Académique Documents
Professionnel Documents
Culture Documents
2
Admin Manual
System for Service Fulfillment and Assurance
October-2018
Infosim®, Inc. · 13809 Research Blvd., Suite 802 · Austin, TX 78750 · USA · F: +1.512.792.4200
Infosim® GmbH & Co. KG · Landsteinerstraße 4 · 97074 Würzburg · Germany · F: +49.931.20592.200
Infosim® Asia Pacific Pte Ltd · 8 Ubi Road 2 · #08-04 Zervex · 408538 Singapore · F: +65.6562.8286
https://www.infosim.net · docu@infosim.net
StableNet® Version 8.3.2
Admin Manual: System for Service Fulfillment and Assurance
© 2004 - 2018 Infosim® GmbH & Co. KG
All rights reserved. No part of this work may be reproduced in any form or by any person without prior written permission of the copyright owner.
This document is proprietary and confidential to Infosim®, and is subject to a confidentiality agreement, as well as applicable common and
statutory law. If you send information to Infosim®, you grant Infosim® a non-exclusive right to use or distribute the information in any way it
believes appropriate without incurring any obligation to you.
Infosim® Disclaimer of Warranty and Statement of Limited Liability
Infosim® provides this document "as is", without warranty of any kind, either express or implied, including, but not limited to, the implied
warranties of merchantability, fitness for a particular purpose or non-infringement. This document may contain technical inaccuracies or
typographical errors. Infosim® may make improvements and changes to the programs described in this document or this document at any time
without notice. Infosim® assumes no responsibility for the use of the programs or this document except as expressly set forth in the applicable
Infosim® agreement(s) and subject to terms and conditions set forth therein. Infosim® does not warrant that the functions contained in the
programs will meet your requirements, or that the operation of the programs will be uninterrupted or error-free. Infosim® shall not be liable for
any indirect, consequential or incidental damages arising out of the use or the ability to use the programs or this document. Infosim® specifically
disclaims any express or implied warranty of fitness for high-risk activities. Infosim® programs and this document are not certified for fault
tolerance, and are not designed, manufactured or intended for use or resale as on-line control equipment in hazardous environments requiring
fail-safe performance, such as in the operation of nuclear facilities, aircraft navigation or communication systems, air traffic control, direct life-
support machines, or weapon systems ("High-Risk Activities") in which the failure of programs could lead directly to death, personal injury, or
severe physical or environmental damage.
Compliance with Applicable Laws; Export Control Laws
Use of Infosim® programs and documents is governed by all applicable federal, state, and local laws. All information therein is subject to German
export control laws and may also be subject to the laws of the country where you reside. All Infosim® programs and documents are commercial in
nature.
Trademarks and Acknowledgments
Infosim® and StableNet® are registered trademarks of Infosim® GmbH & Co. KG. Other Infosim® trademarks include but are not limited to: StableNet®
Enterprise, StableNet® Express, StableNet® Telco, StableNet® CMC. All other product names are the property of their respective trademark or
service mark holders and are hereby acknowledged.
Table of Contents
1. Introduction to StableNet®.................................................................................................1
1.1. About StableNet®....................................................................................................2
1.2. Technical Details.....................................................................................................3
1.3. About Measurements and Monitors.............................................................................3
1.4. StableNet® Enterprise and StableNet® Telco..................................................................4
2. System Requirements........................................................................................................5
2.1. General Requirements..............................................................................................6
2.2. Operating System Requirements................................................................................6
2.3. Hardware Requirements...........................................................................................7
2.4. Database Requirements............................................................................................8
2.4.1. Database Sizing............................................................................................8
2.4.2. Physical Drive Requirements...........................................................................9
3. Installation....................................................................................................................10
3.1. Database Installation.............................................................................................11
3.1.1. MariaDB Database Installation.......................................................................11
3.1.2. Oracle Database Installation..........................................................................12
3.2. StableNet® Agent Installation on Linux......................................................................18
3.3. StableNet® Agent Installation on Windows.................................................................18
3.4. StableNet® Server Installation on Linux.....................................................................18
3.5. StableNet® Server Installation on Windows.................................................................20
3.6. StableNet® GUI Installation.....................................................................................20
3.7. Memory Configuration............................................................................................20
3.8. Default Ports........................................................................................................21
3.8.1. Connection between Server and Agent.............................................................22
3.8.2. Connection between GUI and Server................................................................22
3.8.3. Connection between Server and Database........................................................22
3.8.4. Measurement Ports......................................................................................22
3.8.5. Netflow.....................................................................................................23
3.8.6. Additional Ports..........................................................................................23
3.9. High Availability Installation...................................................................................23
4. Initial Configuration........................................................................................................24
4.1. Agent Onboarding.................................................................................................25
4.2. User Role Administration........................................................................................25
4.3. StableNet® Settings...............................................................................................26
4.3.1. Mail Server.................................................................................................26
4.3.2. Default Properties: Data Storage....................................................................26
4.4. Defining Data Sources............................................................................................27
5. Web Portal Customization.................................................................................................29
5.1. Portal Customization.............................................................................................30
5.2. Default and Customer Portal Design..........................................................................30
5.2.1. Default Portal Design...................................................................................30
5.2.2. Customer Portal Design................................................................................31
5.3. Migration from StableNet® 7....................................................................................32
5.4. Application Name and Default Links..........................................................................33
5.5. Providing Up-To-Date Documentation.......................................................................34
5.6. Providing GUI Installers..........................................................................................34
6. Role-Based Access Control................................................................................................35
6.1. Terminology: User, Profiles, Groups, and Roles............................................................36
The role of the StableNet® Agent is to gather data about the monitored network. It caches the data until
the StableNet® Server logs on to it to import it. Then, the StableNet® Server processes and stores the data
in the StableNet® database. To access and evaluate, as well as to manage StableNet®, you can log in to the
StableNet® Server via the StableNet® GUI, as shown in Figure 1.1. Alternatively, the StableNet® Web Portal
can be used.
Database
To interact with StableNet®, two GUI types are available: a desktop application (StableNet® GUI) and a
web client (StableNet® Web Portal). The StableNet® Web Portal provides only a subset of the StableNet®
GUI features and is not a replacement for the StableNet® GUI.
Note
You can use multiple GUIs simultaneously to manage the same StableNet® Server instance.
The StableNet® Agents' responsibility is to collect network topology and network health information. They
work autonomously and buffer the information locally until the StableNet® Server collects it.
The StableNet® Server is the main component of the solution, as shown in Figure 1.2. It manages the
configuration of StableNet® and polls StableNet® Agents from time to time to collect the buffered data.
Multiple networks can be managed by one StableNet® Server instance. The StableNet® Server is the only
component that directly interacts with the database. 1
StableNet® is designed to support high-availability scenarios. That is why StableNet® Agents work
independently of each other and even continue to work if the StableNet® Server is not reachable.
A minimal StableNet® setup consists of a StableNet® Server instance, a StableNet® GUI installation, and a
single StableNet® Agent. However, in typical installations many StableNet® GUIs and Web Portals access
the StableNet® Server in parallel. For critical environments, StableNet® can be installed in a "High
Availability" mode (please refer to the technical document ADM - High Availability).
In difference to the StableNet® Agents, which are installed and run on their own server hardware, StableNet®
Client Agents can also be installed directly on network nodes to provide enhanced notification and
management features. It executes custom scripts that provide StableNet® with extra information, which
for example can be used to measure the free storage space on a Windows server using a WMI template.
In general, StableNet® is able to monitor multiple, independent networks using at least one StableNet®
Agent per network, as shown in Figure 1.2.
1
If StableNet® is used to monitor its database, the StableNet® Agent must access the database for monitoring, too.
The following Section 1.2 describes important technical details of StableNet®. Finally, Section 1.3 provides
a fundamental understanding of the important StableNet® terms "Measurement" and "Monitor".
