Common configuration

There are several configuration properties which allow for more control about service.monitor. Values can be overridden by using the common application.properties mechanism (located in the installation’s data directory).

The table below contains a subset of all available properties, properties according database connection and security settings (binding to security.manager) are not described yet.

basehost.url

The URL to service.monitor as seen by users.

This setting is only used for link creation in broadcasting functionalities (i.e. mails).

HTTP connection security

security.ssl.trustAny

Flag which enables that self-signed certificates are accepted in HTTPS connections.

Allowed Values: true, false
Default: false

security.ssl.trustAny.internal

Same as security.ssl.trustAny but used for internal communication (e.g. between security.manager and service.monitor).

Allowed Values: true, false
Default: false

Layout

css.theme

Name of the layout theme to be used when displaying service.monitor.

Default: everlasting

css.theme.showUserInfo.header

Flag to enable or disable user information in page header.

If service.monitor is embedded in map.apps Manager this should default to true.

Allowed Values: true, false
Default: true

Monitoring

monitoring.internal.enabled

Flag to decide if this node shall execute monitoring tasks or not (or if it should only provide dashboard controls).

Allowed Values: true, false
Default: true

monitoring.internal.cleanup.history.period

Interval in milliseconds to query database for outdated monitoring entries.

Default: 1800000

monitoring.logging.cleanup.enabled

Definition of whether log data should be deleted for each individual request in the internal data storage.

Allowed Values: true, false

monitoring.logging.interval

Specify the number of days for which log data about individual requests is retained.

Aggregated result data is kept forever.

monitor.quartz.thread.count

Number of thread to be used on this node for executing monitoring jobs.

The more parallel jobs to be executed the more this number needs to be increased.

Default: 25

Dashboard

monitoring.dashboard.health.widget

Flag to decide if the health widget shall be displayed in dashboard UI.

Allowed Values: true, false
Default: true

Mailing

mailing.host

Mail server host.

mailing.port

Mail server port.

mailing.user

Name of SMTP user.

mailing.password

Password of SMTP user.

mailing.sender

Sender address.

mailing.subject.de

customizable prefix for notification mail subjects (German language).

Default: [service.monitor]

mailing.subject.en

customizable prefix for notification mail subjects (English language).

Default: [service.monitor]

mailing.sender.adminRecipients

Additional mail recipients for all outgoing mails.

SMS

service.monitor supports sending SMS messages via external providers using the SMTP protocol (e.g. http://www.ecall.ch/).

sms.email.server

If this method is used, service.monitor sends e-mails to the broadcast server specified here. This address must usually be on a white list at the service provider that allows the conversion from mail to SMS. The SMS option is not available in the web interface if this field is left empty.

Simple Network Messaging Protocol (SNMP)

snmp.address

Please enter the IP/ host and port of the central SNMP management server to which the trap messages are to be sent.

Please empty the field if no such server is operated and the option is not to be offered in the user interface.

Example: hostname/162

Alerting

The following properties are used to configure service.monitor alerting in conjunction with a Kibana instance.

monitoring.kibana.alerting.enabled

Enables/disables Kibana alerting in service.monitor.

Allowed values: true, false
Default: false

monitoring.kibana.url

The URL to the Kibana instance. If the Kibana default space is used, the syntax is:

http(s)://<KIBANA_HOST>:<KIBANA_PORT>

If the rules of a specific space are to be used, the syntax is:

http(s)://<KIBANA_HOST>:<KIBANA_PORT>/s/<SPACE_ID>

monitoring.kibana.username

The username to access the Kibana instance.

monitoring.kibana.password

The user’s password for accessing the Kibana instance.

monitoring.kibana.alerting.repeatInterval

Interval in milliseconds for querying the Kibana rules.

Default: 60000

monitoring.kibana.notifiableStatus

A comma-separated list of statuses for which notifications are sent. For further explanations of the meaning of the values, see Rule status .

Allowed values: active,ok,pending,error,unknown
Default: active,ok,pending,error,unknown

Authentication

security.mode

Definition of authentication mode.

INTEGRATED uses internal authentication, ONLY_AUTHN defines the use of security.manager.

Allowed Values: INTEGRATED, ONLY_AUTH
Default: INTEGRATED

integrated

security.user.admin.name

Username of internally provided user.

Default: monitor

security.user.admin.pw

Password for the internal default account monitor.

