opFlow 2.3.1 upgrade instructions
- Mark Dueck
- Keith Sinclair (Deactivated)
This documentation assumes you are upgrading from 2.2.X and currently have opFlow reports running.
Upgrade files
Backup your existing installation
cd /usr/local cp -r opmantek opmantek_backup_<insert_date>
- Obtain a copy of the tarball, from now on it will be assumed the file is in /tmp
Untar
cd /usr/local tar -zxvf /tmp/opFlow-release.tar.gz
Update config files
cd /usr/local/opmantek ./bin/opupdateconfig.pl install/opFlow.nmis conf/opFlow.nmis ./bin/opupdateconfig.pl install/opCommon.nmis conf/opCommon.nmis
Copy new configuration files into conf/
cd /usr/local/opmantek cp install/EmailReports* conf/
Fix permissions
cd /usr/local/opmantek/bin ./opfixperms.pl
Restart Daemons
service flowd restart service opflowd restart
Reports (optional)
[OPTIONAL] If you want hourly reports to be available immediately after the hour, add their generation to cron
crontab -e 0 * * * * /usr/local/opmantek/bin/opFlowReports-hourly.sh
Daily reports should already be in the cron, if you have added hourly reports above they are not needed but running the script will do no harm
crontab -e 0 1 * * * /usr/local/opmantek/bin/opFlowReports-daily.sh
Email Reports (optional, requires reports to be configured)
NOTE: Emailing reports DOES NOT work with auth mode "apache". Authentication must run through opmantek code, all other auth methods work, eg: htpasswd, ldap, etc.
Install phantomjs
- Download it from http://phantomjs.org/
- Untar it, move it to /usr/local
- create a sym link to /usr/local/phantomjs, eg. ln -s phantomjs-1.9.2-linux-x86_64/ phantomjs
- Open /usr/local/opmantek/conf/opFlow.nmis, make sure this line 'phantomjs_executable' => '/usr/local/phantomjs/bin/phantomjs' is valid and points to the executable
- Ensure auth mode is not set to apache in nmis8/conf/Config.nmis, 'auth_method_1' => , also make sure auth is removed from apache config file 01opmantek.conf, and restart apache if necessary.
Configure the email section of conf/opFlow.nmis
#the email section needs to be made valid 'email' => { 'mail_from' => 'open-audit_enterprise@yourdomain.com', 'mail_password' => 'your_password', 'mail_server' => 'smtp.yourdomain.com', 'mail_server_port' => 25, 'mail_subject_prefix' => '[mymagictag]', 'mail_use_tls' => 'true', 'mail_user' => 'your_user_account@your_domain.com' }, # example Gmail configuration: 'email' => { 'mail_from' => 'user@gmail.com', 'mail_password' => 'gmailPassword', 'mail_server' => 'smtp.gmail.com', 'mail_server_port' => 587, 'mail_subject_prefix' => '[Report]', 'mail_use_tls' => 'true', 'mail_user' => 'user@gmail.com' },[OPTIONAL] If you would like hourly reports to be emailed, configure the EmailReportsHourly.sh file, then enable it to be run from opFlowReports-hourly.sh
vi /usr/local/opmantek/conf/EmailReportsHourly.sh # set email addresses # set sites # copy/paste code blocks for each site if that is how you want them sent out # create code block for specific reports if you don't want them all sent every time # then uncomment the line to run the EmailReportsHourly.sh script vi /usr/local/opmantek/bin/opFlowReports-hourly.sh ## Uncomment the line below to enable emailing hourly reports ## Run Emails $OMK/conf/EmailReportsHourly.sh # <- this line
- [OPTIONAL] If you would like daily reports to be emailed, follow the same steps as #2 BUT edit EmailReportsDaily.sh and opFlowReports-daily.sh
Troubleshooting
Reminder, you can always test your settings by running the shell script manually (make sure you don't have email addresses listed that should not receive test emails)
# test /usr/local/opmantek/conf/EmailReportsHourly.sh # if you are not getting any emails, check /usr/local/opmantek/logs/opFlowReports.log
Turn on DEBUG if you are having problems and check the logs again:
# opFlowReports-daily.sh, opFlowReports-hourly.sh, EmailReportsDaily.sh, EmailReportsHourly.sh all have this setting DEBUG=false # change this line to: DEBUG=true # now run script again and check /usr/local/opmantek/logs/opFlowReports.log