Pages

Friday, June 29, 2012

Monitoring Windows Servers Agentlessly - WMI plugin

Tech Down Under: Part 1: Monitoring Windows Servers Agentlessly via...:

This how to will show how to install the open source software NAGIOS to monitor network devices such as switches, routers, servers, firewall...etc.

The detail instruction for installing WMI is found here


A good detail of installing wmi client and wmi plugin is available at interwebplus.com

Note : if your few of the perl modules were outdated, The check_wmi plugin will not work.

in that case you can use --IgnoreMyOutDatedPerlModuleVersions  case. 

Tuesday, June 26, 2012

mysql dump of data only - no table and database schema

Mates, I want to dump the data from the tables only rather than its definition and data.

The problem with mysqldump is it checks if database/table exist  or not. if the table exist it drops the table create the blank table and then enters the insert into statements. I don't want to use this.

Mysql Database Backup script

Create a file called database_backup.sh and also an empty directory called mysql_backup.

The database_backup.sh script should have the following info :


#!/bin/sh 
date=`date '+%m-%d-%y'`


PATH="~/mysql_backup/database_name.$date"


mysqldump -u database_username -pdatabase_password database_name > $PATH



Run the script that performs the backup job.

Using Cron  :

Set this script up to run every night, etc. as a cron job. It will save an sql dump of your database every night in the mysql_backup.
e.g

* 23 * * * your_userid /path/to/backup/script

Backing Up MySQL Database

MySQL database backup can be accomplished in two ways:

a) Copying the raw mysql database files &
b) Exporting tables to text files



Copying the Mysql database Files :

MySQL uses the same table format on different platforms, so it's possible to copy MySQL table and index files from one platform and use them on another without any difficulties (assuming, of course, that you're using the same version of MySQL on both platforms).

Exporting tables to text files.

The MySQLDump is handy utility that can be used to quickly backup the MySQL Database to the text files. To use the MySQLDump utility it is required to logon to the System running the MySQL Databse. You can use Telnet to remotely logon to the system if you don't have the physical access to the machine.
The syntax for the command is as follows.

mysqldump -u [Username] -p [password] [databasename] > [backupfile.sql]

[username] - this is your database username
[password]- this is the password for your database
[databasename] - the name of your database
[backupfile.sql] - the filename for your database backup

Let's discuss the example of backing up MySQL Database named "accounts" into text file accounts.sql. Here are the scenarios of taking the backup assuming that both user name and password of the database is "admin".

a) Taking the full backup of all the tables including the data.

Use the following command to accomplish this:
mysqldump -u admin -p admin accounts > accounts.sql

b) Taking the backup of table structures only.

Use the following command to accomplish this:
mysqldump -u admin -p admin --no-data accounts > accounts.sql

c) Taking the backup data only.

Use the following command to accomplish this:
mysqldump -u admin -p admin --no-create-info accounts > accounts.sql

Restoring MySQL Database

Restoring the MySQL is very easy job. You can use the following to command to restore the accounts database from accounts.sql backup file.

mysql - u admin -p admin accounts < accounts.sql

In this tutorial you learned how to take the backup of your MySQL Database and restore the same in the event of some database crash or on some other machine.

How to check how much free space we have in Mysql database

fire the query
show table status like 'org';

The last column Comments gives the size of the database.


TRIMMIG IN MYSQL

Some time back I got stuck at the point in Mysql task ,I wanted to trip a part of already existing column in table and then insert into other column.

Reference is the column that contains the Reference number e.g. '090216-000016'
RDate is the column is which stores the date of the reference,  and first part of Reference contains the date. So I wanted to trip the Reference number to get the data for RDate column.

Here is how I did it,

mysql> select Reference from RNS  where Reference='090216-000016';
+---------------+
| Reference     |
+---------------+
| 090216-000016 |
+---------------+
1 row in set (0.00 sec)

mysql> select LEFT (Reference,6) from RNS  where Reference='090216-000016';
+--------------------+
| LEFT (Reference,6) |
+--------------------+
| 090216             |
+--------------------+
1 row in set (0.01 sec)

mysql> update RNS set RDATE=LEFT(Reference,6) where Reference='090205-000154';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1  Changed: 1  Warnings: 0

mysql> select Reference,RDATE from RNS  where Reference='090205-000154';
+---------------+------------+
| Reference     | RDATE      |
+---------------+------------+
| 090205-000154 | 2009-02-05 |
+---------------+------------+

Hope it will be useful.

basic postgresql tips

Start and stop postgresql

Service postgres start

Add to the chkconfig
Chkconfig –level 3 postgres on

to create a first user in kubuntu/ubuntu linux, type the following:
~$ sudo su postgres -c createuser *USERNAME*

Then create a db:
~$ sudo su postgres -c createdb *DBNAME*

Then create a password for the user by connecting using psql:
~$ sudo su postgres -c psql *DBNAME*

Then alter the password:
=#ALTER USER *username* WITH PASSWORD ‘*password*‘;
=#\q

Running mysql query from shell script

This is the simple method to run a mysql query from Bash script

Query3="select * from ta_lookup where gds = 'wsp' and server like  'reported%';"
echo   "$Query3" | mysql --host=tiber12 mvc 

 ###### mvc is name of database and --host is the database host

Adding user to Mysql

mysql> GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY 'somepassword';
mysql> flush privileges;

or adding a new user to MySQL you just need to add a new entry to user table in database mysql. Below is an example of adding new user phpcake with SELECT, INSERT and UPDATE privileges with the password  mypass  the SQL query is :
mysql> use mysql;
Database changed

mysql> INSERT INTO user (host, user, password, select_priv, insert_priv, update_priv) VALUES ('localhost', 'phpcake', PASSWORD('mypass'), 'Y', 'Y', 'Y');
Query OK, 1 row affected (0.20 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 1 row affected (0.01 sec)

mysql> SELECT host, user, password FROM user WHERE user = 'phpcake';
+-----------+---------+------------------+
| host      | user    | password         |
+-----------+---------+------------------+
| localhost | phpcake | 6f8c114b58f2ce9e |
+-----------+---------+------------------+
1 row in set (0.00 sec)



When adding a new user remember to encrypt the new password using PASSWORD() function provided by MySQL. As you can see in the above example the password mypass is encrypted to 6f8c114b58f2ce9e.

Notice the the FLUSH PRIVILEGES statement. This tells the server to reload the grant tables. If you don't use it then you won't be able to connect to mysql using the new user account (at least until the server is reloaded).

You can also specify other privileges to a new user by setting the values of these columns in user table to 'Y' when executing the INSERT query :

    * Select_priv
    * Insert_priv
    * Update_priv
    * Delete_priv
    * Create_priv
    * Drop_priv
    * Reload_priv
    * Shutdown_priv
    * Process_priv
    * File_priv
    * Grant_priv
    * References_priv
    * Index_priv
    * Alter_priv

I think you can guess what those privileges serve by reading it's name


how to find total number of mysql slow queries

$mysqladmin -u $User -p password status  2>/dev/null | awk '{print $9}')

Taking database backup on amazon s3

Recover/Reset MySQL root Password

Step # 1 : Stop mysql service

# /etc/init.d/mysql stop
Output:

Stopping MySQL database server: mysqld.

Step # 2: Start to MySQL server w/o password:

# mysqld_safe --skip-grant-tables &
Output:

[1] 5988
Starting mysqld daemon with databases from /var/lib/mysql
mysqld_safe[6025]: started

Step # 3: Connect to mysql server using mysql client:

# mysql -u root
Output:

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1 to server version: 4.1.15-Debian_1-log

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql>

Step # 4: Setup new MySQL root user password

mysql> use mysql;
mysql> update user set password=PASSWORD("NEW-ROOT-PASSWORD") where User='root';
mysql> flush privileges;
mysql> quit
Step # 5: Stop MySQL Server:

# /etc/init.d/mysql stop
Output:

Stopping MySQL database server: mysqld
STOPPING server from pid file /var/run/mysqld/mysqld.pid
mysqld_safe[6186]: ended

[1]+  Done                    mysqld_safe --skip-grant-tables

Step # 6: Start MySQL server and test it

# /etc/init.d/mysql start
# mysql -u root -p

What is Usenet News ?

