Web Server Configuration
AccelOps supports these web servers for discovery and monitoring.
Apache Web Server Configuration
Microsoft IIS for Windows 2000 and 2003 Configuration
Microsoft IIS for Windows 2008 Configuration Nginx Web Server Configuration
Apache Web Server Configuration
What is Discovered and Monitored
Event Types
Rules
Reports
Configuration
SNMP
HTTPS
Syslog
Define the Apache Log Format
Apache Syslog Log Format
Settings for Access Credentials
What is Discovered and Monitored
| Protocol | Information discovered | Metrics collected | Used for |
| SNMP | Application type | Process level metrics: CPU utilization, Memory utilization | Performance
Monitoring |
| HTTP(S) via the mod-status module | Apache metrics: Uptime, CPU load, Total Accesses, Total Bytes Connections, Requests/sec, Bytes/sec, Bytes/req, Busy Workers, Idle Workers | Performance
Monitoring |
|
| Syslog | Application type | W3C access logs: attributes include Client IP, URL, User Agent, Referrer, HTTP Version, HTTP
Method, HTTP Status Code, Sent Bytes, Received Bytes, Connection Duration |
Security Monitoring and compliance |
Event Types
In CMDB > Event Types, search for “apache” in the Device Type and Description column to see the event types associated with this device.
Rules here are no predefined rules for this device.
Reports
In Analytics > Reports, search for “apache” in the Name column to see the reports associated with this device. Configuration
SNMP
AccelOps uses SNMP to discover and monitor this device. Make sure SNMP is enabled for the device as directed in its product documentation, then follow the instructions in Setting Access Credentials for Device Discovery to establish the connection between the device and AccelOps, and to initiate the device discovery process.
HTTPS
To communicate with AccelOps over HTTPS, you need to configure the mod_status module in your Apache web server.
- Log in to your web server as an administrator.
- Open the configuration file /etc/Httpd.conf.
- Modify the file as shown in these code blocks, depending on whether you are connecting over HTTP without authentication, or over HTTPS with authentication.
- If you are using authentication, you will have to add user authentication credentials.
- Go to /etc/httpd, and if necessary, create an account
- In the account directory, create two files, users and groups.
- In the groups file, enter admin:admin.
- Create a password for the admin user.
- Reload Apache.
You can now configure AccelOps to communicate with your device by following the instructions in Setting Access Credentials for Device Discovery, and then initiate discovery of the device as described in the topics in Discovering Infrastructure.
Syslog
Install and configure Epilog application to send syslog to AccelOps
- Download Epilog from Epilog download site and install it on your Windows Server.
- For Windows, launch Epilog from StartAll ProgramsInterSect AllianceEpilog for windows
- For Linux, type http://<yourApacheServerIp>:6162
- Configure Epilog application as follows
- Go to Log Configuration. Click Add button and add the following log files to be sent to AccelOps
/etc/httpd/logs/access_log /etc/httpd/logs/ssl_access_log
- Go to Network Configuration
- Set AO System IP(all-in-1 or collector) in Destination Server address (10.1.2.20 here);
- Set 514 in Destination Port text area
- Click Change Configuration to save the configuration
- Apply the Latest Audit Configuration. Apache logs will now sent to AccelOps in real time.
Define the Apache Log Format
You need to define the format of the logs that Apache will send to AccelOps.
- Open the file /etc/httpd/conf.d/ssl.conf for editing.
<142>Sep 17 13:27:37 SJ-Dev-S-RH-VMW-01.prospecthills.net ApacheLog
192.168.20.35 – – [17/Sep/2009:13:27:37 -0700] “GET
/icons/apache_pb2.gif HTTP/1.1” 200 2414 “http://192.168.0.30/”
“Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727)”
<134>Mar 4 17:08:04 137.146.28.68 httpd: [ID 702911 local0.info]
192.168.20.38 – – [04/Mar/2010:16:35:21 -0800] “GET /bugzilla-3.0.4/ HTTP/1.1” 200 10791 “-” “Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8 GTB6”
<142>Sep 17 13:27:37 135.134.33.23 HTTP: [ID 702911 local0.info]
192.168.20.38 – – [04/Mar/2010:16:35:21 -0800] “GET /bugzilla-3.0.4/ HTTP/1.1” 200 10791 “-” “Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8 GTB6”
Microsoft IIS for Windows 2000 and 2003 Configuration
What is Discovered and Monitored
Enabling SNMP on Windows Server 2003
Enabling SNMP on Windows 7 or Windows Server 2008 R2
Creating a Generic User Who Does Not Belong to the Local Administrator Group Creating a User Who Belongs to the Domain Administrator Group
Sample IIS Syslog
Settings for Access Credentials
What is Discovered and Monitored
| Protocol | Information discovered | Metrics collected | Used for |
| SNMP | Application type | Process level metrics: CPU utilization, memory utilization | Performance
Monitoring |
| WMI | Application type, service mappings | Process level metrics: uptime, CPU Utilization, Memory utilization, Read I/O, Write I/O
IIS metrics: Current Connections, Max Connections, Sent Files, Received Files, Sent Bytes, Received Bytes, ISAPI Requests, Not Found Errors |
Performance
Monitoring |
| Syslog | Application type | W3C access logs: attributes include IIS Service Instance, Client IP, URL, User Agent, Referrer, HTTP
Version, HTTP Method, HTTP Status Code, Sent Bytes, Received Bytes, Connection Duration |
Security Monitoring and compliance |
Event Types
In CMDB > Event Types, search for “microsoft is” in the Description column to see the event types associated with this device.
Rules
There are no predefined rules for this device.
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!