Configuration
The settings below are taken from the file /usr/local/mk/conf/opCommon.nmis (a text file).
The settings detailed here are used across all Opmantek commercial applications.
You may need to restart the omkd daemon / service after making changes to these items.
Application specific configuration items can be found under the wiki space for the given application.
Common Settings to Consider Adjusting
You will need to change the email settings to that of your email server.
Authentication
Section | Name | Original Value |
| Possible Values | Description |
---|
authentication | auth_crowd_password |
|
| <password> |
|
authentication | auth_crowd_server |
|
| <ip> |
|
authentication | auth_crowd_user |
|
| <username> |
|
authentication | auth_expire_seconds | 3600 |
| <integer> |
|
authentication | auth_htpasswd_encrypt | crypt |
| crypt, plaintext, apache-md5 |
|
authentication | auth_htpasswd_file | <omk_conf>/users.dat |
| <relative filepath> |
|
authentication | auth_lockout_after | 0 |
| <integer> | seconds, 0 for none. |
authentication | auth_login_motd | Authentication required: default credentials are nmis/nm1888 |
|
|
|
authentication | auth_method_1 | htpasswd |
| htpasswd, openaudit, radias, tacacs, crowd, system, ldaps, ldap, ms-ldap, ms-ldaps, novell-ldap, connectwise, pam, openid_connect | openid_connect supported as at April 2021. See below. |
authentication | auth_method_2 |
|
| htpasswd, openaudit, radias, tacacs, crowd, system, ldaps, ldap, ms-ldap, ms-ldaps, novell-ldap, connectwise, pam, openid_connect |
|
authentication | auth_method_3 |
|
| htpasswd, openaudit, radias, tacacs, crowd, system, ldaps, ldap, ms-ldap, ms-ldaps, novell-ldap, connectwise, pam, openid_connect |
|
authentication | auth_ms_ldap_attr | sAMAccountName |
|
|
|
authentication | auth_ms_ldap_base | CN=Users,DC=your_domain,DC=com |
| <ldap> |
|
authentication | auth_ms_ldap_debug | true |
| true, false |
|
authentication | auth_ms_ldap_dn_acc | CN=Administrator,CN=Users,DC=your_domain,DC=com |
|
|
|
authentication | auth_ms_ldap_dn_psw | your_administrator_password |
| <password> |
|
authentication | auth_ms_ldap_group | CN=Users,DC=your_domain,DC=com |
| <ldap> |
|
authentication | auth_ms_ldap_server | your.ip.address.here |
| <ip> |
|
authentication | auth_ms_ldaps_capath | required |
|
|
|
authentication | auth_ms_ldaps_server | your.ip.address.here |
| <ip> |
|
authentication | auth_ms_ldaps_verify |
|
|
|
|
authentication | auth_sso_domain |
|
| <domain> |
|
OKTA OpenID specific
Section | Name | Original Value |
| Possible Values | Description |
---|
authentication | auth_method_1 | openid_connect |
|
| Set as per this entry to enable. |
authentication → auth_openid_connect | type | okta |
|
| As at April 2021, only OKTA is tested and supported |
authentication → auth_openid_connect | url | https://YOUR_SUBDOMAIN.okta.com/oauth2/default/v1/token |
|
| You should replace YOUR_SUBDOMAIN with the subdomain provided by OKTA. |
authentication → auth_openid_connect | password | password |
|
| OKTA specific (do not change). |
authentication → auth_openid_connect | test_error | error_description |
|
| OKTA specific (do not change). |
authentication → auth_openid_connect | test_success | access_token |
|
| OKTA specific (do not change). |
authentication → auth_openid_connect | username | username |
|
| OKTA specific (do not change). |
authentication → auth_openid_connect → post | client_id | YOUR_CLIENT_ID |
|
| You should replace YOUR_CLIENT_ID with the client id provided by OKTA. |
authentication → auth_openid_connect → post | client_secret | YOUR_CLIENT_SECRET |
|
| You should replace YOUR_CLIENT_SECRET with the client secret provided by OKTA. |
authentication → auth_openid_connect → post | grant_type | password |
|
| OKTA specific (do not change). |
authentication → auth_openid_connect → post | scope | openid |
|
| OKTA specific (do not change). |
authentication → auth_openid_connect → post | password |
|
|
| Do not set. |
authentication → auth_openid_connect → post | username |
|
|
| Do not set. |
authentication → auth_openid_connect → headers | accept | application/json |
|
| OKTA specific (do not change). |
authentication → auth_openid_connect → headers | content_type | application/x-www-form-urlencoded |
|
| OKTA specific (do not change). |
Core
Some core web application settings.
Section | Name | Original Value |
| Possible Values | Description |
---|
core | max_backup_files | 50 |
| <integer> |
|
core | websocket_proxy_port | undef |
| <integer> |
|
Database
The database section contains connection details to your MongoDB database.