It is strongly recommended to set a new password for the internal default account monitor for operation. This is part of the built-in authentication procedure, which is the default after installation. A new password hash can be generated using the script resources\tools\createPassword.bat or resources\tools\createPassword.sh from the command line. The call is createPassword.bat SHA-512 <password>. Copy the output value of the tool into the file as a configuration value.

security.user.pwenc

Hash algorithm of the user passwords.

Allowed Values: plain, SHA-1, SHA-256, SHA-512`
Default: SHA-1

security.user.use_mapped_pass

Has to be true if some other as plain is set.

Allowed Values: true, false
Default: true

security.user.admin.roles

Role to be assigned to the internal user.

Default: mon_Administrator

security.manager

security.sso.cookie.name

The name of the domain cookie.

This value has to correspond to the settings in security.manager.

Default: ct_SSO

security.sso.cookie.domain

The domain of the domain cookie.

This value has to correspond to the settings in security.manager.

security.sso.service.url

URL to SSO session service of security.manager.

Default: http://localhost:8080/adminstration/resources/ssosessions

security.was.service.url

URL to WAS service of security.manager.

Default: http://localhost:8080/adminstration/WAS

security.app.url

The URL to the login page of security.manager.

The client is redirected to this URL if she is currently not authenticated.

Default: https://secman-host.example.com/administration

security.remoteuser.postfix

An additional postfix to be added when IWA is used and sec.man runs in hybrid mode.

security.keystore.location

The key store where the private key of the application is defined.

Default: <PATH>/.keystore

security.keystore.passwd

Key store password.

Default: changeit

security.keystore.key.alias

Alias name of the private key.

Default: ct-security

security.keystore.key.passwd

Password for the private key.

Default: changeit

Integration

security.embedding.allowed.origins

Defines a comma-separated list of origins (e.g. http://my-example.com:8080) that are allowed to embed service.monitor in an iframe.

Public base URL

basehost.url

The public base URL for external communication without the context name.

Please also make sure to specify the correct protocol, e.g. https://[public.domain.tld].

Database connection

db.use

Specifies whether a direct database connection (JDBC) or a container-managed database connection (JNDI) is established.

In the case of JDBC, the other parameters described here must be configured. In the case of JNDI, follow the section JNDI.

Allowed Values: jdbc, jndi

db.type

Type of database.

Allowed Values: postgresql, oracle, oracle10, sqlserver

db.jdbc.url

Database connection URL.

db.jdbc.username

Name of db user.

db.jdbc.password

Password of db user.

Forward proxy (optional)

To monitor services that are accessible only by a proxy, add a proxy configuration to the Java servlet engine. Set the following parameters in the environment of the engine in which service.monitor is operated.

http.proxyHost=[PROXY_SERVERNAME for http]
http.proxyPort=[PROXY_SERVERPORT for http]
http.nonProxyHosts=[LIST_SERVERS_WITHOUT_PROXY for http]
https.proxyHost=[PROXY_SERVERNAME for https]
https.proxyPort=[PROXY_SERVERPORT for https]
https.nonProxyHosts=[LIST_SERVERS_WITHOUT_PROXY for https]

You can set these parameters for tomcat

  • as Java parameters using the Tomcat configuration tools or

  • as environment variable CATALINA_OPTS.

    Windows
    set CATALINA_OPTS = -Dhttp.proxyPort=[PROXYPORT] -Dhttp.proxyHost=[PROXYHOST] -Dhttp.nonProxyHosts=[NONPROXYHOSTS] .....
    Linux/Unix
    export CATALINA_OPTS = -Dhttp.proxyPort=[PROXYPORT] -Dhttp.proxyHost=[PROXYHOST] -Dhttp.nonProxyHosts=[NONPROXYHOSTS] .....

Then restart the Tomcat service.

These settings apply to all web applications of the Tomcat service, and not only to components of service.monitor. If this is not desired, run service.monitor components in a separate Tomcat installation.

Java memory settings (optional)

Depending on the use of the Tomcat Servlet Container (number of other webapps, number of services to be monitored), it may be advisable to deviate from these memory settings. In principle, the values described here are sufficient.

-Xms512m

minimum memory allocated by the JVM (512 MByte)

-Xmx512m

maximum memory allocated by the JVM (512 MByte)

These values are for guidance only. If you expect a high load and there are many applications deployed on the server, increase the values in accordance with the available hardware.