StableNet® Server
5100 TCP
StableNet® Agents
Note
HTTP upgrade is used when connecting to the StableNet® Server. If a proxy is used, that has
to support HTTP upgrade as well.
StableNet® Enterprise
Windows Linux OS X
®
StableNet Server Windows Server 2008 R2 RHEL, CentOS 6.8+ -
Windows Server 2012 R1, R2 RHEL, CentOS 7.2+
Windows Server 2016 Ubuntu LTS 16.04
StableNet® Server - latest CentOS 7 version -
High Availability (see note below)
StableNet® Agent Windows Server 2008 R2 RHEL, CentOS 6.8+ -
Windows Server 2012 R1, R2 RHEL, CentOS 7.2+
Windows Server 2016 Ubuntu LTS 16.04
StableNet®GUI Windows 7 SP1 RHEL, CentOS 6.8+ OS X (10.10+)
Windows 8, 8.1 RHEL, CentOS 7.2+
Windows 10 Ubuntu LTS 16.04
Table 2.1: Operating system requirements (StableNet® Enterprise)
Windows Linux OS X
StableNet® Server - RHEL, CentOS 6.8+ -
RHEL, CentOS 7.2+
StableNet® Server - latest CentOS 7 version -
High Availability (see note below)
StableNet® Agent - RHEL, CentOS 6.8+ -
RHEL, CentOS 7.2+
StableNet®GUI Windows 7 SP1 RHEL, CentOS 6.8+ OS X (10.10+)
Windows 8, 8.1 RHEL, CentOS 7.2+
Windows 10
Table 2.2: Operating system requirements (StableNet® Telco)
Note
The latest CentOS version is not necessarily the same as the latest RHEL version. For example,
the latest RHEL version might be 7.4 and the latest CentOS version is 7.3. Then, RHEL 7.3 is
supported for High Availability, but RHEL 7.4 is not supported!
The recommended hardware for a setup with 2 StableNet® Agents (50.000 measurements each) should
meet the requirements listed in Table 2.3. The minimum hardware requirements for a setup of less than
5.000 measurements and less than 500 devices (minimal license without NetFlow measurements) are listed
in Table 2.4.
* If NetFlow processing is done on the StableNet® Agent, 16 cores and 32 GB RAM are recommended.
Note
If you do not have a suitable Oracle DBMS, you may order StableNet® with an embedded Oracle
DMBS (Oracle Embedded License). Contact support@infosim.net for more information.
Minimum Recommended
CPU 4 Cores 16 Cores
RAM 8 GB 32 GB
Disk Direct attached storage (e.g.
12×300GB RAID-10)
Table 2.5: Database hardware requirements
Additional storage space is required for generated reports, device configurations and job results. The size
of this storage depends on the complexity of the objects that are to be saved. To get a good estimation,
multiply the size of one object with the number of objects that will be generated.
Note
Infosim® strongly recommends consulting a database specialist.
#
# Example MySQL database server configuration file for use with StableNet(R)
#
# For explanations see
# http://dev.mysql.com/doc/mysql/en/server-system-variables.html
#
[mysqld]
wait_timeout = 86400
bind-address = 127.0.0.1
max_allowed_packet = 1G
transaction-isolation = READ-COMMITTED
innodb_buffer_pool_size = 16G
innodb_log_file_size = 1G
innodb_log_files_in_group = 8
innodb_flush_log_at_trx_commit = 0
open-files-limit = 10000
max_connections = 1000
character-set-server=utf8
[mysql]
default-character-set=utf8
After the installation, create the database instance by starting the MariaDB client with mysql -u root.
Then, execute the commands below replacing stablenet-server-ip with your StableNet® Server’s
IP. These will create a new database instance called pme, with the username infosim and password
stablenet to connect to the database granting all privileges on all tables in pme.
Note
The database pme, user infosim and password stablenet are the default settings of
the StableNet® Server installer. The database settings can be changed, but in that case they
also have to be changed during the installation of the StableNet® Server!
Note
StableNet® always requires the service name for the database which could be different from
the database SID!
Note
The database pme, user infosim and password stablenet are the default settings of
the StableNet® Server installer. The database settings can be changed, but in that case they
also have to be changed during the installation of the StableNet® Server!
Oracle Linux can be downloaded at www.oracle.com after creating a free Oracle account.
Warning
The described installation is neither performance-optimized nor secure and thus it should
not be used in a production environment. For a production environment, it is recommended
to consult an Oracle database specialist for the database installation.
passwd oracle
# Change this
* soft nproc 1024
# To this
* - nproc 16384
5. Edit /etc/selinux/config and change the line with SELINUX= to the following:
SELINUX=permissive
mkdir -p /u01/app/oracle/product/12.2.0.1/db_1
chown -R oracle:oinstall /u01
chmod -R 775 /u01
2. Replace odb.localdomain with the server’s host name execute in a terminal window:
xhost +odb.localdomain
# Oracle Settings
export TMP=/tmp
export TMPDIR=$TMP
export ORACLE_HOSTNAME=<server_name>
export ORACLE_UNQNAME=pme
export ORACLE_BASE=/u01/app/oracle
export ORACLE_HOME=$ORACLE_BASE/product/12.2.0.1/db_1
export ORACLE_SID=$ORACLE_UNQNAME
export PATH=/usr/sbin:$PATH
export PATH=$ORACLE_HOME/bin:$PATH
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib
export CLASSPATH=$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib
4. Log out and log in again to make sure the changes in the .bash_profile are applied.
export DISPLAY=<machine-name>:0.0
unzip linuxx64_12201_database.zip
cd database
./runInstaller
8. During the installation, make sure to set the encoding to AL32UTF8, and the database name is
set to pme.
9. After the installer completed successfully, edit /etc/oratab and change the N in the end of
every line to a Y:
pme:/u01/app/oracle/product/12.2.0.1/db_1:Y
10. Open an sqlplus session with the password you specified during installation:
11. Issue the following SQL statements to set up a tablespace and user for StableNet®. Using a BIGFILE
instead of a SMALLFILE might increase the performance of the database, depending on the setup.
Note, that autoextend should only be activated for test installations. In a production environment,
autoextend should be turned of (as described in the next section):
quit
The database is now ready for the StableNet® Server to connect to. To test the connection, try to log in
with the newly created infosim user:
sqlplus infosim@pme
To automatically start the database after a server reboot, perform the following steps:
export ORACLE_BASE=/home/oracle/app/oracle
export ORACLE_HOME=$ORACLE_BASE/product/12.2.0.1/db_1
export ORACLE_OWNR=oracle
case "$1" in
start)
# Oracle listener and instance startup
echo -n "Starting Oracle: "
su - $ORACLE_OWNR -c "lsnrctl start"
su - $ORACLE_OWNR -c "dbstart $ORACLE_HOME"
touch /var/lock/oracle
echo "OK"
;;
stop)
# Oracle listener and instance shutdown
echo -n "Shutdown Oracle: "
su - $ORACLE_OWNR -c "lsnrctl stop"
su - $ORACLE_OWNR -c "dbshut $ORACLE_HOME"
rm -f /var/lock/oracle
echo "OK"
;;
reload|restart)
$0 stop
$0 start
;;
*)
echo "Usage: `basename $0` start|stop|restart|reload"
exit 1
esac
exit 0
Now the database can be started and stopped with the following commands:
If the database started properly, the database console can be started or stopped using the following
commands (the commands must be executed by the oracle user and the correct environment from the
bash_profile must be used):
User Rights
The following user roles are required (Admin option is not required):
• CONNECT
• OEM_MONITOR
• RESOURCE (System privileges: Create cluster, create index type, create operator, create procedure,
create sequence, create table, create type)
Caution
After installation/reinstallation, the server needs to be rebooted and the functionality of the
database has to be checked!