Section | Name | Original Value |
| Possible Values | Description |
---|
database | db_admin_port | 28017 |
| <integer> |
|
database | db_connection_timeout | 20000 |
| <integer> |
|
database | db_name | nmis |
| <name> |
|
database | db_password | op42flow42 |
| <password> |
|
database | db_ping_timeout | 2000 |
| <integer> |
|
database | db_port | 27017 |
| <integer> |
|
database | db_query_timeout | 5000 |
| <integer> |
|
database | db_server | localhost |
| <hostname> |
|
database | db_use_v26_features | 1 |
| <integer> |
|
database | db_username | opUserRW |
| <username> |
|
database | db_write_concern | 1 |
| <integer> |
|
Directories
Section | Name | Original Value |
| Possible Values | Description |
---|
directories | <omk_backup> | <omk_base>/backups |
| <relative url> |
|
directories | <omk_base> | /usr/local/omk |
| <absolute url> |
|
directories | <omk_bin> | <omk_base>/bin |
| <relative url> |
|
directories | <omk_cgi> | <omk_base>/cgi-bin |
| <relative url> |
|
directories | <omk_conf> | <omk_base>/conf |
| <relative url> |
|
directories | <omk_data> | <omk_base>/data |
| <relative url> |
|
directories | <omk_lib_json> | <omk_lib>/json |
| <relative url> |
|
directories | <omk_lib> | <omk_base>/lib/ |
| <relative url> |
|
directories | <omk_logs> | <omk_base>/log |
| <relative url> |
|
directories | <omk_models> | <omk_base>/models |
| <relative url> |
|
directories | <omk_network> | <omk_var>/network |
| <relative url> |
|
directories | <omk_oae_reports> | <omk_base>/reports |
| <relative url> |
|
directories | <omk_performance> | <omk_var>/perf |
| <relative url> |
|
directories | <omk_public> | <omk_base>/public |
| <relative url> |
|
directories | <omk_reports_ondemand> | <omk_base>/var/reports/on-demand |
| <relative url> |
|
directories | <omk_reports> | <omk_base>/var/reports |
| <relative url> |
|
directories | <omk_schedule> | <omk_conf>/schedule # opreports report schedules |
| <relative url> |
|
directories | <omk_schema> | <omk_base>/schema |
| <relative url> |
|
directories | <omk_templates> | <omk_base>/templates |
| <relative url> |
|
directories | <omk_topn> | <omk_var>/topn |
| <relative url> |
|
directories | <omk_var> | <omk_base>/var |
| <relative url> |
|
DNS
Section | Name | Original Value |
| Possible Values | Description |
---|
dns | dns_cache | 604800 |
| <integer> | cache node-to-ip relationships for X seconds |
dns | dns_retry | 7200 |
| <integer> | retry dns queries after X, ie. cache negative responses that long |
Email
The email settings are used to email scheduled Queries and Reports. These should be changed to your required email server's settings.
To change these using the GUI in Open-AudIT navigate to menu -> Admin -> Configuration -> Email
You may need to restart the omkd daemon / service after making changes to these items.
The file these settings are stored in is (Linux) /usr/local/omk/conf/opCommon.nmis and (Windows) c:\omk\conf\opCommon.nmis.
The settings are common to all Opmantek commercial applications.
Section | Name | Original Value |
| Possible Values | Description |
---|
email | mail_domain | yourdomain.com |
| <domain> |
|
email | mail_from | yourmailname@yourdomain.com |
| <email> |
|
email | mail_server | smtp.yourdomain.com |
| <fqdn> |
|
email | mail_server_port | 25 |
| <integer> |
|
email | mail_subject_prefix | [automatic] |
|
|
|
email | mail_use_tls | true |
| true, false |
|
email | mail_user | your_user_account@your_domain.com |
| <username> | Used for SMTP authentication. Leave empty to skip authentication |
email | mail_password | your_password |
| <password> | Used for SMTP authentication. Leave empty to skip authentication |
Icons
Section | Name | Original Value |
| Possible Values | Description |
---|
icons | alert_critical | <omk_url_base>/icons/alert_critical.png |
| <relative filepath> |
|
icons | alert_degraded | <omk_url_base>/icons/alert_warning.png |
| <relative filepath> |
|
icons | alert_fatal | <omk_url_base>/icons/alert_critical.png |
| <relative filepath> |
|
icons | alert_major | <omk_url_base>/icons/alert_major.png |
| <relative filepath> |
|
icons | alert_minor | <omk_url_base>/icons/alert_minor.png |
| <relative filepath> |
|
icons | alert_normal | <omk_url_base>/icons/alert_normal.png |
| <relative filepath> |
|
icons | alert_reachable | <omk_url_base>/icons/alert_normal.png |
| <relative filepath> |
|
icons | alert_unknown | <omk_url_base>/icons/alert_unknown.png |
| <relative filepath> |
|
icons | alert_unreachable | <omk_url_base>/icons/alert_critical.png |
| <relative filepath> |
|
icons | alert_warning | <omk_url_base>/icons/alert_warning.png |
| <relative filepath> |
|
Macro
Section | Name | Original Value |
| Possible Values | Description |
---|
macro | hello | world |
|
|
|
macro | somenumber | 1234 |
|
|
|
Module Configs
Section | Name | Original Value |
| Possible Values | Description |
---|
module_configs | module_base | /usr/local/opmantek |
| <filepath> |
|
module_configs | module_host |
|
|
|
|
NMIS
The NMIS section contains attributes related to the connected NMIS application.