Usenet News is a global electronic bulletin board system in which millions of computer users exchange information on a vast range of topics. The major difference between Usenet News and e-mail discussion groups is the fact that Usenet messages are stored on central computers, and users must connect to these computers to read or download the messages posted to these groups. This is distinct from e-mail distribution, in which messages arrive in the electronic mailboxes of each list member. Usenet itself is a set of machines that exchanges messages, or articles, from Usenet discussion forums, called newsgroups

What is Tunneling ?

What is Tunneling ?

Tunneling is the most significant component of VPN technology.  Tunneling is the technique of encapsulating an entire data packet in the packet of another protocol format. When a tunneled packet is routed to the destination node, it travels across the internet work through a logical path. This logical path is referred to as a tunnel.  Tunneling is analogous to sending a letter. After you write a letter, you place it in an envelope. This envelope displays the address of the recipient. When you post this letter, it is delivered to the recipient according to the address on the envelope. The recipient then needs to open the envelope to read the letter.

What are VLANs ?

What are VLANs ?

VLANs are broadcast domains in a Layer 2 network. Each broadcast domain is like a distinct virutal bridge within the switch. Each virtual bridge you create in a switch defines a broadcast domain. By default, traffic from one VLAN cannot pass to another VLAN. Each of the users in a VLAN would also be in the same IP Subnet. Each switch port can belong to only one VLAN.

What are the advantages & disadvantages of VPN ?

What are the advantages & disadvantages of VPN ?
Advantages

    * Reduce cost implementation (We don’t need to use lease line/ ISDN/ FR, mobile only need to dial local ISP to connect to branch office)
    * Security (VPN provide strong security mechanism through encryption, authentication etc)
    * Lower cost (Bring down cost of Wan equipment)
    * More Flexible
    * Simple Management
    * Interoperability of devices from multiple vendors
    * Centralized VPN management
    * Easy implementation
    * Easy usability
    * Scalability
    * Performance
    * Bandwidth management
    * Service provider’s infrastructure
    * High availability

Disadvantages

    * Highly dependent on Internet
    * Lack of support to legacy protocol

What is a loopback address?


This IP address corresponds to the software loopback interface of the network card, which does not have hardware associated with it, and does not require a physical connection to a network.

The loopback address allows for a reliable method of testing the functionality of an Ethernet card and its drivers and software without a physical network. It also allows information technology professionals to test IP software without worrying about broken or corrupted drivers or hardware.
To test a network card using the loopback address, you can use the TCP/IP utility Ping. The best way to do this is with the Ping utility that comes with most operating systems. This is a simple command-line utility that will try to communicate to an IP address.

Once you are at a command prompt, enter the following:
        ping 127.0.0.1
If the command is successful, the Ping utility will return results similar to the following. The exact information returned will vary depending on your operating system:

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<10ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum =  0ms, Average =  0ms

This indicates that the network card and drivers are functioning properly. If the Ping utility is not able to get a return on the network card, this may indicate either a driver problem, or a physical problem with the card.

What is NAT (Network Address Translation)?

Network Address Translation (NAT) is an IETF standard that enables a local area network (LAN) to use one set of IP addresses for internal traffic and a second set of addresses for external traffic.

All necessary IP address translations occur where the LAN interfaces with the broader Internet. NAT converts the packet headers (and in some cases the port numbers in the headers) for incoming and outgoing traffic and keeps track of each session.
This does mean, however, that NAT overrides "Internet transparency", a practice in which packets remain intact throughout their transmission. NAT is also provided with Windows Internet Connection Sharing.

NAT accomplishes these key purposes:

•It acts as a firewall by hiding internal IP addresses.
•It enables an enterprise to use more internal IP addresses, since there is no possibility of conflict between its internal-only IP addresses and those used by other organizations. Essentially, an organization can present itself to the Internet with fewer IP addresses than used on its internal network, which conserves public IP addresses.
•It allows an enterprise to bundle multiple ISDN connections into one Internet connection.

Private Address Space

Private Address Space

   The Internet Assigned Numbers Authority (IANA) has reserved the
   following three blocks of the IP address space for private internets:

     10.0.0.0        -   10.255.255.255  (10/8 prefix)
     172.16.0.0      -   172.31.255.255  (172.16/12 prefix)
     192.168.0.0     -   192.168.255.255 (192.168/16 prefix)

Inbuild FTP tool in browser

There are many inbuild FTP tools in Firefox browser, the one common tool is FireFTP. If you need to use the same then follow the below steps :

a) Open Firefox browser.
b) Go to Tools main menu  ->  Click on Add-ons
c) Search for FireFTP application in Add-on search bar.
d) Once it get searched in that Add-on list then select and install it into your browser.
And then you might be asked for restarting the firefox.

e) Then you can use it as below :
1) After opening the Firefox browser , click on 'Tools' -> then you will get the FireFTP

Difference between Socket and Port

Imagine you computer as a House with many doors. The address of your house would be equal to the the IP address of a computer. Each door would be equal to a computer's port. A socket would sit at a door and listen and talk. A socket is an a a connection to another computer. It would sit at one of your doors and yell across the street to your neighbour's house. In order to do this, you need to know what door your neighbour is listening at otherwise he can't answer. You call up your neighbour and he tells you that he is listening on port 150. You pick a random door at your house with a number above 1024 and make sure it's empty. If it isn't, you find another one and repeat.(This is usually handled by the socket and you don't need to specify this.) Then you open this door and throw a rock to your neighbour's house across the street and hit the door numbered 150. Your neighbour opens his door(#150) and you now can talk to him and send him data.


http://www.coderanch.com/t/206360/sockets/java/port-vs-socket

The DVD/CD-ROM drive is not able to be seen in windows explorer

The DVD/CD-ROM drive is not able to be seen in windows explorer. In the device manager, the DVD/CD-ROM drives appear with exclamation mark.
(Note : for back up Import all registry on ur deskptop )
   1. On the Windows Start menu, click Run.
   2. In the Open box, type Regedit and click OK.
   3. Select the following key in the Windows registry:
   4. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\
      {4D36E965-E325-11CE-BFC1-08002BE10318}
   5. On the Edit menu, click Delete:
      Value Name: LowerFilters
      Value Name: UpperFilters
   6. On the Registry menu, click Exit.
   7. Reboot your computer.

Sometimes, you may find only one of the Value Name. You can continue to delete it and restart your computer.

99 Commands the Windows XP Command prompt can run.

Here is a list of commands that you can run off from the Run Command prompt in
XP:

Application = Command
Accessibility Controls = access.cpl
Add Hardware Wizard = hdwwiz.cpl
Add/Remove Programs = appwiz.cpl
Administrative Tools = control admintools
Automatic Updates = wuaucpl.cpl
Bluetooth Transfer Wizard = fsquirt
Calculator = calc
Certificate Manager = certmgr.msc
Character Map = charmap
Check Disk Utility = chkdsk
Clipboard Viewer = clipbrd
Command Prompt = cmd
Component Services = dcomcnfg
Computer Management = compmgmt.msc
Date and Time Properties = timedate.cpl
DDE Shares = ddeshare
Device Manager = devmgmt.msc
Direct X Control Panel (If Installed)* = directx.cpl
Direct X Troubleshooter = dxdiag
Disk Cleanup Utility = cleanmgr
Disk Defragment = dfrg.msc
Disk Management = diskmgmt.msc
Disk Partition Manager = diskpart
Display Properties = control desktop/desk.cpl
Dr. Watson System Troubleshooting Utility = drwtsn32
Driver Verifier Utility = verifier
Event Viewer = eventvwr.msc
File Signature Verification Tool = sigverif
Findfast = findfast.cpl
Folders Properties = control folders
Fonts = control fonts
Fonts Folder = fonts
Free Cell Card Game = freecell
Game Controllers = joy.cpl
Group Policy Editor (XP Prof) = gpedit.msc
Hearts Card Game = mshearts
Iexpress Wizard = iexpress
Indexing Service = ciadv.msc
Internet Properties = inetcpl.cpl
IP Configuration = ipconfig
Java Control Panel (If Installed) = jpicpl32.cpl
Java Application Cache Viewer (If Installed) = javaws
Keyboard Properties = control keyboard
Local Security Settings = secpol.msc
Local Users and Groups = lusrmgr.msc
Logs You Out Of Windows = logoff
Microsoft Chat = winchat
Minesweeper Game = winmine
Mouse Properties = control mouse
Mouse Properties = main.cpl
Network Connections = control netconnections
Network Connections = ncpa.cpl
Network Setup Wizard = netsetup.cpl
Notepad = notepad
Nview Desktop Manager (If Installed) = nvtuicpl.cpl
Object Packager = packager
ODBC Data Source Administrator = odbccp32.cpl
On Screen Keyboard = osk
Opens AC3 Filter (If Installed) = ac3filter.cpl
Password Properties = password.cpl
Performance Monitor = perfmon.msc
Performance Monitor = perfmon
Phone and Modem Options = telephon.cpl
Power Configuration = powercfg.cpl
Printers and Faxes = control printers
Printers Folder = printers
Private Character Editor = eudcedit
Quicktime (If Installed) = QuickTime.cpl
Regional Settings = intl.cpl
Registry Editor = regedit
Registry Editor = regedit32
Remote Desktop = mstsc
Removable Storage = ntmsmgr.msc
Removable Storage Operator Requests = ntmsoprq.msc
Resultant Set of Policy (XP Prof) = rsop.msc
Scanners and Cameras = sticpl.cpl
Scheduled Tasks = control schedtasks
Security Center = wscui.cpl
Services = services.msc
Shared Folders = fsmgmt.msc
Shuts Down Windows = shutdown
Sounds and Audio = mmsys.cpl
Spider Solitare Card Game = spider
SQL Client Configuration = cliconfg
System Configuration Editor = sysedit
System Configuration Utility = msconfig
System File Checker Utility = sfc
System Properties = sysdm.cpl
Task Manager = taskmgr
Telnet Client = telnet
User Account Management = nusrmgr.cpl
Utility Manager = utilman
Windows Firewall = firewall.cpl
Windows Magnifier = magnify
Windows Management Infrastructure = wmimgmt.msc
Windows System Security Tool = syskey
Windows Update Launches = wupdmgr
Windows XP Tour Wizard = tourstart
Wordpad = write

If the desktop is blank no task bar and icons ; the solution is here.

On the computer it's not showing the task bar and icons on the desktop, the wallpaper is there the desktop is blank.
steps to recover it,

1. Ctrl + Alt + Del to bring up Task Manager.
2. Click "New Task..." then click "Browse..."
3. Click My Computer on the left panel. Click C:\ - WINDOWS
4. Navigate to explorer.exe, right click and copy explorer. Rename it to explorer1 (.exe)
5. Hit Cancel to go back to Create New Task window. Type regedit.exe and click OK.
6. In the registry editor, navigate to the following Key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
7. With the Winlogon key selected, look in the right side window for the
'Shell" value.
8. Double click Shell. In the Value Data box, you should see Explorer.exe. Change it to
explorer1.exe and click OK.
9. Exit the registry editor and reboot the computer

This is caused due to Trojan virus after recovering the desktop icons run the antivirus or malware.

Windows Tips

Start/Run/GPEDIT/User restrictions. These things can only be changed from
Admin accounts and apply to all user profiles. GPEDIT.MSC is not available
in the Home Edition of Windows XP.

1. Go to Windows Explorer/Document & Settings
2. All Users". Click on Start Menu/Programs and locate the short cut to that
program.
3. Do the same under "specific username" (the username that you want to be
anble to individually use the program.
4. Now "Copy" the shortcut from All Users/Start Menu/Programs to
"username"/Start Menu/Programs.
5. Once the copy process is over, delete the shortcut from All Users (this
is just a safety precaution, you can also right click/drag&drop/move).

More Specific Options:

For Pro: Go to Start/Run/Gpedit/User Configuration/Software Settings
To restrict access to files and folders in XP Home, you must be running NTFS
as your file system.

To enforce file and folder security, boot the computer in Safe Mode and log
in to the built-in Administrator account. Once there, open Windows
Explorer and locate the file/folder you wish to restrict. Right click and
select Properties. Go to the Security tab. Here you can add/remove Users
and Groups, and either grant access to the file/folder, or deny access to
it.


Applications - Restrict Users from Running Specific Applications

This setting allows you to specify applications and filenames that users are restricted from running.
Open your registry and find the key [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion \Policies\Explorer]
Create a new DWORD value and name it "DisallowRun" set the value to "1" to enable application restrictions or "0" to allow all applications to run.
Then create a new sub-key called [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion \Policies\Explorer\DisallowRun] and define the applications the are to be restricted. Creating a new string value for each application, named as consecutive numbers, and setting the value to the filename to be restricted (e.g. "regedit.exe").

Right click in the right pane and select New, DWord value.  Name the new value DisallowRun.  Double click the new value and set it to 1.  Then right click on the Explorer sub branch, in the left pane and select New, Key  Name the new key Disallow Run.  Highlight this key, then in the right pane, right click and select New, String value.  Give it "1" for
the name, without the quotes. 
Double click this new value and enter the actual file name of the executable you wish to restrict this user from
running.  Example: calc.exe   This prevents this user from running Calculator.  They'll get a "This operation has been cancelled message" when they try.  Note: The way around this is for the user to rename Calc.exe to something else.  For additional entries, just give the "values" names in numerical order, 1, 2, 3, 4 and so on. DisallowRunReg and DisallowRunCalc
Restart Windows for the changes to take effect.


Applications - Restrict Applications Users Can Run

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer. Value Name: RestrictRun
Open your registry and find the key [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion \Policies\Explorer]
Create a new DWORD value and name it "RestrictRun" set the value to "1" to enable application restrictions or "0" to allow all applications to run.
Then create a new sub-key called [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion \Policies\Explorer\RestrictRun] and define the applications that are allowed. Creating a new string value for each application, named as consecutive numbers, and setting the value to the filename to be allowed (e.g. "regedit.exe" and "calc.exe").


This example prevents any applications but those that you specify from being run:
Right click in the Right pane and select New, DWord value and name the new value RestrictRun  Double click this entry
and set it to 1. Right click on the Explorer sub branch, in the left pane and select New, Key  Name the new key RestrictRun.  Highlight this key, then in the right pane, right click and select New, String value.  Give it "1" for the name, without the quotes.  Double click this new value and enter the actual file name of the executable you wish to restrict this user from running. Example: calc.exe  Right click again, select New, String value, name the new value "2".  Double click the new
value, enter REGEDIT.EXE
This example would only allow Calculator and REGEDIT to be run.   Be VERY careful with this setting.  You could wind up locking yourself out of REGEDIT if you were to use the restrictions on your Administrator account.
Restart Windows for the changes to take effect.
Note: If you are the person who applies Group Policy, do not apply this policy to yourself. If applied too broadly, this policy can prevent administrators from running Group Policy or the registry editors. As a result, once applied, you cannot change this policy except by reinstalling Windows XP.
Software Restriction Policies may be set to determine what software may or may not be run by users on the system. (Jim Cavalaris [MS])
Software Restriction Policies can be configured via the group policy editor (gpedit.msc) at:

Local Computer Policy -->Computer Configuration -->Windows Settings -->Security Settings -->Software Restriction Policies.  Policy can be set to either: restrict users from running specified programs - OR -restrict users to allow ONLY the specified programs to be run.
For a non-domain machine, policy can be applied to all users on the system, or non-Admin users only (Admins are not affected by the policy, and may run any/all programs). you cannot specify this policy for only certain users, but for a non-domain machine, the Admin/non-Admin breakdown may be sufficient.
Using Software Restriction Policies in Windows XP and Windows .NET Server to Protect Against Unauthorized Software
Another Option - (KWE) - You can move shortcuts out of %ALLUSERSPROFILE%\StartMenu\Programs and place the shortcuts in specific user account profiles to keep program shortcuts from being visible to all accounts. This does not stop the limited account from running the program using a variety of techniques.
Applications - Set Priority
Open TaskManager (Ctrl+Alt+Del or Ctrl+Shift+Esc), Process Tab. Right click the Program in questions, Set Priority.

