Table of Contents
All the documentation and resources related to the Tigase server monitoring.
The Tigase server can be remotely monitored over following protocols: JMX/RMI, SNMP and HTTP. Even though JMX offers the biggest control and visibility to the server states all of the monitoring services give the same basic set of the server statistics:
JMX/RMI and SNMP servers offer basic security and can restrict access based and the HTTP server doesn’t offer any access restriction mechanisms. Therefore HTTP monitoring is recommended to work behind a firewall.
The monitoring itself causes very low overhead in terms of the resources and CPU consumption on top of the normal Tigase processing requirements so it can be left always on without worrying about performance degradation.
Note. This works with the Tigase server from version 4.2.0 or SVN revision 1418.
If you use binary build for version 4.2.0 or later you can skip this section as all required libraries are included in the installation package: Extras pack. Please install the pack and you don’t have to worry about libraries any more.
If you run the server from sources or SVN continue reading:
The remote monitoring requires an external library therefore it is implemented in the tigase-extras package to comply with the basic rule - no third-party libraries are needed for the core Tigase server. But still what you need for the remote monitoring activation is just 2 jar files:
Download both libraries and put them in the libs/ directory.
You can either run the Tigase installer and use configuration wizard to activate the monitoring or edit etc/init.properties file and add following line:
--monitoring=jmx:9050,http:9080,snmp:9060
As you see there is only a single line where you put list of monitoring servers you want to activate. Each server is responsible for activation of a different protocol and takes a single parameter - port number. There are following protocols supported right now:
You can have all protocols active at the same time or any combination of them or none.
Both JMX and SNMP offer security protection to limit access to monitoring data. The security configuration is a bit different for both.
After the server installation or in the SVN repository you can find 2 files in the etc/ directory: jmx.access and jmx.password.
jmx.access is a user permission file. You can use it to specify whether the user can access the monitoring data for reading only 'readonly' or with read-write 'readwrite' access. There are example entries in the file already and the content may simply look like:
monitor readonly admin readwrite
jmx.password is a user password file. You can set user passwords here and the format again is very simple and the same as for jmx.access. There are example entries already provided for you convenience. Content of the file may look like the example below:
admin admin_pass monitor monitor_pass
Using above to files you can control who and how can access the JMX monitoring services.
Access to the SNMP monitoring is controlled using ACL (access control lists) which can be configured in the file snmp.acl located in etc/ directory. It contains lots of detailed instructions how to setup ACL and restrict access per user, host and what kind access is allowed. The simplest possible configuration may look like this:
acl = { { communities = public, private access = read-only managers = public.host.com, private.host.com } { communities = admin access = read-write managers = localhost, admin.host.com } }
You might also need Tigase MIB definition: TIGASE-MANAGEMENT-MIB.mib for the server specific statistics. The MIB contains definition for all the server statistics exposed via SNMP.