-
Notifications
You must be signed in to change notification settings - Fork 4
nAttrMon nOutput Channels
This output exposes nAttrMon internal channels and data externally (configurable to what should be read-only or read-write/execution permissions).
execArgs | Type | Mandatory | Description |
---|---|---|---|
port | Number | No | Forces the channels expose port. If omitted defaults to the current httpd object (e.g. usually port 8090) or creates a new one in port 17878. |
host | String | No | If port was used you can also specify the host network address to bind the network listener to. |
keyStore | String | No | Path to the secure key file to use for https. |
keyPassword | String | No | Password for the secure key file (https). |
local | Map | No | Provides a list of login, password and corresponding permissions to access the channels |
cAuth | Map | No | Equal no local (to be deprecated in the future) |
custom | String | No | Function that receives 4 arguments: u (user), p (password), s (HTTPd server object) and r (request map). If it returns true the user is authenticated, if returns false or fails the user is not authenticated. |
peers | Array | No | List of channels HTTP(s) URL prefixes to peer with other nAttrMons. |
Example of use of the execArgs:
output:
name : Output Channels
description : >
Provides, on the same nOutput_HTTPJSON or nOutput_HTTP port or other, access to the nAttrMon specific OpenAF channels like: /chs/ops,
/chs/cvals, /chs/pvals and /chs/attr.
execFrom : nOutput_Channels
execArgs :
local:
nattrmon:
p: nattrmon
m: r
change:
p: me
m: rw
# peers:
# - http://user:pass@nattrmon1:1234
# - http://user:pass@nattrmon2:1234
# custom: |
# // Custom has priority over local. Comment the entry you won't use.
# //
# // u - user
# // p - password
# // s - server object
# // r - request object (e.g. uri, method, header["remote-addr"], header["user-agent"], ...)
#
# if (u == "nattrmon" && p == "nattrmon") return true;
#
# try {
# new ow.server.ldap("ldap://my.auth.ldap:389", u + "@my.domain", p);
# return true;
# } catch(e) {
# tlogErr("AUDIT | {{user}} authentication refused ({{message}}).", { user: u, message: e.message });
# }
#
# return false;
Note 1: As usual, passwords can be encrypted. Note 2: In the custome function r.uri can be used to determine which channel is being accessed.
URL | Permissions | Example |
---|---|---|
http://my.host:8090/chs/ops | You will need "rw" permissions to use this channel | $ch("ops").createRemote("http://my.host:8090/chs/ops"); |
This channel provides access useful operational operations to manage a running nAttrMon:
- List existing active plugs (similar to the plugs channel)
- Reload a specific plug (within certain limitations)
- Ad-hoc test or run of a single plug.
- Clear an attribute from nAttrMon.
- Close a warning or force it's deletition.
- Close all warnings or force there deletition.
- Check the current object pool statistics.
Permissions | Example |
---|---|
"r" | $ch("ops").get("list"); |
This operation will return a map with: inputs, outputs and validations. Each entry has an associated array with the sorted list of active plugs.
Permissions | Example |
---|---|
"rw" | $ch("ops").set("reload", { file: "inputs/12.myInput.yaml" }); |
This operation will allow you to reload a plug within certain limitations (listed below). The plug file can, of course, be in yaml/json or javascript formats.
Limitations to which plugs can be reloaded:
- Only already loaded plugs should be loaded again.
- *.init.js or any other plug that provides global object initialization should not be reloaded since this operation won't close existing definitions.
- Only plug file definitions from the config folder can be reloaded.
- Only reload for testing proposes. On production configurations it's safer to just restart nAttrMon.
- timePeriod, cron, waitForFinish and onlyOnEvent of a plug won't change until a restart is performed.
Permissions | Example |
---|---|
"rw" |
$ch("ops").set("test", { type: "inputs", name: "My test input" }); $ch("ops").set("run", { type: "validations", name: "My test validation" });
|
These operations let you test or run any plug ad-hoc without considering the schedule time to run. The test operation will run the plug in nAttrMon and just return the generated output without affecting the current/last attribute values or warnings. The run operation will go a step forward and will affect the current & last attributes values (if an input) or warnings (if a validation).
Use the list operation to get a list of the names you case with these operations for each type.
Permissions | Example |
---|---|
"rw" | $ch("ops").set("clearAttribute", { name: "My attribute" }); |
This operation will clear the corresponding attribute from the current list of attributes, current values and last values. Use this to clear any old attribute that you no longer want nAttrMon to keep track. If the attribute is returned again by an input plug it will be registered again.
Permissions | Example |
---|---|
"rw" | $ch("ops").set("closeWarning", { title: "Warning title", force: false }); |
The close warning operation will do one of two things depending of the value of the parameter force:
- If true the warning with the provided title will be completely deleted from the nAttrMon warnings.
- If false or not provided the warning level will be classified as closed in nAttrMon warnings.
Permissions | Example |
---|---|
"rw" | $ch("ops").set("closeAllWarnings", { force: false }); |
This operation is equivalent to the close warning operation but will apply to all existing warnings in nAttrMon.
Permissions | Example |
---|---|
"r" | $ch("ops").get("poolStats"); |
nAttrMon can have several internal object pools which also manage access to external resources (e.g. database, SSH, etc...). You can check the current statistics of these pools with this operation. It will return a map for each internal object pool in use with nAttrMon each with the following information:
Property | Description |
---|---|
min | Minimum number of objects to keep active. |
max | Maximum number of objects that can be active (if 0, no limit) |
increment | Number of objects to create whenever more objects than the current freeObjects is needed (will keep within the limits of max) |
timeout | The maximum timeout time in ms to declare an object unusable and create a new to replace it. |
keepAliveTime | The periodic time (in seconds) that the keep-alive function will be executed to ensure the object is still usable. |
poolSize | The number of internal objects currently in memory. |
freeObjects | The number of objects in the pool that are available to be used. |
currentObjects | The current number of objects in pool, in use or not. |
URL | Permissions | Example |
---|---|---|
http://my.host:8090/chs/cvals | "r" or "rw" | $ch("cvals").createRemote("http://my.host:8090/chs/cvals"); |
This channel provides access to the current attribute values.
URL | Permissions | Example |
---|---|---|
http://my.host:8090/chs/lvals | "r" or "rw" | $ch("cvals").createRemote("http://my.host:8090/chs/lvals"); |
This channel provides access to the last attribute values.
URL | Permissions | Example |
---|---|---|
http://my.host:8090/chs/attrs | "r" or "rw" | $ch("cvals").createRemote("http://my.host:8090/chs/attrs"); |
This channel provides access to the current attributes list.
URL | Permissions | Example |
---|---|---|
http://my.host:8090/chs/warns | "r" or "rw" | $ch("cvals").createRemote("http://my.host:8090/chs/warns"); |
This channel provides access to the current warnings list.
URL | Permissions | Example |
---|---|---|
http://my.host:8090/chs/plugs | "r" | $ch("cvals").createRemote("http://my.host:8090/chs/plugs"); |
This channel provides access to the current plugs list.