword','authkey','authpassword','wmiusername','wmipassword','username']


nmisnmisConfConfig
<filename>Filename of NMIS config file, usually Config.nmis, sans nmis.
nmisprefer_local_nmisfalse
true, false

OMKD

SectionNameOriginal Value
Possible ValuesDescription
omkdload_applications[]


omkdomkd_auto_detect_language1
<integer>
omkdomkd_default_languageen
en, es, pt
omkdomkd_display_timezonelocal


omkdomkd_heartbeat_timeout300
<integer>
omkdomkd_hostnamelocalhost
<hostname>
omkdomkd_inactivity_timeout300
<integer>
omkdomkd_listen_address*
<integer> or ** == 'all'.
omkdomkd_listen_port8042
<integer>
omkdomkd_log_levelinfo
info, debug
omkdomkd_max_app_age7200
<integer>
omkdomkd_max_clients1000
<integer>
omkdomkd_max_memory2048
<integer>
omkdomkd_max_message_size31457280
<integer>
omkdomkd_max_requestsundef
<integer> or undef
omkdomkd_performance_logsfalse
true, false
omkdomkd_reactorMojo::Reactor::EV


omkdomkd_require_nmistrue
true, false
omkdomkd_run_levelproduction
production, development
omkdomkd_run_modeprefork


omkdomkd_secrets[ 'Please Change Me!' ]


omkdomkd_static_max_age172800
<integer>
omkdomkd_supported_languages[ 'en', 'es', 'pt' ]


omkdomkd_url_basehttp://yourserver.yourdomain
<url>
omkdomkd_workers6
<integer>

Opmantek

SectionNameOriginal Value
Possible ValuesDescription
opmantekcommon_log<omk_logs>/common.log
<relative path>
opmantekdetails_icon<omk_url_base>/img/details.png
<relative url>
opmantekhome_icon<omk_url_base>/img/home.png
<relative url>
opmantekomk_favicon<omk_url_base>/img/omk_favicon.png
<relative url>
opmantekomk_tiny_logo<omk_url_base>/img/opmantek-logo-tiny.png
<relative url>
opmantekopmantek_eula<omk_base>/LICENSE
<relative path>
opmantekos_fileperm664
<integer>
opmantekos_dirperm775
<integer>
opmantekos_execperm775
<integer>
opmantekos_groupnmis


opmantekos_usernamenmis
<username>
opmantekquestion_icon<omk_url_base>/img/question.png
<relative url>

SNMP

SectionNameOriginal Value
Possible ValuesDescription
snmpsnmp_mib_dir<nmis_dir>/mibs
<relative path>
snmpsnmp_oid_filesnmis_mibs.oid,a3com.oid,dell.oid,ups.oid,akcp.oid
<filenames>
snmpsnmp_timeout5
<integer>
snmpsnmp_retries1
<integer>
snmpsnmp_max_msg_size1472
<integer>

URL / Wireframe

SectionNameOriginal Value
Possible ValuesDescription
url<omk_url_base>/omk
<relative path>
url<omk_cgi_base>/cgi-omk
<relative path>
wireframewireframe_refresh_time120
<integer>