Section | Name | Original Value |
| Possible Values | Description |
---|
nmis | <nmis_dir> | /usr/local/nmis8 |
| <filepath> |
|
nmis | <nmis_logs> | /usr/local/nmis8/logs |
| <filepath> |
|
nmis | nmis_cgi_url_base | /cgi-nmis8 |
| <url path> |
|
nmis | nmis_dir | /usr/local/nmis8 |
| <filepath> |
|
nmis | nmis_host_base | http://localhost |
| <url> |
|
nmis | nmis_icon_small | <omk_url_base>/icons/nmis_sml.png |
| <relative url> |
|
nmis | nmis_max_filtered_table_cache_size | 100 |
| <integer> |
|
nmis | nmis_sensitive_property | ['community','privkey','privpassword','authkey','authpassword','wmiusername','wmipassword','username'] |
|
|
|
nmis | nmisConf | Config |
| <filename> | Filename of NMIS config file, usually Config.nmis, sans nmis. |
nmis | prefer_local_nmis | false |
| true, false |
|
OMKD
Section | Name | Original Value |
| Possible Values | Description |
---|
omkd | load_applications | [] |
|
|
|
omkd | omkd_auto_detect_language | 1 |
| <integer> |
|
omkd | omkd_default_language | en |
| en, es, pt |
|
omkd | omkd_display_timezone | local |
|
|
|
omkd | omkd_heartbeat_timeout | 300 |
| <integer> |
|
omkd | omkd_hostname | localhost |
| <hostname> |
|
omkd | omkd_inactivity_timeout | 300 |
| <integer> |
|
omkd | omkd_listen_address | * |
| <integer> or * | * == 'all'. |
omkd | omkd_listen_port | 8042 |
| <integer> |
|
omkd | omkd_log_level | info |
| info, debug |
|
omkd | omkd_max_app_age | 7200 |
| <integer> |
|
omkd | omkd_max_clients | 1000 |
| <integer> |
|
omkd | omkd_max_memory | 2048 |
| <integer> |
|
omkd | omkd_max_message_size | 31457280 |
| <integer> |
|
omkd | omkd_max_requests | undef |
| <integer> or undef |
|
omkd | omkd_performance_logs | false |
| true, false |
|
omkd | omkd_reactor | Mojo::Reactor::EV |
|
|
|
omkd | omkd_require_nmis | true |
| true, false |
|
omkd | omkd_run_level | production |
| production, development |
|
omkd | omkd_run_mode | prefork |
|
|
|
omkd | omkd_secrets | [ 'Please Change Me!' ] |
|
|
|
omkd | omkd_static_max_age | 172800 |
| <integer> |
|
omkd | omkd_supported_languages | [ 'en', 'es', 'pt' ] |
|
|
|
omkd | omkd_url_base | http://yourserver.yourdomain |
| <url> |
|
omkd | omkd_workers | 6 |
| <integer> |
|
Opmantek
Section | Name | Original Value |
| Possible Values | Description |
---|
opmantek | common_log | <omk_logs>/common.log |
| <relative path> |
|
opmantek | details_icon | <omk_url_base>/img/details.png |
| <relative url> |
|
opmantek | home_icon | <omk_url_base>/img/home.png |
| <relative url> |
|
opmantek | omk_favicon | <omk_url_base>/img/omk_favicon.png |
| <relative url> |
|
opmantek | omk_tiny_logo | <omk_url_base>/img/opmantek-logo-tiny.png |
| <relative url> |
|
opmantek | opmantek_eula | <omk_base>/LICENSE |
| <relative path> |
|
opmantek | os_fileperm | 664 |
| <integer> |
|
opmantek | os_dirperm | 775 |
| <integer> |
|
opmantek | os_execperm | 775 |
| <integer> |
|
opmantek | os_group | nmis |
|
|
|
opmantek | os_username | nmis |
| <username> |
|
opmantek | question_icon | <omk_url_base>/img/question.png |
| <relative url> |
|
SNMP
Section | Name | Original Value |
| Possible Values | Description |
---|
snmp | snmp_mib_dir | <nmis_dir>/mibs |
| <relative path> |
|
snmp | snmp_oid_files | nmis_mibs.oid,a3com.oid,dell.oid,ups.oid,akcp.oid |
| <filenames> |
|
snmp | snmp_timeout | 5 |
| <integer> |
|
snmp | snmp_retries | 1 |
| <integer> |
|
snmp | snmp_max_msg_size | 1472 |
| <integer> |
|
URL / Wireframe
Section | Name | Original Value |
| Possible Values | Description |
---|
url | <omk_url_base> | /omk |
| <relative path> |
|
url | <omk_cgi_base> | /cgi-omk |
| <relative path> |
|
wireframe | wireframe_refresh_time | 120 |
| <integer> |
|