Please be aware that without a reboot the database will not work correctly!
After the silent installation is completed, the license file (license.dat) must be copied into
/opt/stablenet/snagent/conf/. The snagent executable located in the
/opt/stablenet/snagent/bin directory can be used to change username, password and port.
The available command line options can be shown using -help.
Independent of the operating system, unzip has to be installed as well. The hostname has to be provided
in the /etc/hosts file.
After adding the libraries, the StableNet® Server can be installed by executing the file
StableNetServerInstall.bin.
Without a graphical user interface, it is possible to install the StableNet® Server using the command line
option -i console. To change server settings after the installation, the standalone.xml file
located in the /opt/stablenet/snmw/wildfly/standalone/configuration directory
can be adapted. The installer uses the following default values:
Database type
MariaDB
Database server
127.0.0.1
Database port
3306
Database name
pme
Database user
infosim
Database password
stablenet
StableNet® HTTPS port
5443
Before the StableNet® Server installation is finished, a database check is done which checks if the database
is configured correctly. That includes a check whether 250 concurrent connections can be opened, the
correct charset is used and if BLOBs can be written to the database. If the database check fails, the database
has to be configured correctly and the StableNet® Server has to be reinstalled.
During the first installation of any StableNet® version starting from 7.5.3, the installation of the database
driver for MySQL requires additional steps. Due to the license definition, the MySQL driver must not be
bundled, but installed by the customer during the installation of StableNet®. This means that the customer
has to follow the download instructions given in the installer and select the downloaded driver. The driver
is then stored in the config/database-driver folder for later updates. During later updates, this
driver will be selected automatically and no extra work is required then.
This does not apply to Oracle drivers or MariaDB drivers which are bundled in the installer. The MariaDB
driver can be used for all new MariaDB 10.1 and MySQL 5.7 installations in full UTF-8 mode. For existing
installations, the original MySQL driver is still required. Also, updating an existing MySQL 5.6 database
to, e.g. MySQL 5.7, will still require the MySQL driver since the internal encoding of the database data is
not in UTF-8.
To use the Connect to Device feature in the StableNet® GUI, PuTTY has to be installed on the system. The
StableNet® GUI installer for Windows contains the binary, so no additional action is required. However,
on MacOS and Linux, an additional package has to be installed:
• Linux: putty package must be installed
• MacOS: XQuartz package must be installed
Each file contain the terms -Xms### and -Xmx###, where ### is the amount of configured memory.
For example, -Xms1g defines 1GB of memory for the -Xms option. The options have the following
meaning:
-Xms###
Defines how much memory the application (StableNet® Server respective StableNet® GUI) acquires
on startup.
-Xmx###
Specifies the maximum memory the application (StableNet® Server respective StableNet® GUI)
can use.
Note
All values must be at least the size specified in Chapter 2. If the memory settings for the
StableNet® GUI has been changed, the file update.xml has to be deleted. It can be found
in /opt/stablenet/snmw/wildfly/update/ (Linux) or
%windir%/snmw/wildfly/update/ (Windows) if the default paths were used during
the installation.
Measurement/Service Port
SNMP UDP 161
SNMP Traps UDP 162
Syslog UDP 514
Client Agent TCP 5100
3.8.5. Netflow
The StableNet® Agent receives Netflow data on UDP port 5100.
Figure 4.1: Adding a StableNet® Agent in the GUI after the installation
Section 8.1 describes how to set the different properties of the agent. After adding the agent to the server,
devices can be added and the network can be monitored.
The Data Aggregation has three stages. Each stage takes all data measurement points in the defined
interval and aggregates them to one single data measurement point. A stage gets active, if data is older
than the defined age. For example, if a ping measurement is executed once per minute, one hour of
measurements consists of 60 measurement points. According to the settings of Figure 4.3 stage one of
the data aggregation will aggregate all 60 data measurement points to one data measurement point. As
the age is 14, only data older than this time value is aggregated. Stage two then takes all data that is older
than 60 days and aggregates all measurement points in an interval of eight hours to one measurement
point. This means that eight measurement points from the ping measurement in stage one are aggregated
to one measurement point. This is repeated for the third stage as well.
The Time to Live properties set the time when measurement data is removed from the database. In
addition to measurement data, it is also possible to set a time to live for other data, for example Action
Events, Log Data or Job Results.
Warning
It is highly recommended to not use a mix of MySQL and MariaDB databases for database
variables and/or the main StableNet® database. Only one of these should be used and all
databases should use the same encoding to prevent driver issues.
Note
This chapter does not describe CSS or web design in general. It only provides information on
where to put the respective files and how to configure StableNet® to use the provided styles.
<SNMW_INSTALLATION_DIRECTORY>/config/gui/assets/
It already contains a subdirectory called default which reflects the file structure that is necessary to
adjust the web portal:
favicon.ico
The favicon that is used in the browser's address bar.
design.css
The style sheet used for the design of users who are logged into the StableNet® portal.
login.css
The style sheet used for the login page of the StableNet® portal.
The default design is already available to be customized and all changes are reflected directly in the portal
without restarting the server. However, the default design is always overridden on updates of StableNet®.
Therefore, it is a best practice to add a new subdirectory for each custom design to the assets directory.
Each customization should have a significant name and at least the three files listed above. The complete
portal can be customized using normal Cascading Style Sheets. Respective classes or IDs must be taken
from the portal's source code (available via browsers) and may require a deep understanding of how CSS
selectors and inheritance work.
After adding new designs to the assets directory, a small reconfiguration of StableNet® is necessary.
The next section describes two different ways to use web portal customizations.
Note
All changes to the assets directory files are reflected directly to the portal and may impact
the user experience if the customized design is actively used.
The Portal Custom Design property reflects the directory name of the default design which
is used for each user of StableNet®. The directory needs to be located in the following directory:
<SNMW_INSTALLATION_DIRECTORY>/config/gui/assets/
If the directory is not existing, the StableNet® internal design is used as a fallback solution. Changing
this property affects the design of all users if not specified otherwise on a per group basis described
in the next section.
The Group Web Design property reflects the directory name of the default design used for all
members of this specific group.
The user group design has precedence over the default design specified for all users. If a user is member
of multiple groups with different designs, the selected design is based on StableNet® internal identifiers.
Therefore, it is a best practice to define explicit custom design groups and assign only one of those groups
to each user.
Note
The login page cannot be customized on a per group basis because group assignments are
only available for logged in users. Instead, the globally defined login page customization is
used.
<SNMW_INSTALLATION_DIRECTORY>/config/webgui/
All CSS data and images referenced from CSS files need to be moved to the directory structure and files
described in Section 5.1.
Taking the custom design of StableNet® 7 as an example, all relevant data is located in the following two
directories:
<SNMW_INSTALLATION_DIRECTORY>/config/webgui/login/custom/
<SNMW_INSTALLATION_DIRECTORY>/config/webgui/design/custom/
<SNMW_INSTALLATION_DIRECTORY>/config/gui/assets/
All style sheets located in the design directory need to be copied into the design.css of the previously
created directory. Style sheets in the login directory need to be copied into the login.css.
Customers using the dual login concept of StableNet® 7 are able to activate it via the default property,
shown in Figure 5.3.
Figure 5.3: StableNet® Default Properties Editor - Web Portal Dual Login
Enable the check box of the Dual Login property to enable the dual login feature of the StableNet®
Web Portal.
The dual login feature adds two additional fields to the normal login, summing up to four fields, two for
a username and two for a password. Thus, it is possible to split knowledge of login credentials among two
persons, each one knowing a part of the secret to authenticate against StableNet®. A normal user account
is taken for this, but username and password consist of two parts where each part is shared with two
persons.
Note
Starting with StableNet® 8, it is not possible to customize HTML pages directly. All design
changes need to be made via CSS.