Installig perl modules

There are several ways to get Perl modules from CPAN installed on your unix-based system.

Before embarking upon any installation, it's a good idea to download the module, unzip it and check out the documentation.
The simplest way to get Perl modules installed is to use the CPAN module itself.

If you are the system administrator and want to install the module system-wide, you'll need to switch to your root user. To fire up the CPAN module, just get to your command line and run this:

perl -MCPAN -e shell

If this is the first time you've run CPAN, it's going to ask you a series of questions - in most cases the default answer is fine.
Once you find yourself staring at the cpan> command prompt, installing a module is as easy as install MODULE::NAME - for example, to install the HTML::Template module you'd type:

cpan> install HTML::Template

CPAN should take it from there and you'll wind up with the module installed into your Perl library.
Let's say you're on your system command line and you just want to install a module as quickly as possible - you can run the Perl CPAN module via command line perl and get it installed in a single line:

perl -MCPAN -e 'install HTML::Template'

As mentioned earlier, it's always advisable to download a module yourself, especially if you're having problems installing with CPAN. If you're on the command line, you can use something like wget to grab the file. Next you'll want to unzip it with something like:

tar -zxvf HTML-Template-2.8.tar.gz

This will unzip the module into a directory, then you can move in and poke around - look for the README or INSTALL files. In most cases, installing a module by hand is still pretty easy, though (although not as easy as CPAN). Once you've switched into the base directory for the module, you should be able to get it installed by typing:

perl Makefile.PL
make
make test
make install


Reconfiguring CPAN

To alter the CPAN preferences, either edit the Config.pm configuration file manually, or use the following command in the CPAN shell.

cpan> o conf init

The init configuration option runs through all the configuration questions, which may be time consuming. For example, other o conf commands can be used to list, remove, and add mirror sites, and then to save the changes to disk.

cpan> o conf urllist
urllist
ftp://ftp.kernel.org/pub/CPAN/
Type 'o conf' to view configuration edit options


cpan> o conf urllist shift

cpan> o conf urllist push ftp://ftp-mirror.internap.com/pub/CPAN/

cpan> o conf urllist
urllist
ftp://ftp-mirror.internap.com/pub/CPAN/
Type 'o conf' to view configuration edit options


cpan> o conf commit
commit: wrote /usr/local/lib/perl5/5.6.1/CPAN/Config.pm

To manually edit the existing configuration file, either open the user-specific ~/.cpan/CPAN/MyConfig.pm directly, or locate the system-wide configuration file (stored somewhere under the perl @INC path list)


Reference:
http://sial.org/howto/perl/life-with-cpan/

Problem installing GD

perl -MCPAN -e 'install GD' fails with error

This issue is resolved and here's the summary of what I found in order to resolve the issue in hopes it helps other users.

gdlib-config is a script file that has been included in the open source distribution of the gd library since version 2.0.26. we have the Red Hat gd library version 2.0.28 installed as an rpm however this distribution (RHEL AS 4) does not include gdlib-config! contacted Red Hat support about this and they confirmed that gdlib-config is not part of their official 2.0.28 distribution and they only began includin the script as part of RHEL AS 5. So to resolve this, we downloaded the open source gd library from the following link: http://www.boutell.com/gd/manual2.0.28.html#getgd decompressed/untarred the file, and then ran ./configure from the gd-2.0.28 directory. once the command had completed we copied the newly created gdlib-config file from the gd-2.0.28/config directory to the /usr/bin directory and made the file executable by running 'chmod 774 gdlib-config'. after that every one of the perl GD modules installed without error.

PHP configuration review

often to check the PHP configuration setting it is said that review the file php.ino in browser.
However you can check the configuration in command line using php -i option.

e.g. to  check what is the path for php.ini file use


[root@nagios php]# php -i  | grep php.ini
Configuration File (php.ini) Path => /usr/local/lib
Loaded Configuration File => /usr/local/lib/php.ini

tomcat vs. resin

A very good comparison for these two servers is available at


http://www.velocityreviews.com/forums/t138283-tomcat-vs-resin.html

VBA Macro to send email with attachment as per the recepient list in excel sheet

1) Open New Excel sheet and mention user Name , Email ID & Score/Report in sequential cells in second row as first will cover their titles
2) copy and paste below code into the relevant macro window , choose any attachment by editing code accordingly and run it to see the magic 



Sub SendEmail()
 'Works in 2000-2007
    Dim EmailDist As String
    Dim AcWB As Workbook
    Dim OutApp As Object
    Dim OutMail As Object
    Dim str As String
    Dim r As Integer, x As Double
    Dim xint As Long
   
        For r = 2 To 4
    Set OutApp = CreateObject("Outlook.Application")
    OutApp.Session.Logon
    Set OutMail = OutApp.CreateItem(0)

    'Date the Email is being sent
    'strDate = Format(Date, "dddd, mmm d yyyy")
 
    'Distribution list

    strAddress = Cells(r, 2)
 
    strSubject = "Your Online Exam Score"
    strBody = ""
         
     On Error GoTo JUSTEND
     With OutMail
        .To = strAddress
        .Subject = strSubject
        .HTMLBody = "Please Check the attachment"
         'Attach file here with complete path to file plus filename and file extension.
         .Attachments.Add "C:\abc.txt"
         .Send
            End With
JUSTEND:
         
    Set OutMail = Nothing 'Remove from memory
    Set OutApp = Nothing 'Remove from memory
     Next r
 
End Sub

Finding Stocks the Warren Buffett Way by John Bajkowski

Like most successful stock pickers, Warren Buffett thinks that the efficient market theory is
absolute rubbish. Buffett has backed up his beliefs with a successful track record through
Berkshire Hathaway, his publicly traded holding company.

Maria Crawford Scott examined Warren Buffett's approach in the January 1998 issue of the AAII
Journal. Table 1 below provides a summary of Buffett's investment style. In this article, we
develop a screen to identify promising businesses and then use valuation models to measure
the attractiveness of stocks passing the preliminary screen.

Buffett has never expounded extensively on his investment approach, although it can be
gleaned from his writings in the Berkshire Hathaway annual reports. Many books by outsiders
have attempted to explain Buffett's investment approach. One recently published book that
discusses his approach in an interesting and methodical fashion is "Buffettology: The Previously
Unexplained Techniques That Have Made Warren Buffett the World's Most Famous Investor," by
Mary Buffett, a former daughter-in-law of Buffett's, and David Clark, a family friend and
portfolio manager [published by Simon & Schuster, 800-223-2336; $27.00]. This book was used
as the basis for this article.

Monopolies vs. Commodities
Warren Buffett seeks first to identify an excellent business and then to acquire the firm if the
price is right. Buffett is a buy-and-hold investor who prefers to hold the stock ofa good
company earning 15% year after year over jumping from investment to investment with the
hope of a quick 25% gain. Once a good company is identified and purchased at an attractive
price, it is held for the long-term until the business loses its attractiveness or until a more
attractive alternative investment becomes available.

Buffett seeks businesses whose product or service will be in constant and growing demand. In
his view, businesses can be divided into two basic types:

Commodity-based firms, selling products where price is the single most important factor
determining purchase. Buffett avoids commodity-based firms. They are characterized with high
levels of competition in which the low-cost producer wins because of the freedom to establish
prices. Management is key for the long-term success of these types of firms.

Consumer monopolies, selling products where there is no effective competitor, either due to a
patent or brand name or similar intangible that makes the product or service unique.

While Buffett is considered a value investor, he passes up the stocks of commodity-based firms
even if they can be purchased at a price below the intrinsic value of the firm. An enterprise
with poor inherent economics often remains that way. The stock of a mediocre business treads
water.

How do you spot a commodity-based company? Buffett looks for these characteristics:
     The firm has low profit margins (net income divided by sales);
     The firm has low return on equity (earnings per share divided by book value per share);
     Absence of any brand-name loyalty for its products;
     The presence of multiple producers;
     The existence of substantial excess capacity;
     Profits tend to be erratic; and
     The firm's profitability depends upon management's ability to optimize the use of tangible assets.


