Daemons Monitoring

In order to monitor daemons, use the Monitor configuration file. The Monitor configuration file is a stripped down version of the Director configuration file, mixed with a Console configuration file. It simply contains the information necessary to contact Directors, Clients, and Storage daemons you want to monitor.

For a general discussion of configuration file and resources including the data types recognized by Bacula, see the Configuration chapter.

The following Monitor Resource definition must be defined:

• Monitor – to define the Monitor’s name used to connect to all the daemons and the password used to connect to the Directors. Note, you must not define more than one Monitor resource in the Monitor configuration file.

• At least one Client, Storage or Director resource, to define the daemons to monitor.

Monitor Resource

The Monitor resource defines the attributes of the Monitor running on the network. The parameters you define here must be configured as a Director resource in Clients and Storages configuration files, and as a Console resource in Directors configuration files.

Monitor Start of the Monitor records.

Name = <name> Specify the Director name used to connect to Client and Storage, and the Console name used to connect to Director. This record is required.

DisplayAdvancedOptions = <boolean> Display advanced options in the tray monitor (for backup and restore operations)

CommandDirectory = <directory> Directory where the tray monitor will look at a regular interval to find commands to execute.

Refresh Interval = <time> Specifies the time to wait between status requests to each daemon. It can’t be set to less than 1 second, or more than 10 minutes, and the default value is 5 seconds.

Director Resource

The Director resource defines the attributes of the Directors that are monitored by this Monitor.

As you are not permitted to define a Password in this resource, to avoid obtaining full Director privileges, you must create a Console resource in the Director’s configuration file, using the Console Name and Password defined in the Monitor resource. To avoid security problems, you should configure this Console resource to allow access to no other daemons, and permit the use of only two commands: status and .status (see below for an example).

For more details, see Customizing the Configuration Files.

You may have multiple Director resource specifications in a single Monitor configuration file.

Director Start of the Director records.

Name = <name> The Director name used to identify the Director in the list of monitored daemons. It is not required to be the same as the one defined in the Director’s configuration file. This record is required.

Port = <port-number> Specify the port to use to connect to the Director. This value will most likely already be set to the value you specified on the –:with-baseport option of the ./configure command. This port must be identical to the DIRport specified in the Director** resource of the Director’s configuration file. The default is 9101 so this record is not normally specified.

Address = <address> Where the address is a host name, a fully qualified domain name, or a network address used to connect to the Director. This record is required.

Client Resource

The Client resource defines the attributes of the Clients that are monitored by this Monitor.

You must create a Director resource in the Client’s configuration file, using the Director Name defined in the Monitor resource. To avoid security problems, you should set the Monitor directive to Yes in this Director resource.

For more details, see Customizing the Configuration Files.

You may have multiple Director resource specifications in a single Monitor configuration file.

Client (or FileDaemon) Start of the Client records.

Name = <name> The Client name used to identify the Director in the list of monitored daemons. It is not required to be the same as the one defined in the Client’s configuration file. This record is required.

Address = <address> Where the address is a host name, a fully qualified domain name, or a network address in dotted quad notation for a Bacula File daemon. This record is required.

Port = <port-number> Where the port is a port number at which the Bacula File daemon can be contacted. The default is 9102.

Password = <password> This is the password to be used when establishing a connection with the File services, so the Client configuration file on the machine to be backed up must have the same password defined for this Director. This record is required.

Storage Resource

The Storage resource defines the attributes of the Storages that are monitored by this Monitor.

You must create a Director resource in the Storage’s configuration file, using the Director Name defined in the Monitor resource. To avoid security problems, you should set the Monitor directive to Yes in this Director resource.

For more details, see Customizing the Configuration Files.

You may have multiple Director resource specifications in a single Monitor configuration file.

Storage Start of the Storage records.

Name = <name> The Storage name used to identify the Director in the list of monitored daemons. It is not required to be the same as the one defined in the Storage’s configuration file. This record is required.

Address = <address> Where the address is a host name, a fully qualified domain name, or a network address in dotted quad notation for a Bacula Storage daemon. This record is required.

Port = <port> Where port is the port to use to contact the storage daemon for information and to start jobs. This same port number must appear in the Storage resource of the Storage daemon’s configuration file. The default is 9103.

Password = <password> This is the password to be used when establishing a connection with the Storage services. This same password also must appear in the Director resource of the Storage daemon’s configuration file. This record is required.

Tray Monitor Security

There is no security problem in relaxing the permissions on tray-monitor.conf as long as FD, SD and DIR are configured properly, so the passwords contained in this file only gives access to the status of the daemons. It could be a security problem if you consider the status information as potentially dangerous.

Concerning Director’s configuration: In tray-monitor.conf, the password in the Monitor resource must point to a restricted console in bacula-dir.conf.

For more details, see Customizing the Configuration Files.

So, if you use this password with bconsole, you’ll only have access to the status of the director (commands status and .status ). It could be a security problem if there is a bug in the ACL code of the director.

Concerning File and Storage Daemons’ configuration: In tray-monitor.conf, the Name in the Monitor resource must point to a Director resource in bacula-fd/sd.conf, with the Monitor directive set to yes (once again, see the documentation). It could be a security problem if there is a bug in the code which check if a command is valid for a Monitor (this is very unlikely as the code is pretty simple).

Click here to see the Tray Monitor sample configuration.

See also

Go to:

• Using Bacula Catalog to Grab Information

• BWeb with Graphite

• Bacula Simple Network Management Protocol (bsnmp)

• Send Joblogs, Alerts, Mount Requests via Email (bsmtp)

Go back to the Jobs Monitoring.

Go back to the main Bacula Enterprise Management page.