Common configuration

There are several configuration properties which allow for more control about service.monitor. Values can be overridden by using the common application.properties mechanism (located in the installation’s data directory).

The table below contains a subset of all available properties, properties according database connection and security settings (binding to security.manager) are not described yet.

basehost.url: The URL to service.monitor as seen by users.

This setting is only used for link creation in broadcasting functionalities (i.e. mails).

HTTP connection security

security.ssl.trustAny: Flag which enables that self-signed certificates are accepted in HTTPS connections.

Allowed Values: true, false
Default: false
security.ssl.trustAny.internal: Same as security.ssl.trustAny but used for internal communication (e.g. between security.manager and service.monitor).

Allowed Values: true, false
Default: false

Layout

css.theme: Name of the layout theme to be used when displaying service.monitor.

Default: everlasting
css.theme.showUserInfo.header: Flag to enable or disable user information in page header.

If service.monitor is embedded in map.apps Manager this should default to true.

Allowed Values: true, false
Default: true

Monitoring

monitoring.internal.enabled: Flag to decide if this node shall execute monitoring tasks or not (or if it should only provide dashboard controls).

Allowed Values: true, false
Default: true
monitoring.internal.cleanup.history.period: Interval in milliseconds to query database for outdated monitoring entries.

Default: 1800000
monitoring.logging.cleanup.enabled: Definition of whether log data should be deleted for each individual request in the internal data storage.

Allowed Values: true, false
monitoring.logging.interval: Specify the number of days for which log data about individual requests is retained.

Aggregated result data is kept forever.
monitor.quartz.thread.count: Number of thread to be used on this node for executing monitoring jobs.

The more parallel jobs to be executed the more this number needs to be increased.

Default: 25

Dashboard

monitoring.dashboard.health.widget: Flag to decide if the health widget shall be displayed in dashboard UI.

Allowed Values: true, false
Default: true

Mailing

mailing.host: Mail server host.
mailing.port: Mail server port.
mailing.user: Name of SMTP user.
mailing.password: Password of SMTP user.
mailing.sender: Sender address.
mailing.subject.de: customizable prefix for notification mail subjects (German language).

Default: [service.monitor]
mailing.subject.en: customizable prefix for notification mail subjects (English language).

Default: [service.monitor]
mailing.sender.adminRecipients: Additional mail recipients for all outgoing mails.

SMS

service.monitor supports sending SMS messages via external providers using the SMTP protocol (e.g. http://www.ecall.ch/).

sms.email.server: If this method is used, service.monitor sends e-mails to the broadcast server specified here. This address must usually be on a white list at the service provider that allows the conversion from mail to SMS. The SMS option is not available in the web interface if this field is left empty.

Simple Network Messaging Protocol (SNMP)

snmp.address: Please enter the IP/ host and port of the central SNMP management server to which the trap messages are to be sent.

Please empty the field if no such server is operated and the option is not to be offered in the user interface.

Example: hostname/162

Alerting

The following properties are used to configure service.monitor alerting in conjunction with a Kibana instance.

monitoring.kibana.alerting.enabled: Enables/disables Kibana alerting in service.monitor.

Allowed values: true, false
Default: false
monitoring.kibana.url: The URL to the Kibana instance. If the Kibana default space is used, the syntax is:

http(s)://<KIBANA_HOST>:<KIBANA_PORT>

If the rules of a specific space are to be used, the syntax is:

http(s)://<KIBANA_HOST>:<KIBANA_PORT>/s/<SPACE_ID>
monitoring.kibana.username: The username to access the Kibana instance.
monitoring.kibana.password: The user’s password for accessing the Kibana instance.
monitoring.kibana.alerting.repeatInterval: Interval in milliseconds for querying the Kibana rules.

Default: 60000
monitoring.kibana.notifiableStatus: A comma-separated list of statuses for which notifications are sent. For further explanations of the meaning of the values, see Rule status .

Allowed values: active,ok,pending,error,unknown
Default: active,ok,pending,error,unknown

Authentication

security.mode: Definition of authentication mode.

INTEGRATED uses internal authentication, ONLY_AUTHN defines the use of security.manager.

Allowed Values: INTEGRATED, ONLY_AUTH
Default: INTEGRATED

integrated

security.user.admin.name: Username of internally provided user.

Default: monitor
security.user.admin.pw: Password for the internal default account monitor.