Buffett seeks out consumer monopolies. These are companies that have managed to create a
product or service that is somehow unique and difficult to reproduce by competitors, either
due to brand-name loyalty, a particular niche that only a limited number companies can enter,
or an unregulated but legal monopoly such as a patent.

Consumer monopolies can be businesses that sell products or services. Buffett reveals three
types of monopolies:

Businesses that make products that wear out fast or are used up quickly and have brand-name
appeal that merchants must carry to attract customers. Nike is a good example of a firm with a
strong brand name demanded by customers. Any store selling athletic shoes must carry Nike
products to remain competitive. Other examples include leading newspapers, drug companies
with patents, and popular brand-name restaurants such as McDonald's.

Communications firms that provide a repetitive service that manufacturers must use to
persuade the public to buy the manufacturer's products. All businesses must advertise their
items, and many of the available media face little competition. These include worldwide
advertising agencies, magazine publishers, newspapers, and telecommunications networks.

Businesses that provide repetitive consumer services that people and businesses are in constant
need of. Examples include tax preparers, insurance companies, and investment firms.

Mary Buffett suggests going to your local 7-Eleven or White Hen Pantry to identify many of
these "must-have" products. These stores typically carry a very limited line of must-have
products such as Marlboro cigarettes and Wrigley's gum. However, with the guidance of the
factors used to identify attractive companies, we can establish a basic screen to identify
potential investments worthy of further analysis.

The rules used for our Buffett screen are identified and discussed in Table 2. AAII's Stock
Investor Professional was used to perform the screen. Consumer monopolies typically have high
profit margins because of their unique niche; however, a simple screen for high margins may
highlight weak firms in industries with traditionally high margins, but low turnover levels.

Our first screening filters looked for firms with both gross operating and net profit margins
above the median for their industry. The operating margin concerns itself with the costs
directly associated with production of the goods and services, while the net margin takes all of
the company activities and actions into account.

Understand How It Works

As is common with successful investors, Buffett only invests in companies he can understand.
Individuals should try to invest in areas where they possess some specialized knowledge and
can more effectively judge a company, its industry, and its competitive environment. While it
is difficult to construct a quantitative filter, an investor should be able to identify areas of
interest. An investor should only consider analyzing those firms operating in areas that they can
clearly grasp.

Conservative Financing
Consumer monopolies tend to have strong cash flows, with little need for long-term debt.
Buffett does not object to the use of debt for a good purpose--for example, if a company uses
debt to finance the purchase of another consumer monopoly. However, he does object if the
added debt is used in a way that will produce mediocre results--such as expanding into a
commodity line of business.

Appropriate levels of debt vary from industry to industry, so it is best to construct a relative
filter against industry norms. We screened out firms that had higher levels of total liabilities to
total assets than their industry median. The ratio of total liabilities to total assets is more
encompassing than just looking at ratios based upon long-term debt such as the debt-equity
ratio.

Strong & Improving Earnings
Buffett invests only in a business whose future earnings are predictable to a high degree of
certainty. Companies with predictable earnings have good business economics and produce
cash that can be reinvested or paid out to shareholders. Earnings levels are critical in
valuation. As earnings increase, the stock price will eventually reflect this growth.

Buffett looks for strong long-term growth as well as an indication of an upward trend. In the
book, Mary Buffett looks at both the 10- and five-year growth rates. Stock Investor Professional
contains only seven years of data, so we examined the seven-year growth rate as the long-term
growth rate and the three-year growth rate for the intermediate-term growth rate.

For our screen, we first required that a company's seven-year earnings growth rate be higher
than that of 75% of the stocks in the overall database. Stock Investor Professional includes
percentile ranks for growth rates, so we specified a percentile rank greater than 75.

It is best if the earnings also show an upward trend. Buffett compares the intermediate-term
growth rate to the long-term growth rate and looks for an expanding level. For our next filter,
we required that the three-year growth rate in earnings be greater than the seven-year growth
rate. This further reduced the number of passing companies to 213. Not surprisingly, the
companies passing the Buffett screen have very high growth rates--as a group, nearly three
times the median for the whole database.

Consumer monopolies should show both strong and consistent earnings. Wild swings in earnings
are characteristic of commodity businesses. A examination of year-by-year earnings should be
performed as part of the valuation. The earnings per share for Nike are displayed in the Buffett
valuation spreadsheet. Note that earnings per share growth has been strong and consistent with
only one year in which earnings did not increase from the previous period.

A screen requiring an increase in earnings for each of the last seven years would be too
stringent and not be in keeping with the Buffett philosophy. However, a filter requiring positive
earnings for each of the last seven years should help to eliminate some of the commodity-
based businesses with wild earnings swings.

A Consistent Focus
Companies that stray too far from their base of operation often end up in trouble. Peter Lynch
also avoided profitable companies diversifying into other areas. Lynch termed these
diworseifications. Quaker Oats' purchase and subsequent sale of Snapple is a good example of
this common mistake.

Companies should expand into related areas that offer high return potential. Nike's past
development of a line of athletic clothing to complement its athletic shoe business is an
example of a extension that makes sense. This factor is clearly a qualitative screen that cannot
be done with the computer.

Buyback of Shares
Buffett views share repurchases favorably since they cause per share earnings increases for
those who don't sell, resulting in an increase in the stock's market price. This is a difficult
variable to screen as most data services do not indicate this variable. You can screen for a
decreasing number of outstanding shares, but this factor is best analyzed during the valuation
process.

Investing Retained Earnings
A company should retain its earnings if its rate of return on its investment is higher than the
investor could earn on his own. Dividends should only be paid if they would be better employed
in other companies. If the earnings are properly reinvested in the company, earnings should
rise over time and stock price valuation will also rise to reflect the increasing value of the
business.

An important factor in the desire to reinvest earnings is that the earnings are not subject to
personal income taxes unless they are paid out in the form of dividends. The use of retained
earnings delays personal income taxes until the stock is sold.

Buffett examines management's use of retained earnings, looking for management that have
proven it is able to employ retained earnings in the new moneymaking ventures, or for stock
buybacks when they offer a greater return.

Good Return on Equity
Buffett seeks companies with above average return on equity. Mary Buffett indicates that the
average return on equity over the last 30 years has been around 12%.

We created a custom field that averaged the return on equity for the last seven years to
provide a better indication of the normal profitability for the company. During the valuation
process, this average should be checked against more current figures to assure that the past is
still indicative of the future direction of the company. Our screen looks for average return on
equity of 12% or greater.

Inflation Adjustments
Consumer monopolies can typically adjust their prices quickly to inflation without significant
reductions in unit sales since there is little price competition to keep prices in check. This
factor is best applied through a qualitative examination of a company during the valuation
stage.

Reinvesting Capital
In Buffett's view, the real value of consumer monopolies is in their intangibles--for instance,
brand-name loyalty, regulatory licenses, and patents. They do not have to rely heavily on
investments in land, plant, and equipment, and often produce products that are low tech.
Therefore they tend to have large free cash flows (operating cash flow less dividends and
capital expenditures) and low debt. Retained earnings must first go toward maintaining current
operations at competitive levels. This is a factor that is also best examined at the time of the
company valuation although a screen for relative levels of free cash flow might help to confirm
a company's status.

The above basic questions help to indicate whether the company is potentially a consumer
monopoly and worthy of further analysis. However, stocks passing the screens
are not automatic buys. The next test revolves around the issue of value.

The Price is Right
(Using the Spreadsheet)
The price that you pay for a stock determines the rate of return--the higher the initial price,
the lower the overall return. The lower the initial price paid, the higher the return. Buffett
first picks the business, and then lets the price of the company determine when to purchase
the firm. The goal is to buy an excellent business at a price that makes business sense.
Valuation equates a company's stock price to a relative benchmark. A $500 dollar per share
stock may be cheap, while a $2 per share stock may be expensive.

Buffett uses a number of different methods to evaluate share price. Three techniques are
highlighted in the book with specific examples and are used in the buffet spreadsheet
template.

Buffett prefers to concentrate his investments in a few strong companies that are priced well.
He feels that diversification is performed by investors to protect themselves from their
stupidity.

