This post explains how to generate self signed certificates with SAN – Subject Alternative Names using openssl. It is a common but not very funny task, only a minute is needed when using this method.
The example below generates a certificate with two SubAltNames: mydomain.com and www.mydomain.com
Create openssl configuration file
Create configuration file for openssh (In a Linux … Read more
It is not the first time my Icinga suddenlty, stops showing the grafana graphs.
If trying to log to Grafana, admin password is not accepted. I am pretty sure i have not changed the password but I am unable to login to Grafana.
And even worse, given that I still have not configured Grafana SMTP section / admin … Read more
Here I am trying to present (I hope in an easy way to understand) some Icinga concepts (maybe also applicable in Nagios) like active and passive checks, enabling and disabling freshness checks, soft and hard states,… and the related parameters to configure them.
ACTIVE and PASSIVE services
There are two types of services:
- ACTIVE: Check initiated by the Icinga
… Read more
I have configured my VSX appliances to perfom scheduled backups every week. Today, my icinga monitoring system has raised an alert informing that VSX2 backup has failed.
GAIA provides some commands to get useful data about the execution of the backup processes.
Show the the latest successful backup
vsx2:0> show backup last-successful
Backup Type: local ( latest )
… Read more
Exim is a very flexible and common MTA (mail transfer agent) in Unix systems.
This posts shows the way to configure Exim as client to send authenticated and encrypted (TLS) emails through a smarthost.
Lets suppose the smarthost email server is listening on port 587 for secure outgoing SMTP…
Configure exim to use the smarthost
To configure exim In … Read more
To configure passive checks in Nagios/icinga I use a tcp listener daemon that launches a script (See Nagios – Using passive checks without agent)
Tried to use inetd superserver daemon, but in the last versions, i have not been able to make it work correctly (See last update in my post: Linux – cannot found / missing inetd.conf)… Read more
Trying to configure a new inetd service needed for my Icinga (see Linux – Create custom inetd service), but i have not been able to find the inetd.conf file.
It seems inetd is not installed by default in the last Debian versions (mine is 9 – stretch).
Luckily, it is packetized in the inetutils-inetd
# apt-get install inetutils-inetd
… Read more
For debugging purposes (or to simply to organize logs as you prefer) it would be interesting to send certain syslog messages to a custom file instead of the default ones like /var/log/ltm or /var/log/apm
This example shows the way to send syslog messages starting with the string #DEBUG# to the file /var/log/customlog
(You can replace both string and … Read more
This post shows the steps to create a multiboot cd with multiple Linux distributions or tools.
For example, I created a recovery / disaster case cd with the following tools:
– Clonezilla (to clone/recover disks and partitions)
– Gparted (partition editior with GUI)
– Trinity Rescue Kit (linux distribution for recovery and repair operations on Windows machines)
The Multicd … Read more
Datagroups can be used in LTM policies to, for example, filter connections based on the client IP address (at least in my BIG-IP v13.0.0)
This is possible by adding a condition like this:
“TCP” – “address” – “matches” – “in datagroup” <DATAGROUP> – at “request” time
(apply traffic on “remote” side of “external” interface)
This works correctly when the … Read more