In detail:
• Users belong to profiles (e.g. Administrator Set) or groups (e.g. Administrator).
• Profiles are a set of groups (e.g. Administrators).
• Groups are a set of roles (e.g. Modify Device).
After setting up profiles and group, and assigning them to users, the next step is to assign components
to users:
• Groups → StableNet® components
Groups are assigned to StableNet® components (e.g. measurements, devices, reports, …). This assignment
is stored on component level. All users belonging to such an assigned group indirectly get access to the
component based on the set of roles of that group.
A user object itself stores e.g. a login name and password. This is required to login to the StableNet® GUI.
The assigned groups or profiles (as a set of groups) result in a set of roles. These roles are split into global
and component-based roles. Component-based roles allow authorization only on the assigned components.
Global roles grant you access to all components although they are not explicitly assigned. By default, each
group assigned to a component has at least read access to it. For example, a device for a user is only shown
in the GUI if it has group assignment of one of the user's attached groups or if the user is member of a
group with the View Devices (Global) role.
6.2.1. Users
The user infosim with the default password stablenet has administrative rights and, therefore, has
access to all StableNet® functionalities.
Opening the menu Options → User/Customer Management shows a list of all users, as shown in Figure 6.1.
Allows searching for elements in the table below based on the selected column.
Allows switching the column for element search.
Shows a list of all users according to the content of the Search field.
Creates a new user.
Imports users, groups, and other security settings from a CSV file to StableNet®.
The file can be modified prior to the import process.
Exports all manually created users into a CSV file.
When adding new users manually, the dialog shown in Figure 6.2 opens.
Note
The type of external authentication is configured in the
snmw/config/system.properties file of the StableNet® Server. A
restart of the StableNet® Server is required after the file has been modified.
The following Figure 6.3 shows the corresponding tab content to assign profiles and groups to the user.
6.2.2. Profiles
Profiles have a set of groups assigned and allow assigning the correct user settings depending on the
user's role in StableNet®. If profiles are well-defined, a profile can easily be assigned to a new user. This
saves time and effort.
Tip
From a technical point of view, for example, it is the same to assign a user to the groups
ReadOnly and NOC
or
to assign a user to a profile RONOC (which consists of the groups ReadOnly and NOC).
The Profiles tab in the window User/Customer Management shows a list of all available profiles and allows
searching and managing them.
The buttons New or Modify open the following Profile Properties dialog:
The dialog allows specifying a Profile Name and a Profile Description. In addition, groups can be added to
the profile by selecting them in column Select.
If the profile is synchronized via an External Authentication Synchronization Job, the Synchronization
Type contains the type of the synchronization (LDAP or Active Directory) and the Synchronization
Configuration contains the name of the configuration as defined in the User/Group Synchronization
Management.
In this example, members of the default group Administrators have full role authorization, except the GUI
Expert Properties. The group Users has no roles selected, but grants read-only access to StableNet®
components.
When creating a new or modifying an existing group, the dialog in Figure 6.7 opens.
In addition to the Group Name and the Group Description, this dialog allows to specify a Group Web Design
only for members assigned to this group. For more information on Web Portal customization, refer to the
Administrators manual. In addition, it is possible to assign users to this group via the column Member of
the table displayed in the bottom of the dialog.
The tab Web Menu Display Settings allows to authorize the group members visibility and access to the
different sections of the StableNet® Web Portal.
Please be aware of the different categories shown in the tabs Status, Inventory, Analyzer, Reporting, Device
Automation, Settings, and Help. More information on the StableNet® Web Portal is available in the StableNet®
User Manual.
The Roles tab shows all available and assigned roles to the current group.
The Search field allows filtering within the list of roles. The corresponding selection box allows filtering
on active or inactive roles. The roles are grouped and can be also used for filter purposes. For example,
searching for the text Agent in the column Role Group will list all roles that belong to agent authorization
(e.g. modify, view, create agent).
Searching the text View in the column Role shows all view authorization roles available for all objects.
Role Description
All Agent Rights (Global) Allows to view, add, and modify all StableNet® Agents.
Create Agent (Global) Allows adding a StableNet® Agent to the system.
Flow Query (Global) Determines whether the Flow Query Analyzer can be used based
on the NetFlow raw data of the StableNet® Agent.
Modify Agent Allows modifying a StableNet® Agent.
Modify Agent (Global) Allows modifying a StableNet® Agent.
View Agent (Global) Allows viewing all StableNet® Agents. Only supported in the Telco
version. In the Enterprise version, all users see all StableNet®
Agents.
Role Description
All Alarm Group Rights (Global) Allows modifying default properties.
All Business Hour Group Rights Allows modifying all business hour groups.
(Global)
Confirm Prepared Jobs (Global) The owner of that role can confirm Prepared Jobs (two-man rule).
Custom Service Job (Global) The owner of that role can handle Custom Service Jobs. These jobs
are only available with special license and module.
GUI Expert Settings (Global) The owner of that role has access to the expert settings in the GUI.
Modify Cisco Extension Mapping Allows modifying the entries within the
(Global) Cisco Extension Mapping Management.
Modify Config Job Templates (Global) Allows modifying the Config Job templates in StableNet®.
Modify Configuration Snippets (Global) Allows creating, modifying, and deleting configuration snippets.
Modify Database Variables (Global) Allows creating, modifying, and deleting database variables.
Modify Device Info Commands (Global) Allows creating, modifying, and deleting device info commands.
Modify End-of-X Information (Global) The owner can create, modify, and delete End-of-X data.
Modify Global Parameters (Global) Allows modifying default properties.
Modify Report or Measurement Allows modifying the SNMP, WMI or trap templates in StableNet®
Templates (Global) as well as reports.
Modify Trap/Syslog/Store Filters Allows modifying the trap or syslog filters for those events.
(Global)
Modify Vulnerability Information Allows creating, modifying, and deleting vulnerabilities.
(Global)
Read Configuration Snippets (Global) The owner of this role can see the configuration snippets.
Read Database Variables (Global) The owner of this role can see the database variables.
Role Description
All Dashboard Rights (Global) This role allows to create, modify, and delete dashboards.
Create Dashboard (Global) This role allows to create dashboards.
Modify Dashboard This role allows to modify own dashboards.
Modify Dashboard (Global) This role allows to modify all dashboards.
View Dashboard (Global) The user is allowed to view all dashboards.
Role Description
All Device Rights (Global) Allows doing anything within the inventory. This includes adding,
deleting, and modifying devices.
Create Device (Global) Allows creating devices within the own group.
Modify Device Allows modifying assigned devices.
Modify Device (Global) Allows modifying devices.
Rediscover Device (Global) Allows to rediscover devices.
View Devices (Global) Makes all devices visible within the inventory.
Role Description
All Device Job Rights (Global) Grants full access control to all Device Jobs.
Create Device Jobs (Global) Allows creating Device Jobs.
Create Device Jobs without The owner of that role can create jobs without the need to confirm
Confirmation (Global) them (two-man rule).
Deploy Device Jobs (Global) Allows deploying Device Jobs.
Modify Device Jobs Allows modifying assigned Device Jobs.
Role Description
All Discovery Job Rights (Global) Grants all permissions to Discovery Jobs.
Create Discovery Jobs (Global) Allows creating Discovery Jobs.
Create Discovery Jobs without The owner of that role can create jobs without the need to confirm
Confirmation (Global) them (two-man rule).
Modify Discovery Jobs Allows modifying Discovery Jobs assigned to groups.
Modify Discovery Jobs (Global) Allows modifying Discovery Jobs.
View Discovery Jobs (Global) Makes all Discovery Jobs visible.
Role Description
Acknowledge/Unacknowledge Alarm Allows to acknowledge or unacknowledge Alarms.