Earnings Yield
Buffett treats earnings per share as the return on his investment, much like how a business
owner views these types of profits. Buffett likes to compute the earnings yield (earnings per
share divided by share price) because it presents a rate of return that can be compared quickly
to other investments.

Buffett goes as far as to view stocks as bonds with variable yields, and their yields equate to
the firm's underlying earnings. The analysis is completely dependent upon the predictability
and stability of the earnings, which explains the emphasis on earnings strength within the
preliminary screens.

Nike has an earnings yield of 5.7% (cell C13, computed by dividing earnings per share of $2.77
(cell C9) by the price $48.25 (cell C8)). Buffett likes to compare the company earnings yield to
the long-term government bond yield. An earnings yield near the government bond yield is
considered attractive. With government bonds yielding around 6% currently (cell C17), Nike
compares very favorably. By paying $48 dollars per share for Nike, an investor gets an earnings
yield return equal to the interest yield on bonds. The bond interest is cash in hand but it is
static, while the earnings of Nike should grow over time and push the stock price up.

Historical Earnings Growth
Another approach Buffett uses is to project the annual compound rate of return based on
historical earnings per share increases. For example, earnings per share at Nike have increased
at a compound annual growth rate of 18.9% over the last seven years (cell B32). If earnings per
share increase for the next 10 years at this same growth rate of 18.9%, earnings per share in
year 10 will be $15.58. [$2.77 x ((1 + 0.189)^10)]. (Note this value is found in cells B49 and
E39) This estimated earnings per share figure can then be multiplied by the average price-
earnings ratio of 14.0 (cell H10) to provide an estimate of price [$15.58 x 14.0=$217.43]. (Note
this value is found in cell E42) If dividends are paid, an estimate of the amount of dividends
paid over the 10-year period should also be added to the year 10 price [$217.43 + $13.29 =
$230.72]. (Note this value is found in cell E43)

Once this future price is estimated, projected rates of return can be determined over the 10-
year period based on the current selling price of the stock. Buffett requires a
return of at least 15%. For Nike, comparing the projected total gain of $230.72 to the current
price of $48.25 leads projected rate of return of 16.9% [($230.72/$48.25) ^
(1/10) - 1]. (Note this value is found in cell E45)

Sustainable Growth
The third approach detailed in "Buffettology" is based upon the sustainable growth rate model.
Buffett uses the average rate of return on equity and average retention ratio (1 average payout
ratio) to calculate the sustainable growth rate [ ROE x ( 1 - payout ratio)]. The sustainable
growth rate is used to calculate the book value per share in year 10 [BVPS ((1 + sustainable
growth rate )^10)]. Earnings per share can be estimated in year 10 by multiplying the average
return on equity by the projected book value per share [ROE x BVPS]. To estimate the future
price, you multiply the earnings by the average price-earnings ratio [EPS x P/E]. If dividends
are paid, they can be added to the projected price to compute the total gain.

For example, Nike's sustainable growth rate is 19.2% [22.8% x (1 - 0.159)].(Sustainable growth
rate is found in cell H11) Thus, book value per share should grow at this rate to roughly $65.94
in 10 years [$11.38 x ((1 + 0.192)^10)]. (Note this value is found in cell B64) If return on equity
remains 22.8% (cell H6) in the tenth year, earnings per share that year would be $15.06 [ 0.228
x $65.94]. (Note this value is found in cell E54) The estimated earnings per share can then be
multiplied by the average price-earnings ratio to project the price of $210.23 [$15.06 x 14.0].
(Note this value is located in cell E56) Since dividends are paid, use an estimate of the amount
of dividends paid over the 10-year period to project the rate of return of 16.5% [(($210.23 +
$12.72)/ $48.25) ^ (1/10) - 1]. (Note this return estimate is found in cell E60)

Conclusion
The Warren Buffett approach to investing makes use of "folly and discipline": the discipline of
the investor to identify excellent businesses and wait for the folly of the market to buy these
businesses at attractive prices. Most investors have little trouble understanding Buffett's
philosophy. The approach encompasses many widely held investment principles. Its successful
implementation is dependent upon the dedication of the investor to learn and follow the
principles.

John Bajkowski is editor of Computerized Investing and senior financial analyst of AAII.
(c) Computerized Investing - January/February 1998, Volume XVII, No.1

Nagios with Webinject

Install all Perl packages.

Quote
Install "XML::Simple"
Install "Crypt::SSLeay"
Install "Error" pacakge

Install WebInject

Quote
wget http://downloads.sourceforge.net/webinject/webinject-1.41.src.tar.gz

ownership

change the ownership of web-inject folder

Quote
sudo chown nagios:nagios webinject


Setup test cases in webinject/testcases.xml

Define a webinject command in /usr/local/nagios/etc/objects/commands.cfg

Quote
# 'webinject' command definition
define command {
    command_name    webinject
    command_line    /usr/local/nagios/webinject/webinject.pl -c $ARG1$ $ARG2$

Define a service in /usr/local/nagios/etc/objects/localhost.cfg

Quote
define service {
    use                      generic-service
    host_name                localhost # Modify
    service_description      WebInject test of MyApplication
    is_volatile              0
    check_period             24x7
    max_check_attempts       3
    normal_check_interval    1
    retry_check_interval     1
    contact_groups           admins # Modify
    notification_interval    120
    notification_period      24x7
    notification_options     w,u,c,r
    check_command            webinject!config.xml!testcases.xml # Modify
}

PUPPET on EC2

PUPPET on Amazon EC2 (UBUNTU Machines)

Introduction:
Puppet is a system for automating system administration tasks. In the Puppet world, you define a policy (called a manifest) that describes the end state of your systems, and the Puppet software takes care of making sure the system meets that end state. If a file changes, it is replaced with a pristine copy. If a required package is removed, it is re-installed.
The Puppet system is split into two parts: a central server and the clients. The server runs a demon called puppetmaster. The clients run puppetd, which both connects to, and receives connections from, the puppetmaster. The manifest is written on the puppetmaster. If Puppet is used to manage the central server, it also runs the puppetd client.







  

Prerequisite:   Before we proceed we need to have few settings in place.
1.   Enable ICMP on security group in which the client and server reside, so that ec2 instances can communicate/ reply to ping request. This is major requirement in troubleshooting while configuring.
2.   In order for the puppet server and the puppet client(s) to be able to communicate you should ensure that port 8140 is open between the systems.
3.   Domain names- Prior to configuring puppet you may want to add a DNS record for puppet master and for puppet client So that can communicate with each other.
 In current minimal setup we are not using any DNS server. Instead we used /etc/hosts file to map hostname of client and server of Puppet

Below is the snippet of /etc/hosts file on both client and server

ubuntu@ip-10-205-2-127:~$ cat /etc/hosts
127.0.0.1 localhost
10.205.2.127 puppet.juned.com puppet
10.245.74.141 clinet.juned.com client

# The following lines are desirable for IPv6 capable hosts
#::1 ip6-localhost ip6-loopback
#fe00::0 ip6-localnet
#ff00::0 ip6-mcastprefix
#ff02::1 ip6-allnodes
#ff02::2 ip6-allrouters
#ff02::3 ip6-allhosts
?
Puppet Server Installation and configuration:

Install puppet master
apt-get install puppetmaster

Create Your Site Manifest file :
Puppet will start with /etc/puppet/manifests/site.pp as the primary manifest, so create /etc/puppet/manifests and add your manifest, along with any files it includes, to that directory. It is highly recommended that you use some form of version control (git, svn, etc) to keep track of changes to manifests.