It is strongly recommended to set a new password for the internal default account monitor for operation. This is part of the built-in authentication procedure, which is the default after installation. A new password hash can be generated using the script resources\tools\createPassword.bat or resources\tools\createPassword.sh from the command line. The call is createPassword.bat SHA-512 <password>. Copy the output value of the tool into the file as a configuration value.
security.user.pwenc: Hash algorithm of the user passwords.

Allowed Values: plain, SHA-1, SHA-256, SHA-512`
Default: SHA-1
security.user.use_mapped_pass: Has to be true if some other as plain is set.

Allowed Values: true, false
Default: true
security.user.admin.roles: Role to be assigned to the internal user.

Default: mon_Administrator

security.manager

security.sso.cookie.name: The name of the domain cookie.

This value has to correspond to the settings in security.manager.

Default: ct_SSO
security.sso.cookie.domain: The domain of the domain cookie.

This value has to correspond to the settings in security.manager.
security.sso.service.url: URL to SSO session service of security.manager.

Default: http://localhost:8080/adminstration/resources/ssosessions
security.was.service.url: URL to WAS service of security.manager.

Default: http://localhost:8080/adminstration/WAS
security.app.url: The URL to the login page of security.manager.

The client is redirected to this URL if she is currently not authenticated.

Default: https://<HOST>/administration
security.remoteuser.postfix: An additional postfix to be added when IWA is used and sec.man runs in hybrid mode.
security.keystore.location: The key store where the private key of the application is defined.

Default: <PATH>/.keystore
security.keystore.passwd: Key store password.

Default: changeit
security.keystore.key.alias: Alias name of the private key.

Default: ct-security
security.keystore.key.passwd: Password for the private key.

Default: changeit

Integration

security.embedding.allowed.origins: Defines a comma-separated list of origins (e.g. http://my-example.com:8080) that are allowed to embed service.monitor in an iframe.

Public base URL

basehost.url: The public base URL for external communication without the context name.

Please also make sure to specify the correct protocol, e.g. https://[public.domain.tld].

Database connection

db.use

Specifies whether a direct database connection (JDBC) or a container-managed database connection (JNDI) is established.

In the case of JDBC, the other parameters described here must be configured. In the case of JNDI, follow the section JNDI.

Allowed Values: jdbc, jndi

db.type: Type of database.

Allowed Values: postgresql, oracle, oracle10, sqlserver
db.jdbc.url: Database connection URL.
db.jdbc.username: Name of db user.
db.jdbc.password: Password of db user.

Forward proxy (optional)

To monitor services that are accessible only by a proxy, add a proxy configuration to the Java servlet engine. Set the following parameters in the environment of the engine in which service.monitor is operated.

http.proxyHost=[PROXY_SERVERNAME for http]
http.proxyPort=[PROXY_SERVERPORT for http]
http.nonProxyHosts=[LIST_SERVERS_WITHOUT_PROXY for http]
https.proxyHost=[PROXY_SERVERNAME for https]
https.proxyPort=[PROXY_SERVERPORT for https]
https.nonProxyHosts=[LIST_SERVERS_WITHOUT_PROXY for https]

You can set these parameters for tomcat

as Java parameters using the Tomcat configuration tools or

as environment variable CATALINA_OPTS.

Windows

set CATALINA_OPTS = -Dhttp.proxyPort=[PROXYPORT] -Dhttp.proxyHost=[PROXYHOST] -Dhttp.nonProxyHosts=[NONPROXYHOSTS] .....

Linux/Unix

export CATALINA_OPTS = -Dhttp.proxyPort=[PROXYPORT] -Dhttp.proxyHost=[PROXYHOST] -Dhttp.nonProxyHosts=[NONPROXYHOSTS] .....

Then restart the Tomcat service.

These settings apply to all web applications of the Tomcat service, and not only to components of service.monitor. If this is not desired, run service.monitor components in a separate Tomcat installation.

Java memory settings (optional)

Depending on the use of the Tomcat Servlet Container (number of other webapps, number of services to be monitored), it may be advisable to deviate from these memory settings. In principle, the values described here are sufficient.

-Xms512m: minimum memory allocated by the JVM (512 MByte)
-Xmx512m: maximum memory allocated by the JVM (512 MByte)

These values are for guidance only. If you expect a high load and there are many applications deployed on the server, increase the values in accordance with the available hardware.