(Global)
All Element Rights (Global) Sets full rights to all elements (= folders, measurements).
All Maintenance Rights Set full maintenance rights to all elements.
Create Elements (Global) Allows creating elements within the Measurement Tree if
permissions are present to the parent folder.
Create Ticket (Global) Set permissions to create and clear tickets.
Create/Clear Alarm (Global) Allows to create or clear alarms.
Maintenance Alarming Allows to create maintenance for devices, which will disable only
monitors (Alarming).
Maintenance Override Interval Allows to create maintenance for devices, which will override
measurement interval.
Modify Elements Allows modifying elements within the Measurement Tree if
permissions are present to the parent folder.
Modify Elements (Global) Allows modifying elements within the Measurement Tree if
permissions are present to the parent folder.
View Elements (Global) Allows making all elements visible within the Measurement Tree.
Role Description
All Report Rights (Global) Allows full control of the reporting features in StableNet®.
Create Reports (Global) Allows creating reports.
Modify Reports Allows modifying own reports.
Modify Reports (Global) Allows modifying all reports.
View Reports (Global) Allows viewing all reports.
Role Description
All Service Domain Rights (Global) Allows full control of the Service Domains.
Create Service Domains (Global) Allows creating Service Domains.
Modify Service Domains Allows modifying assigned Service Domains.
Modify Service Domains (Global) Allows modifying Service Domains.
View Service Domains (Global) Allows viewing all Service Domains.
Table 6.11: Role group: Service Domains
Role Description
All Service Layer Rights (Global) Allows full control of the Service Layers.
Create Service Layers (Global) Allows creating Service Layers.
Modify Service Layers Allows modifying assigned Service Layers.
Modify Services Layers (Global) Allows modifying Service Layers.
View Service Layers (Global) Allows viewing all Service Layers.
Table 6.12: Role group: Service Layers
Role Description
All Service Type Rights (Global) Allows full control of the Service Types.
Create Service Types (Global) Allows creating Service Types.
Role Description
All Services Rights (Global) Allows full control of the Services.
Create Services (Global) Allows creating Services.
Modify Services Allows modifying assigned Services.
Modify Services (Global) Allows modifying Services.
View Services (Global) Allows viewing all Services.
Table 6.14: Role group: Services
Role Description
All Syslog Query Template Rights Grants access to all Syslog Query Templates.
(Global)
Create Syslog Query Templates (Global) Allows creating Syslog Query Templates.
Individual Syslog Queries (Global) Allows the execution of individual Syslog Queries.
Modify Syslog Query Templates Allows modifying own Syslog Query Templates.
Modify Syslog Query Templates Allows modifying all Syslog Query Templates.
(Global)
View Syslog Query Templates (Global) Makes all Syslog Query Templates visible.
Role Description
All Tag Filter Rights (Global) Allows full control on Tag Filter Management.
Create Tag Filter (Global) Allows creating Tag Filters.
Modify Tag Filter Allows modifying assigned Tag Filters.
Modify Tag Filter (Global) Allows modifying all Tag Filters.
View Tag Filter (Global) Allows viewing all Tag Filters.
Table 6.16: Role group: Tag Filter
Role Description
All Tag Tree Configuration Rights Allows full control of the Tag Tree Configuration.
(Global)
Create Tag Tree Configuration (Global) Allows creating Tag Tree Configurations.
Modify Tag Tree Configuration Allows modifying assigned Tag Tree Configurations.
Role Description
All Trap/Syslog Color Management Allows to view the Trap/Syslog Color Management and allows to
Rights (Global) create and modify color mappings in the Trap/Syslog Color
Management.
Create Color Mappings (Global) Allows to create color mappings in the Trap/Syslog Color
Management.
Modify Color Mappings (Global) Allows to modify color mappings in the Trap/Syslog Color
Management.
View Trap/Syslog Color Management Allows to view the Trap/Syslog Color Management.
(Global)
Table 6.18: Role group: Trap/Syslog Color Management
Role Description
Modify Users and Groups (Global) Grants access to the user and group management.
View all Users and Groups (Global) Grants read-only access to the user and group management.
Role Description
All Weather Map Rights (Global) Grants access to all Weather Maps.
Create Weather Maps (Global) Allows creating Weather Maps.
Modify Weather Maps Allows modifying own Weather Maps.
Modify Weather Maps (Global) Allows modifying own Weather Maps.
View Weather Maps (Global) Makes all Weather Maps visible.
6.3. Examples
The following examples will give an idea on how groups can be used to fulfill specific security requirements.
These examples shall only give a basic understanding and may be adapted to specific needs.
Additionally, the following tabs can be activated in Web Menu Display Settings tab (see Figure 6.8 for more
details):
• Analyzer: Charts Analyzer, Group Analyzer, and Category Statistic
• Help: all entries
Users assigned to this group will have rights to rediscover assigned devices, acknowledge/unacknowledge
or create/clear alarms and schedule maintenances with Disable Monitors (Alarming) option.
Additionally, activate in Web Menu Display Settings tab (see Figure 6.8 for more details):
• Status: all entries
• Inventory: all entries
• Analyzer: all entries
• Reporting: all entries
• Device Automation: nothing
• Settings: all entries
• Help: all entries
The interface eth2 is not matched, even though the name filter eth matched. That is because the
mandatory description filter +automeasure does not match.
The interface eth1 is matched because the mandatory description filter +automeasure matches. The
name filter does also match, but it is not necessary.
The interfaces eth10 and eth11 are not matched, because the name filter explicitly excludes them. It
does not matter whether the mandatory description filter matches.
Filters the list of business hour groups depending on the input and the selected column.
Shows a list of all business hour groups available in the StableNet® system.
Allows creating a new business hour group.
Modifies the selected business hour group.
Deletes the selected business hour group.
The dialog shown in Figure 7.4 is used to create a new business hour group or modify existing ones.
Defines one of the following events if the business hour group stops a measurement:
• No Monitor Event: If a monitor is deactivated, no event will be created. The monitor will enter
a No Data Ok or No Data Alarm state.
• Create Monitor Maintenance Event: A maintenance event will be created. The monitor will be
in maintenance state outside the operation hours.
• Create Monitor No Data Event: A no data event will be created. The monitor will be in No Data
state outside the operation hours.
Sets the business hours. It is possible to configure up to two periods per day.
Figure 7.5 shows the Once-Off Maintenance tab that allows defining maintenance intervals.
Filters the list of TCP port usages depending on the input. Allows filtering on different columns.
Lists all available TCP port usages in StableNet®.
Enables the discovery of the TCP port usage.
Enables the auto measurement of the TCP port if found during the discovery.
Opens a dialog to add a new TCP port usage to the system.
Modifies the currently selected TCP port usage.
Deletes the currently selected TCP port usage.
Imports TCP port usages from a CSV file.
Exports all TCP port usages to a CSV file.
Allows filtering the list of MIB files depending on the input and the selected column.
Lists all available MIB files.
Imports a MIB file to StableNet®.
Exports the selected MIB files.
Deletes the selected MIB files.
Opens the MIB browser to connect to a device.
Opens the Agent Update Manager. This can be used to synchronize agents with MIB files from the
StableNet® Server.
Note
Because some public MIB definitions are not following the standard, many MIB file definitions
are known to have syntactical issues. This can cause problems, especially if some other MIB
definitions depend on them. Concerning MIB file syntax, the StableNet® MIB parser works
strictly. Even if other SNMP tools accept the file, there may be still syntactical errors.
After connecting to the device, the SNMP Walk Dialog shown in Figure 7.10 is opened. It shows the MIB
tree structure. To look at the value of an OID, it is necessary to walk it.
Depending on the selected tab, additional buttons might be shown next to the Set Defaults button. These
allow to set additional properties for the respective tabs. For example, the report mail settings can be
changed in the Reporting tab and WMI credentails can be defined in the WMI tab.