Example Manifest file,
package {
'apache2':
ensure => installed
}
service {
'apache2':
ensure => true,
enable => true,
require => Package['apache2']
}

Next, create a node file /etc/puppet/manifests/nodes.pp with:
node ' clinet.juned.com ' {
include apache2
}
And now restart the puppet master
/etc/init.d/puppetmaster restart
Puppet Client (node) Installation and configuration:
apt-get install puppet
First, configure the puppet agent daemon to start. Edit /etc/default/puppet, changing START to
yes:
and now start the puppet client.
/etc/init.d/puppet start

Now Edit file /etc/puppet/puppet.conf
Add line server= puppet.juned.com
?
Verifying Installation
Once Puppet is installed on that machine, run the agent against the central server to verify that everything is working appropriately. You should start the agent in verbose mode the first time and with the --waitforcert flag enabled:
Run this command from client node,
puppetd --server  puppet.juned.com --waitforcert 60 --test
 On your server, list the waiting certificates
puppetca –list
You should see the name of the test agent node. Now go ahead and sign the certificate, then sign the certificate.
puppetca --sign  ip-10-245-74-141
That Request is accepted by puppet master and you can verify that on client end apche2 package is going to install you can also verify it by using tail –f /var/log/syslog


?
Pros and Cons of Puppet
Pros:
1.   Automation of System Administration: 
Puppet lets you perform normal administrative tasks (such as adding users, installing packages, and updating server configurations) by saving you countless hours of frustration, monotony, and/or reinventing the wheel on any number of systems, even if those systems are running completely different operating system.

2.   Security:
•   Thorough security model (each client has its own SSL cert) Puppet comes with tools to make basic SSL setup and cert generation very painless (puppetca)
•   Each client only gets to see the part of the site config that applies to it, not the whole site config
•   Builtin file server where file access can be secured per-client (e.g. only hostX gets access to hostX/ssh_host_key)

3.   Cross Platform:
works on most flavors of Unix/Linux (Fedora/RHEL/Debian/Gentoo, Solaris, OS X, some sort of *BSD)

4.   Domain-specific language for manifest :
•   Clean abstraction from messy details of changing config
•   Describe desired config of system, puppet figures out how to get there (e.g., you say 'need user X with homedir /foo and uid N', puppet figures out appropriate calls to useradd/usermod depending on whether user exists and fixes attributes that are out of sync)
•   Abstraction: describe config in high-level terms (user, service, package, mount) for common config objects
•   Templating support for things that can't/don't need to be described as objects; or distribute complete files
•   Group config items logically with classes: can describe that a webserver has to have latest httpd package, service httpd enabled and running, and custom httpd.conf file from location X (that's not possible with at least one of the other config mgmt tools)
•   Override mechanism for classes to allow for simple one-off (or hundred-off) tweaks, e.g. to take webserver class from above but use with different httpd.conf * Clean definition of what inputs can influence a client's config

5.   Emphasis on practical usability, not research.
6.   Cron-like support for scheduling tasks.
7.   Tie-in with kickstart: provision basic system with ks (including puppet client), complete config with puppet.
8.   Strong community support
9.   Open source and free software

Cons:
1.   All sysadmins are not programmer:
   Ruby programming language is puppet's implementation language and we sysadmins are not familiar with Ruby.

2.   Puppet has its own language for configuration purpose and that one need to learn to configure puppet.  
3.   Puppet is a new software so not sure about count of servers and workstations efficiently managed by puppet.

Installing Nagios and Munin

Login to Nagios server (where you want to install Nagios Server)

*************************************
Apache Instalation

sudo apt-get install apache2

sudo apt-get install libapache2-mod-php5

sudo apt-get install build-essential

sudo apt-get install libgd2-xpm-dev


****************************************

Create Account Information

Become the root user.

sudo -s

Password123


Create a new nagios user account and give it a password.

/usr/sbin/useradd -m -s /bin/bash nagios

passwd nagios

Enter new UNIX password:nagiosadmin
Retype new UNIX password:nagiosadmin
passwd: password updated successfully

root@stg-monitor:~# /usr/sbin/groupadd nagcmd
root@stg-monitor:~# /usr/sbin/usermod -a -G nagcmd nagios
root@stg-monitor:~# /usr/sbin/usermod -a -G nagcmd www-data

**************************************************

Download the tar ball for Nagios and Nagios Plugins


****************************************************

Configure


./configure --with-command-group=nagcmd


*** Configuration summary for nagios 3.2.3 10-03-2010 ***:

 General Options:
 -------------------------
        Nagios executable:  nagios
        Nagios user/group:  nagios,nagios
       Command user/group:  nagios,nagcmd
            Embedded Perl:  no
             Event Broker:  yes
        Install ${prefix}:  /usr/local/nagios
                Lock file:  ${prefix}/var/nagios.lock
   Check result directory:  ${prefix}/var/spool/checkresults
           Init directory:  /etc/init.d
  Apache conf.d directory:  /etc/apache2/conf.d
             Mail program:  /bin/mail
                  Host OS:  linux-gnu

 Web Interface Options:
 ------------------------
                 HTML URL:  http://localhost/nagios/
                  CGI URL:  http://localhost/nagios/cgi-bin/
 Traceroute (used by WAP):


Review the options above for accuracy.  If they look okay,
type 'make all' to compile the main program and CGIs.


*************************************************************

Compile the Nagios source code.

make all


*************************************************************

Install binaries, init script, sample config files and set permissions on the external command directory.

make install

make install-init

make install-config

make install-commandmode


*************************************************************

Configure the Web Interface

Install the Nagios web config file in the Apache conf.d directory.

make install-webconf


Create a nagiosadmin account for logging into the Nagios web interface. Remember the password you assign to this account - you'll need it later.

htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

New password:nagios
Re-type new password:nagios


Restart Apache to make the new settings take effect.

/etc/init.d/apache2 reload

*************************************************************

Compile and Install the Nagios Plugins

cd /home/cybage/untar/nagios-plugins-1.4.11


./configure --with-nagios-user=nagios --with-nagios-group=nagios

make

make install

*************************************************************



Configure Nagios to automatically start when the system boots.

ln -s /etc/init.d/nagios /etc/rcS.d/S99nagios


Verify the sample Nagios configuration files.

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg


If there are no errors, start Nagios.

/etc/init.d/nagios start


*************************************************************

Check Nagios web interface at

http://monitor.dimestore.com/nagios/

*************************************************************

Configure NRPE plugins on PROD-Monitor server



NRPE require you install xinetd and libssl-dev so we’ll do that now

apt-get install xinetd
apt-get install libssl-dev


/home/cybage/untar/nrpe-2.12


make all
make install-plugin
make install-daemon
make install-daemon-config
make install-xinetd


now we need to configure the daemon so it will talk to our Nagios server, well do this buy editing /etc/xinetd.d/nrpe and adding our monitoring servers address:

only_from       = ??.??.??.??


Then add “nrpe 5666/tcp # NRPE” to /etc/services as below

nrpe            5666/tcp                        # NRPE


Restart xinetd services

root@prod-monitor:~/untar/nrpe-2.12# /etc/init.d/xinetd restart
 * Stopping internet superserver xinetd                                                                                                               [ OK ]
 * Starting internet superserver xinetd                                                                                                               [ OK ]

Confirm NRPE is listening on port 5666

root@prod-monitor:~/untar/nrpe-2.12# netstat -at | grep nrpe
tcp        0      0 *:nrpe                  *:*                     LISTEN


Confirm check_nrpe is present in the Nagios libexec folder

ls -l /usr/local/nagios/libexec/check_nrpe

****************************************************************************

edit Nagios configuration to replace the localhost with actual nagios host name and new required cfg files

cd /usr/local/nagios/etc/objects/

sudo touch hosts.cfg services.cfg hostgroups.cfg


edit nagios.cfg so that nagios can use these newly added configuration files

and comment the localhosts.cfg file

cfg_file=/usr/local/nagios/etc/objects/hosts.cfg
cfg_file=/usr/local/nagios/etc/objects/hostgroups.cfg
cfg_file=/usr/local/nagios/etc/objects/contactgroups.cfg
cfg_file=/usr/local/nagios/etc/objects/services.cfg



Verify the sample Nagios configuration files.

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg


If there are no errors, reload Nagios.

sudo /etc/init.d/nagios reload

****************************************************************************

Installing Munin and munin node

sudo apt-get install munin munin-node


edit munin.conf file and replace localhost with proper name

[prod-monitor]
    address ??.??.??.??
    use_node_name yes


and update the Munin server

sudo su - munin --shell=/bin/bash  -c /usr/share/munin/munin-update

update munin-node.conf  to add munin servers ip address

allow ^127\.0\.0\.1$
allow ^??\.??\.??\.??$


and restart munin node

sudo service munin-node restart

****************************************************************************


Add munin nodes in munin.conf


Restart Munin
sudo su - munin --shell=/bin/bash -c /usr/share/munin/munin-update


***********************************************************************************

Add entries in hosts.cfg
Add entries in hostgroups.cfg


Verify the sample Nagios configuration files.

