You can control the following agent behavior using the SystemEDGE policy control settings:
You can apply the control settings defined in the policy to all machines.
Follow these steps:
The Available Policies page appears.
The Summary page for the policy appears.
The Controls page appears.
The default selections pane appears. You can change the default settings.
Lets you define the following basic SNMP properties:
Specifies an interface to which the agent binds and listens for incoming SNMP requests. Valid addresses are IPv4 or IPv6 address.
Note: The corresponding default _port is specified during installation.
Specifies the trap port the agent binds to for sending SNMP traps. If no bind_address is specified the agent binds to all available UDP addresses.
Default: Port selected by the system
Specifies the agent communication method: IPv4 only, IPv6 only, or both. By default, the agent tries using IPv4 and then IPv6.
Specifies the agent to use FIPS-compliant encryption. Select Non-FIPS Mode to enable the CA eTrust Public Key Infrastructure libraries, and if this method fails, fall back to the internal minimum security solution. Select FIPS Co-existence Mode to enable FIPS-compliant encryption, and if this method fails, fall back to the CA eTrust Public Key Infrastructure Libraries. Select FIPS Only Mode to enable the RSA BSAFE Crypto-C Micro Edition FIPS-compliant libraries and perform no encryption if they fail.
Default: Non-FIPS Mode
Specifies the source address used to send traps. Valid addresses are IPv4, IPv6 address, or a host name.
Default: Host name of the agent
Lets you define the following security preferences:
Sends an authentication failure trap when the agent receives an SNMP message with a community name that the agent cannot recognize.
Default: Disabled
Permits access to processes and other software running on agent systems in the Process table and Running Software table. Allowing SNMP Sets on these tables can cause security issues.
Permits management systems to remotely instruct the agent to run shell scripts and programs on the agent system through the Remote Shell group. The disclosure of this type of information can post a potential security risk.
Enables the execution of action commands with the monitoring tables when a threshold breach occurs. The capability to run action commands and scripts can be a security issue.
Populates the following tables in the Systems Management MIB:
Each table either contains sensitive information that you can expose in a MIB or non-essential information that you can disable to save disk space. The default settings enable population of all tables except for the process table.
Lets you define the following miscellaneous settings:
Permits agent updates using SNMP Sets (for example, removes write communities). If you permit SNMP Sets on the agent, any updates through this method cause a notification of an SNMP Set change and also an exception when viewing policy details for the system.
Enables the agent to send a notification to the manager for any SNMP Set request that the agent processes.
Enables an agent rediscovery of all devices after every warm start configuration update. If you manage a system with many devices, a discovery after every warm start can consume too much time and too many resources.
Perl Compatible Regular Expressions (PCRE) enables you to specify i18n compatible regular expressions while defining monitors that support regular expressions. The examples of regular expressions are log file, process, process group, Windows services and Windows events. You can also use this option to create more complex regular expressions. This option is provided in SystemEDGE agent 5.1.0 and above versions.
Enables you to resolve Index conflicts. When you apply the layered templates to all machines, indexes are assigned to the monitors added in the template. If the assigned indexes conflict with existing indexes either within the base policy or another template, this option reassigns unique index values.
Note: Indexes contained within the base policy are always maintained in the delivered configuration. If this option is disabled, you cannot resolve conflicting indexes. However, when you apply layered templates to the machines, the conflicting indexes are displayed as errors on the layered templates that caused the conflicting indexes.
Lets you define the following settings for the Performance Cube AIM, which collects history information into Systems Performance cubes for historical performance management:
Specifies how often to collect information from the History table into performance cubes.
Specifies the beginning of the reserved range of indices, where the agent per default creates history control entries for collection of performance cube data. This reserved range is used, for example, if SRM (Service Response Monitoring) is configured to collect performance data.
Specifies the end of the reserved range of indices, where the agent per default creates history control entries for collection of performance cube data. This reserved range is used, for example, if SRM (Service Response Monitoring) is configured to collect performance data.
Lets you define the following settings for agents running on UNIX systems:
Specifies a group name other than root under which to run subprograms.
Specifies a user name other than root under which to run subprograms.
Specifies whether to include system buffers, disk cached memory, or both in free memory calculation.
Lets you enable querying of the following system device metrics:
Querying these metrics can cause issues with potential agent blocking. The default settings enable querying of only serial device status and NFS file system status.
The Plugins pane appears. This pane controls which AIMs to load with the agent.
Note: For more information about available AIMs, see the SystemEDGE User Guide.
AIM loading is configured.
Configure aggregate monitors as described in Configure Object Aggregation.
The control settings are defined.
The policy is saved.
|
Copyright © 2013 CA.
All rights reserved.
|
|