8.1. Overview
The StableNet® Agent is the critical component for monitoring in StableNet®. It executes all device-related
operations and is the single component that requires direct connection to the monitored devices. The
StableNet® Agent is scanning the network and querying device information during the discovery process.
Also, all measurements in StableNet®, such as SNMP, WMI, and script measurements, are executed by a
Discovery
During the discovery process, StableNet® performs a network scan based on the discovery input and queries
device information from the available devices. Although the StableNet® Server controls the discovery
process, the actions are performed by the StableNet® Agent. To scan the network, the StableNet® Agent
sends ICMP echo requests to the devices defined for discovery. In addition, device and topology information
is read from the available devices. For this purpose, the StableNet® Agent sends SNMP queries to the
devices. The StableNet® Server then stores the discovered data in the database and fills the StableNet®
inventory and topology graph.
Measurements
All measurements in StableNet® are executed by the StableNet® Agent. The StableNet® Agent is an SNMP
and WMI collector, SNMP trap and syslog message receiver, and can execute measurement scripts. Each
measurement is set up on the StableNet® Agent according to the measurement configuration received
from the StableNet® Server. After measurement setup, the StableNet® Agent will execute measurements
according to their schedule. The measurement execution is independent from the StableNet® Server and
will continue even if connection to the StableNet® Server is temporarily lost. Each measurement produces
measurement data, which is temporarily stored in a local database on the StableNet® Agent. The data is
regularly imported by the StableNet® Server and stored in the central StableNet® database. If the connection
from the StableNet® Server to the StableNet® Agent or to the database is lost, the measurement data
collected by the StableNet® Agent is imported after the connection is re-established without data loss.
SNMP Traps
The StableNet® Agent acts as an SNMP trap receiver. For the correct textual representation of traps, the
StableNet® Agent requires all relevant SNMP MIB files that define traps, including their dependencies.
Otherwise, only OIDs and values will be shown. The required MIB files are marked for synchronization after
being loaded in StableNet®. However, they are not automatically synchronized to the StableNet® Agent.
The synchronization to the StableNet® Agents only takes place when manually triggered or during the
weekly full maintenance. After synchronizing MIB files to the StableNet® Agents, the StableNet® Agents
need to be restarted for the changes to take effect.
Whenever a trap is received, the StableNet® Agent will parse the trap data, including variable bindings,
according to the available MIB files, and store the data temporarily in a local database. The data is imported
regularly by the StableNet® Server and written to the central database. The trap data can then be viewed
in the StableNet® GUI.
Syslog
Similar to SNMP traps, the StableNet® Agent is also a syslog message receiver. Syslog messages are stored
temporarily in a local database and then imported by the server. The data will be stored in the central
database and can be viewed in the StableNet® GUI.
When processing syslog messages, the StableNet® Agent will check if they match any defined syslog
measurements. If this is the case, it will generate monitor events accordingly.
Flow
Another important function of the StableNet® Agent is to receive, process, and store flow data. Currently,
NetFlow (including v9), IPFIX, J-Flow, and sFlow (port 6343) are supported. The received data is stored
in a local database and can be analyzed using the Flow Query. The raw flow data is not imported by the
StableNet® Server or stored in the StableNet® database. Only flow measurement data is stored in the
database.
Device Configuration
The StableNet® Agent also plays a crucial role for the network configuration and change management
module. The connections to the devices are set up from the StableNet® Agent. The StableNet® Server does
not connect to the devices directly.
If a StableNet® Agent is selected, additional details are displayed in the table on the right side, as shown
in Figure 8.3.
The Agent States dialog displays a summary of the StableNet® Agents' status, as shown in Figure 8.4.
Similar to the agent list, the StableNet® Agent name, version, and connection state are shown. The Last
Action Commit column shows the date and time of the action event, i.e. Alarm or OK, that was last imported
by the StableNet® Server and written to the database. Similarly, the Last Data Commit column shows the
timestamp of the measurement data that was last imported by the server.
Note
The Last Action Commit timestamps should be up to date. If this is not the case, the data import
to the server is lagging. This is usually caused by database or network problems. High load
on the StableNet® Agent can be another reason for data import issues. It is also known that
measurement data import can be delayed during the StableNet® full maintenance. In this
case, the delay is normal and represents no issue.
The table also shows the time difference between the StableNet® Agents and the StableNet® Server as well
as the time zone of each StableNet® Agent. The time difference should be equal to or nearly zero.
Note
Significant time differences between the StableNet® Server and the StableNet® Agents will
lead to problems with measurement, SNMP trap, syslog, and event data timestamps. For this
reason, time synchronization (e.g. NTP) is required for all StableNet® components.
The Measurements column shows the number of measurements configured on the StableNet® Agent. The
Work Queue shows the number of server requests that still need to be processed by the StableNet® Agent.
For example, changes in measurement or monitor settings, maintenance entries, etc.
8.2.3.1. Info
The Info tab displays general information about the StableNet® Agent, as shown in Figure 8.6. All information
is read-only.
8.2.3.2. License
The License tab illustrates a summary of the license of the StableNet® Agent, as depicted in Figure 8.7. In
addition, it allows updating or saving the license to the local file system.
8.2.3.3. Options
The Options tab shown in Figure 8.8 allows editing the StableNet® Agent's mail configuration and changing
the flow data storage settings.
The StableNet® Agent mail settings can only be edited if the option to synchronize them with the server
is disabled. This can be done in the Options tab of the Modify Agent dialog. For SMTP mail configuration,
set the mail server IP, the mail sender address and, optionally, mail server credentials. An option to enable
TLS for secure communication with the mail server is also available. The server IP can optionally specify a
port, for example 10.1.1.151:25. If the port is omitted, the default SMTP port 25 is used. To check
the mail settings, a test email can be sent.
Mails can also be sent by another StableNet® Agent as a proxy using the syntax agent:<ip>,<port>.
In that case, the mail server username and password will not be used. Instead, the mail configuration of
the proxy agent will be used. Both StableNet® Agents must have the same login credentials.
The flow storage settings define the maximum single and total file size for flow data stored locally by the
StableNet® Agent. This enables splitting the stored flow data into several files. If the size of the current
flow data file exceeds the limit, a new one is created. If the total size maximum is exceeded, the oldest
file is deleted.
8.2.3.5. Script
This view shows the alarm scripts and business process scripts available on the StableNet® Agent and
provides management functionality. Alarm scripts can be executed automatically when an alarm occurs
as part of the alarm groups in StableNet®. A list of all available alarm scripts on the StableNet® Agent is
displayed on the left. For managing alarm scripts, upload, download, and remove actions are provided.
Business process scripts are used to measure performance data in StableNet®. Similar to alarm scripts, a
new business process script can be added and existing scripts can be downloaded or removed.
8.2.3.6. Measurement
The Measurement tab shows a summary of all configured measurements on the agent. For each measurement,
the table consists of the internal measurement ID, the last and next measurement execution timestamp,
and the total number of measurement executions. The Database ID column shows the ID of the local agent
storage for that measurement. The internal agent module executing the measurement is displayed in the
Provider column. Status shows if the measurement is currently running or idle. Most of the time, the status
of a measurement will be idle, meaning the last execution is complete and it is waiting for its next scheduled
execution.
8.2.3.9. Log
The Log tab shows the log entries of the StableNet® Agent similar to the StableNet® Agent's log file. For
each logged event, the event time, event ID, and the log message is displayed. The number of log entries
shown is limited by the End Date and Number of Logs parameters. The table always shows the
selected number of log entries up to the selected end date. By default, the end date is equal to the time
of the last log entry and the number of logs is 100.
8.2.3.11. Flow
The Flow tab allows editing flow settings for the StableNet® Agent. These flow settings are expert settings.