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

sudo /etc/init.d/nagios reload

***********************************************************************************
Add nrpe command in commands.cfg

define command{
        command_name check_nrpe
        command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}


Add NRPE services

Monitoring Hosted website using local nagios instance

Hi, recently I am trying to monitor the status of my hosted web page using a local nagios instance.
I used nagios check_http plugin for this.

1) Create a new command in commands.cfg file and use check_http as your base command and then alter the parameters
e.g.


define command{
        command_name    check_http_tnt
        command_line    $USER1$/check_http -H www.tipsntraps.com $ARG1$
        }

2) Define a new service to monitor the web page www.tipsntraps.com/index.php and expect the http_responce code 200

define service{
        use                             local-service         ; Name of service template to use
        host_name                       Rubicon Live
        service_description             TNT
        check_command                   check_http_tnt! -u /index.php -e 200
        notifications_enabled           0
        }

3)  Verify the sample Nagios configuration files.

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg


4) If there are no errors, start Nagios.

/etc/init.d/nagios start

Nagios-Installation

Nagios is an open source host, service and network monitoring program. It is designed to run under Linux, although it should work under most other *NIX variants. It can run either as a normal process or as a daemon, intermittently running checks on various services that you specify. The actual service checks are performed by external "plug-in" which return service information to Nagios. Several CGI programs are included with Nagios in order to allow you to view the current service status, history, etc. via a web browser.

Nagios has a lot of features, making it a very powerful monitoring tool. Some of the major features are listed below:
•   Monitoring of network services (SMTP, POP3, HTTP, NNTP, PING, etc.)
•   Monitoring of host resources (processor load, disk and memory usage, running processes, log files, etc.)
•   Monitoring of environmental factors such as temperature
•   Simple plugin design that allows users to easily develop their own host and service checks
•   Ability to define network host hierarchy, allowing detection of and distinction between hosts that are down and those that are unreachable
•   Contact notifications when service or host problems occur and get resolved (via email, pager, or other user-defined method)
•   Optional escalation of host and service notifications to different contact groups
•   Ability to define event handlers to be run during service or host events for proactive problem resolution
•   Support for implementing redundant and distributed monitoring servers
•   External command interface that allows on-the-fly modifications to be made to the monitoring and notification behavior through the use of event handlers, the web interface, and third-party applications
•   Retention of host and service status across program restarts
•   Scheduled downtime for suppressing host and service notifications during periods of planned outages
•   Ability to acknowledge problems via the web interface
•   Web interface for viewing current network status, notification and problem history, log file, etc.
•   Simple authorization scheme that allows you restrict what users can see and do from the web interface

License

Nagios is licensed under the terms of the GNU General Public License Version 2 as published by the Free Software Foundation. This gives you legal permission to copy, distribute and/or modify Nagios under certain conditions. Read the 'LICENSE' file in the Nagios distribution or read the online version of the license for more details. Nagios is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE WARRANTY OF DESIGN, MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE.

Support

Linux

Website

http://www.nagios.org/about/screenshots.php

 Installing Nagios

* Important: Installing and configuring Nagios is rather involved. You can't just compile the binaries, run the program and sit back. There's a lot to setup before you can actually start monitoring anything. Relax, take your time and read all the documentation - you're going to need it. Okay, let's get started...

Become Root:

You'll need to have root access to install Nagios as described in this documentation, as you'll be creating users and group, modifying your web server config files, etc. Either login as root before you begin or use the su command to change to the root user from another account.

Getting The Latest Version

You can download the latest version of Nagios from http://www.nagios.org/ download.

Unpacking The Distribution

To unpack the Nagios distribution, use the following command:

#tar xzf nagios-version.tar.gz

When you have finished executing these commands, you should find a nagios-version directory that has been created in your current directory. Inside that directory you will find all the files that comprise the core Nagios distribution.

Create Nagios User/Group

You're probably going to want to run Nagios under a normal user account, so add a new user (and group) to your system with the following command (this will vary depending on what OS you're running):

#adduser nagios

Create Installation Directory


Create the base directory where you would like to install Nagios as follows...

#mkdir /usr/local/nagios

Change the owner of the base installtion directory to be the Nagios user and group you added earlier as follows:

#chown nagios.nagios /usr/local/nagios

Identify Web Server User

You're probably going to want to issue external commands (like acknowledgements and scheduled downtime) from the web interface. To do so, you need to identify the user your web server runs as (typically apache, although this may differ on your system). This setting is found in your web server configuration file. The following command can be used to quickly determine what user Apache is running as (paths may differ on your system):

#grep "^User" /etc/httpd/conf/httpd.conf

Add Command File Group

Next we're going to create a new group whose members include the user your web server is running as and the user Nagios is running as. Let's say we call this new group 'nagcmd' (you can name it differently if you wish). On RedHat Linux you can use the following command to add a new group (other systems may differ):

#/usr/sbin/groupadd nagcmd

Next, add the users that your web server and Nagios run as to the newly created group with the following commands (I'll assume apache and nagios are the respective users):

#/usr/sbin/usermod -G nagcmd apache
#/usr/sbin/usermod -G nagcmd nagios


Run the Configure Script


Run the configure script to initialize variables and create a Makefile as follows...(the last two options: --with-command-xxx are optional, but needed if you want to issue external commands)

#./configure --prefix=prefix --with-cgiurl=cgiurl --with-htmurl=htmurl --with-nagios-user=someuser --with-nagios-group=somegroup --with-command-group=cmdgroup

    * Replace prefix with the installation directory that you created in the step above (default is /usr/local/nagios)
    * Replace cgiurl with the actual url you will be using to access the CGIs (default is /nagios/cgi-bin). Do NOT append a slash at the end of the url.
    * Replace htmurl with the actual url you will be using to access the HTML for the main interface and documentation (default is /nagios/)
    * Replace someuser with the name of a user on your system that will be used for setting permissions on the installed files (default is nagios)
    * Replace somegroup with the name of a group on your system that will be used for setting permissions on the installed files (default is nagios)
    * Replace cmdgroup with the name of the group running the web server (default is nagios, in the example above it was nagcmd). This will allow group members (i.e. your web server) to be able to submit external commands to Nagios.


Compile Binaries

Compile Nagios and the CGIs with the following command:

#make all

Installing The Binaries And HTML Files


Install the binaries and HTML files (documentation and main web page) with the following command:

#make install


Installing An Init Script

If you wish, you can also install the sample init script to /etc/rc.d/init.d/nagios with the following command:

#make install-init

You may have to edit the init script to make sense with your particular OS and Nagios installation by editing paths, etc.

Directory Structure And File Locations

Change to the root of your Nagios installation directory with the following command...

#cd /usr/local/nagios

You should see five different subdirectories. A brief description of what each directory contains is given in the table below.

Sub-Directory:    Contents
bin/:            Nagios core program
etc/:    Main, resource, object, and CGI configuration files should be put here
sbin/:    CGIs
share/:    HTML files (for web interface and online documentation)
var/:            Empty directory for the log file, status file, retention file, etc.
var/archives/:  Empty directory for the archived logs
var/rw:    Empty directory for the external command file

Installing The Plugins

In order for Nagios to be of any use to you, you're going to have to download and install some plugins. Plugins are usually installed in the libexec/ directory of your Nagios installation (i.e. /usr/local/nagios/libexec). Plugins are scripts or binaries which perform all the service and host checks that constitute monitoring. You can grab the latest release of the plugins from the Nagios downloads page or directly from the SourceForge project page.

Setup The Web Interface

You're probably going to want to use the web interface, so you'll also have to read the instructions on setting up the web interface and configuring web authentication, etc. next.

Configuring Nagios

So now you have things compiled and installed, but you still haven't configured Nagios or defined objects (hosts, services, etc.) that should be monitored.