The user must have the GUI Expert Settings (Global) role to view or edit them.
The StableNet® Agent can forward flow data to other receivers. The Flow Receiver table shows all configured
receivers to which flow data is forwarded. To enable flow data forwarding to a specific receiver, add its IP
address and port to the table. To disable it, remove the corresponding entry from the table.
8.2.3.12. Syslog
The Syslog tab allows editing syslog settings for the StableNet® Agent. These syslog settings are expert
settings. The user must have the GUI Expert Settings (Global) role to view or edit them.
The StableNet® Agent can forward syslogs to other receivers. The Syslog Receiver table shows all configured
receivers to which syslogs are forwarded. To enable syslog forwarding to a specific receiver, add its IP
address and port to the table. To disable forwarding, remove the corresponding entry from the table.
The bottom part of the tab allows to modify the source IP of received syslogs. If the syslog message contains
a string matching the specified regular expression, the source IP of the syslog will be set to the matched
IP address instead of the IP address where the syslog was actually received. This is very useful if syslogs
are forwarded from a centralized syslog collector. The default syntax is FORWARDED:<ip>, where <ip>
is an IPv4 address. The first capture group of the regular expression is used to set the new source IP address
of the syslog.
8.2.3.13. Trap
The Trap tab allows editing trap settings for the StableNet® Agent. These trap settings are expert settings.
The user must have the GUI Expert Settings (Global) role to view or edit them.
The StableNet® Agent can forward traps to other receivers. The Trap Receiver table shows all configured
receivers to which traps are forwarded. To enable trap forwarding to a specific receiver, add its IP address
and port to the table. To disable forwarding, remove the corresponding entry from the table.
The following components are updated for the StableNet® Client Agents:
• StableNet® Client Agent license file
• All business process scripts (userscript directory)
• StableNet® Client Agent binaries for the following operating systems:
• Windows 32 bit
• Linux 32 bit
• The cpuidsdk.dll module on Windows based StableNet® Client Agents
Note
On Windows platforms, files (e.g. business process scripts) opened by the system or a running
process can not be replaced by the StableNet® Agent synchronization. This is a technical
limitation of the Windows platform. On Linux open files can be always replaced.
The script names must not use any blanks or non ASCII characters! The different platforms
disallow characters like ":", "\", "/".
For the StableNet® Client Agent Repository sub folders are used which are included in the
repository!
Setting Description
Synchronize Business Process Scripts All Business Process Script related files (userscript,
userscriptdata and
userscript_dependent directory) are
synchronized with the StableNet® Agent.
Synchronize MIB Files and Binaries MIB files, StableNet® Agent binaries and additional
binaries directory are synchronized.
In order to prevent data flood in the network, the content of a Client Agent Repository is not synchronized
by default during an update of the controlling StableNet® Agent. The respective devices have to be explicitly
configured, which can be done both in the GUI and via an XML Discovery by using the
clientagentrepository attribute of the device element. The syntax is a comma-separated list of
the repository names, for example windows,linux,mac. Prepending a "–" to the repository name
causes the respective files to be removed from the Client Agent machine. By default no file is deleted, at
most it is overridden if it had been changed in the repository.
Note
The subfolders in the StableNet® Client Agent Repository are only used for grouping the files
into repositories. In the StableNet® Client Agent, the files will be placed in the folders
userscript or userscriptdata without subfolders.
Examples:
StableNet® Client Agents are synchronized for all devices whose controlling StableNet® Agent is updated.
The same applies if a device with a configured StableNet® Client Agent is discovered.
The MIB files are not stored in the repository but synchronized from the MIB storage of the StableNet®
Server. Only MIB files needed for SNMP traps are synchronized.
The StableNet® Agent binary is updated basing on the installed version. 64-bit installations are always
updated with 64-bit binary versions, and 32-bit with 32-bit versions, even if the operating system supports
a different version. StableNet® Client Agent binaries are always 32-bit.
10.2. Backup
This chapter presents the backup and restore process of the StableNet® environment. This includes the
StableNet® Server, the Agent and the GUI as well as the database. For some actions, it is recommended to
use the StableNet® Database Manager. Additional information on the database manager can be found in
Section 11.1.
The following sections describe the backup and restore of each StableNet® component, the StableNet®
Server, the StableNet® Agent and the StableNet® GUI.
Property defining the interval of the full maintenance and thus, the frequency.
Offsets the full maintenance job. Default starting time is Saturday, 0:00 a.m.
In this example, the full maintenance job starts every Saturday morning at 0:00 a.m. by default. Hence,
a weekly backup of the configuration data exists. However, it is possible to adjust the time offset and the
interval in order to delay the job execution or change the frequency in the expert properties shown in
Figure 10.1.
Note
It is not recommended to set the interval below seven days.
./StableNetDatabaseManager.sh -backup
from the <SNMW_HOME> directory. It creates ASCII files for all configuration database tables in
the <SNMW_HOME>/configuration folder with the prefix backup_tables. Hence, the
second parameter is an arbitrary prefix of all files.
• The complete database is backed up with the database manager parameter -exportdata
<fileprefix>.
All tables from the database are exported to ASCII files located and prefixed with corresponding
fileprefix from the call. On Linux systems, for example, run the command
from the <SNMW_HOME> directory. This will store all files in the <SNMW_HOME>/database
directory with the prefix backup_tables. When doing a full backup, the StableNet® Server
must not be running.
in the <SNMW_HOME> directory. The parameter <fileprefix> defines the location containing
the database table files as well as a chosen file prefix. The content of the tables will be overwritten
with the content of the imported files.
5. Start the StableNet Server Controller service.
On Linux systems, the service is started, for example, with the command service snmw
start on the command line. On Windows systems, it can be started in the Service Manager.
The listed directories contain only metadata. If raw data like Flow, Syslogs or SNMP traps need to backed
up as well, the directory <SNAGENT_HOME>/data needs to be included in the backup process.
10.3. Update
This chapter describes the update process of the different StableNet® components. In the first section,
the update process of a normal environment is presented. After that, the license update is explained. The
update process for a StableNet® High Availability setup is explained in the technical document ADM - High
Availability.
StableNetDatabaseManager.bat <parameters>
StableNetDatabaseManager.sh <parameters>
In the following sections, all parameters of the Database Manager are listed and explained.
11.1.1. General
The following parameters are used to obtain general information about the database related to the data
source:
-info
Shows information about the database and the full maintenance state.
-list
Lists all database tables and the number of contained rows.
-partinfo
Shows information about all partitioned database tables.
-partlist <tablename>
Shows the list of partitions for the specified table.
-newlog
Creates a new unique log file for this call of the StableNet® Database Manager. Otherwise, the
existing one is overwritten.
11.1.2. Performance
For database performance checks, the following two parameters are used:
-check
Checks the database connection and executes a performance test with 10 million data rows and
50,000 measurements.
-performance [size in millions] [number of measurements]
Checks the database connection and executes a performance test with [size in millions]
data rows and [number of measurements] measurements. If one or both options are not
given, a standard performance test with 115.2 million data rows and 5,0000 measurements is
executed. The number of measurements is allowed to range from 10,000 to 500,000 in steps of
1,000.
11.1.4. Export
The following parameters export data from the database to files. Some parameters require a filename to
specify where the data should be exported to. It is possible to add an existing directory to the filename,
e.g. sample_directory/exportfile.
-backup
Creates a backup of the configuration tables and the configuration folder of the StableNet® Server
in the folder <install_dir>/auto_backup. The files of the configuration tables are stored
in the ZIP file backup_yyyy_mm_dd_hhmm.zip. The configuration folder of StableNet® is
stored in the ZIP file config_yyyy_mm_dd_hhmm.zip.
-exportdata <filename>
Exports the complete database to the specified file.
-exportconfig <filename>
Exports the configuration tables to the specified file.
-exporttable <tablename> <filename>
Exports a single database table to the specified file. The exact table name is required to export
the table.
-exportpartition <tablename> <partitionname> <filename>
Exports the specified partition. To get an overview on all available tables with partitions, use the
command -partinfo. To get all partition names of a table, use the command -partlist
<tablename>.
StableNetManagementTool.bat <parameters>
StableNetManagementTool.sh <parameters>
The server performing the action is specified via the following command line parameter:
-login "<ip>,<port>,<username>,<password>"
Specifies the login credentials for the StableNet® Server, e.g. -login
"127.0.0.1,5443,infosim,stablenet". If not passed as a parameter, the default
setting with server 127.0.0.1, port 5443, username infosim and password stablenet
is used.
If the StableNet® Management Tool is called without a parameter, a list of all available parameters will be
printed.
The following example shows how the structure of imports.zip may look like.
imports.zip
|
|---agent
| |
| |---Linux
| | |
| | |---client_snagent
| |
| |---Shared
| | |
| | |---bin
| | | |
| | | |---MailSystem.jar
| | |
Solution 1
Check if the server service is running. For Windows, this can be done by opening the service view
and searching for StableNet® Server Controller. For Linux, log into the shell and execute ps. If
the service is not running, start it.
Solution 2
Check if the database service is reachable. This can be done by using the
StableNetDatabaseManager, located in the server installation folder. Enter
StableNetDatabaseManager.bat -info for Windows or
StableNetDatabaseManager.sh -info for Linux. If the database is not running, it
states Communications link failure.
Solution 3
Check if the database was created and the correct user was assigned to it. This can be done by
using the StableNetDatabaseManager, located in the server installation folder. Enter
StableNetDatabaseManager.bat -info for Windows or
StableNetDatabaseManager.sh -info for Linux. If there is no user or the user has
wrong credentials, it shows an error message, saying Access denied for User.
The user that is used by StableNet® to connect to the database can be found in the file
<server-install-dir>/wildfly/standalone/configuration/standalone.xml
in the datasources subsystem.
Solution 4
The database service may have been started after the server service, which will cause an incorrect
start. After restarting the server service, it will recognize the database and start properly.
Solution 5
The server is currently starting and adding the tables to the database. To prove that, check the
server.log (snmw/log) for DbUtil.createTable. This can take a couple of minutes,
depending on the resources of the system.
AGREEMENT
relating to license and use of software
between
Infosim® GmbH & Co. KG
Landsteinerstraße 4
97074 Würzburg
Germany
Infosim® GmbH & Co. KG END USER SOFTWARE LICENSE AGREEMENT (EULA)
effective as of January 2006
The software (the "Licensed Software") enclosed with this End User Software License Agreement ("EULA")
or delivered via authorized download and related documents, training materials, and user guides
(collectively, the "Documentation") are licensed solely to the entity named as licensee in Infosim®'s
business records (the "Licensee") subject to the terms of this EULA, unless such terms are expressly and
unambiguously amended by a separate written license agreement between Licensee and Infosim® GmbH
& Co. KG or one of Infosim® GmbH & Co. KG's subsidiaries or affiliates (individually and collectively,
"Infosim®" as used herein).
Wherever possible, Infosim® will deliver Licensed Software by providing Licensee with the necessary access
rights (URL/IP address and password) to enable download of the Licensed Software directly to Licensee's
host computer. Licensed Software available via download (FTP or otherwise) will be deemed delivered as
of the time when Infosim® makes the download available to Licensee. If Licensee does not agree with these
terms, Licensee must take the following steps within five (5) business days after receipt of Licensed
Software: (1) for Licensed Software delivered on physical media, Licensee must return the unopened
package containing the media together with the Documentation to Infosim®; or (2) for Licensed Software
delivered via download, Licensee must erase the Licensed Software completely from any Licensee server
and/or systems, destroy or return any Documentation in printed or electronic form, and certify to Infosim®
in writing signed by an officer of Licensee that such actions have been taken. Infosim®'s address for returns
or notices worldwide is
Infosim® GmbH & Co. KG
Landsteinerstraße 4
97074 Würzburg
Germany
THIS IS A LICENSE AND NOT A SALE
A.3. Confidentiality
3. Confidentiality
3.1. The Licensed Software and the Documentation contain certain information that is confidential
and of substantial value to Infosim®. Except as expressly permitted herein, Licensee shall not
use or disclose said confidential information, or cause it to be disclosed, to any third party.
3.2. No benchmark results nor results of any functional testing or evaluation of the Licensed
Software shall be disclosed to any third party or used for any purpose other than to facilitate
Licensee's internal use of the Licensed Software.
3.3. Subject to Licensee's consent, which shall not be unreasonably withheld or delayed, Infosim®
may issue a press release regarding the subject matter of this EULA.
A.6. Indemnity
6. Indemnity
6.1. Infosim® shall indemnify Licensee for any claim, demand or cause of action by a third party
("Demand") to the extent that it is based on a claim that the Licensed Software (excluding
any Third Party Software contained therein) infringes any trademark or patent issued in the
United States, Germany, or European Union, or any valid copyright recognized by a country
that is a member of the Berne Convention, or that the Licensed Software misappropriates any
trade secret of any third party within the country in which the Site is located. The foregoing
indemnification is conditioned on Licensee notifying Infosim® promptly in writing of such
Demand, Licensee giving Infosim® sole control of the defense thereof (and any negotiations
for settlement or compromise thereof), and Licensee cooperating in the defense thereof at
Infosim®'s request and expense, provided that Licensee may, at its own expense, participate
in such defense if it so chooses. In the event that Infosim® becomes aware of an actual or
potential Demand, Infosim® may, in its reasonable judgment, and at its sole option and
expense: (a) procure for Licensee the right to continue using the Licensed Software; or (b)
substitute a non-infringing version of the Licensed Software so that the Licensed Software
becomes non-infringing and still conforms to the applicable specifications; or (c) return the
license fee paid by Licensee hereunder for the Licensed Software, less an amount equal to
straight line depreciation of the Licensed Software over four years, and Licensee shall
immediately return the Licensed Software to Infosim®. Licensee shall not incur any costs or
expenses on behalf of Infosim® under or pursuant to this section without Infosim®'s prior
written consent.
6.2. For avoidance of doubt, the indemnity offered by Infosim® to Licensee in Section 6.1 above
with respect to the Licensed Software shall not apply to any Third Party Software contained
therein. Furthermore, Infosim® shall have no liability to Licensee for any Demand by a third
A.8. General
8. General
8.1. Export Requirements. The Licensed Software is subject to laws and regulations of the United
States and European Union that restrict its export. Licensee agrees that it shall not export or
"re-export" (or otherwise transfer) the Licensed Software unless Licensee has complied with
all applicable United States, European Union, and foreign government export controls and
approvals.
8.2. U.S. Government Rights, Government Users. Infosim® licenses software for ultimate end use
by United States federal government agencies and other U.S. federal government customers
("Federal Government Customers") only under the following conditions. Rights granted herein
include only those rights customarily provided to end use customers of Licensed Software and
related Documentation as defined in this License. This customary commercial license to the
Licensed Software is provided in accordance with FAR 12.211 (Technical Data) and 12.212
(Computer Software) and, for Department of defense purchases, DFAR 252.227–7015 (Technical
Data – Commercial Items) and DFAR 227.7202–3 (Rights in Commercial Computer Software
or Computer Software Documentation). If a federal government or other public sector customer
has a need for rights not conveyed under this License, it must negotiate with Infosim® to
determine if there are acceptable terms for transferring such rights, and a mutually acceptable
LICENSEE ACKNOWLEDGES THAT LICENSEE HAS READ THE TERMS OF THIS EULA AND AGREES TO BE BOUND
BY ITS TERMS.