Internal documentation only

This page has been marked as a draft.

Self-Announcing Netprobe

Overview Copied

This topics walks you through the configuration and basic features of Self-Announcing Netprobes (SANs).

Features Copied

Disable listening Copied

There are two ways to configure Self-Announcing Netprobes to not listen for incoming connections on their configured port:

Either method does not remove the configured port from the Netprobe, and the port is still used by Gatewayto identify its connection with the Netprobe.

Load balancing Copied

In self-announcing mode, the Netprobe setup file must specify one or more Gateways to announce to.

When more than one Gatewayis specified, the following occurs:

  1. The Netprobe attempts to contact each Gateway.
  2. The Gateways respond, indicating if these are willing to accept the Netprobe. Each Gateway provides a metric indicating how highly loaded it is.
  3. The Netprobepicks the least loaded Gatewayto announce to, and listens for a connection in the normal way.
  4. If there is a tie, the Netprobepicks the first of the least loaded Gateways, in the order specified in the Netprobe setup file.

Score Copied

Self-Announcing Netprobes use the Gateway score to determine what Gateway to connect to.

Each Netprobe gives an individual score which represents the load it puts on a Gateway. The Gateway score is the total of the scores from every Netprobe on a Gateway. The score is a measure of how loaded a Gateway is. Currently, the score is the number of samplers configured on a Netprobe.

You can use the Probe Data plug-in to see the score from each Netprobe. For more information, see Probe data in Gateway Plug-Ins.

Rebalance Self-Announcing Netprobes Copied

You can redistribute SANs across your Gateways using the Gateway command for rebalancing Self-Announcing Netprobes. This command removes SANs from a Gateway to either reach a target number of SANs or reach a target Gateway score.

You may want to use this command to redistribute SANs to a recently restored Gateway from other Gateways across your cluster.

For more information, see Rebalance Self-Announcing Netprobes command in Gateway Commands.

Snooze and user assignment information on self-announcing probes Copied

Self-Announcing Netprobes store snooze and user assignment information in files in the Netprobedirectory. The files have the following filenames, where <probename> is the name of the SAN configured in the Netprobesetup file:

Configuration settings Copied

In addition, the Netprobe setup file can specify zero or more Managed Entity Attribute name-value pairs. These can be used by Active Console for searching and sorting purposes. Attributes are typically used with the logical mode of the Active Console State Tree.

Netprobe Setup File can also set user-defined variables on the created Managed Entity. Managed Entities can contain any number of variables. The variables section is not parsed by the probe; it is passed to the Gateway to be checked. All variable types that can be entered on in the Gateway setup are accepted, except for any passwords.

Consider the following setup file for a Self-Announcing Netprobe:

<?xml version="1.0" encoding="ISO-8859-1"?>
 <netprobe>
  <selfAnnounce>
   <enabled>true</enabled>
   <retryInterval>60</retryInterval>
   <requireReverseConnection>false</requireReverseConnection>
   <probeName>myProbe</probeName>
   <managedEntities>
    <managedEntity>
     <name>myEntity</name>
     <attributes>
      <attribute name="COUNTRY">USA</attribute>
      <attribute name="CITY">CHICAGO</attribute>
      <attribute name="ENVIRONMENT">PROD</attribute>
     </attributes>
     <variables>
      <var name="var_string">
       <string>selfProbe</string>
      </var>
      <var name="var_double">
       <double>10.1</double>
      </var>
      <var name="var_ActiveTime">
       <activeTime>
        <activeTime ref="SomeActiveTime"/>
       </activeTime>
      </var>
     </variables>
     <types>
      <type>Linux</type>
      <type>Fidessa</type>
      <type>ProdShare</type>
     </types>
    </managedEntity>
   </managedEntities>
   <gateways>
    <gateway>
     <hostname>gateway1</hostname>
     <port>17101</port>
     <secure>true</secure>
    </gateway>
    <gateway>
     <hostname>gateway2</hostname>
     <port>17102</port>
    </gateway>
    <gateway>
     <hostname>gateway3</hostname>
     <port>17103</port>
     <secure>false</secure>
    </gateway>
   </gateways>
  </selfAnnounce>
 </netprobe>
Element Sub-element Sub-element Description
selfAnnounce    

Setup values for Self-Announcing Netprobe mode.

Mandatory: No

selfAnnounce > enabled  

When set to true, enables the Self-Announcing Netprobe mode.

If set to false after previously running a Self-Announcing Netprobe, the Netprobe reverts to the normal mode.

Mandatory: Yes
selfAnnounce > retryInterval  

Specifies the time in seconds that the Netprobe waits after failing to find a suitable Gateway to announce to, or after the master connection drops, before restarting the polling process.

Mandatory: No

Default value: 60
selfAnnounce > requireReverseConnection  

When set to true, indicates that the Netprobe can only make a Netprobe-to-Gateway connection. This is useful when, for example, the Netprobe is behind a firewall.

By default, Self-Announcing Netprobes make Netprobe-to-Gateway connections where both components support it. This setting ensures that the Netprobe will not select a Gateway that does not support reverse connections, and will prevent the Gateway from publishing the disableSelfAnnouncing command for the Netprobe.

The default value for this depends upon whether the Netprobeis configured to connect to a secure Gateway. If any of the Gateway connections have the secure flag set to true, then the default value for this setting is true and it cannot be overridden. This is because Gateway-to-Netprobeare not supported secure Self-Announcing Netprobe connections. If all the Gateways connected to are insecure, then the default value of this setting is false, but it can be set to true to ensure that all connections are Netprobe-to-Gateway.

Mandatory: No

Default: Dependent on other settings

selfAnnounce > probeName  

The name of the probe to create on the Gateway. This name must not already be in use in the Gateway configuration, or be used by other . Additionally, names of the form <gateway_name>:Info are reserved for Gateway self monitoring.

The probe name can be composed of any number of data elements containing raw text and special macro elements that resolve to installation-specific strings, such as hostname. This allows a single Setup File to be used for Self-Announcing Netprobes on many different servers.

The following macro elements are supported:

  • hostname — the server host name. Dots in the hostname are replaced with underscores. For example, if the hostname is server.name.com, then it becomes server_name_com.
  • probeHostname — the server host name. Unlike the hostname macro, this macro retains the original format of the hostname and does not replace the dots.
  • port — the Netprobe listen port.

To create a probe name in the format hostname port, where the correct values are automatically inserted for host name and port, the following should be specified in the XML: 

<probeName><hostname/><data>_</data><port/></probeName>

Mandatory: Yes
selfAnnounce > probeName > data > hostname

Host name element of probe name.

Mandatory: No
selfAnnounce > probeName > data > port

Netprobe's listen port element of probe name.

Mandatory: No
selfAnnounce > restApiHttpPort  

Insecure port where content is ingested by the REST API plug-in. This port is used by all REST API samplers running on the probe.

By default, the REST API plug-in listens only on this port. If you create a REST API sampler without configuring any listening port, then this default behaviour applies.

If you configure both insecure and secure ports, then the REST API sampler listens on both ports concurrently.

Caution: If you set the same value for both HTTP and HTTPS ports, then the Netprobe only starts the REST API HTTPS server. If the SSL certificate or key is invalid for the server, then the Netprobe does not start the HTTP server.

Note: Updating the port causes all REST API samplers on the probe to reload.

If you do not configure this setting, but there exists a REST API sampler under the type specified in selfAnnounce > managedEntities > managedEntity > types, then the Self Announcing Netprobe starts a REST API HTTP server with the default port 7136.

Mandatory: No

Default: 7136
selfAnnounce > restApiHttpsPort  

Secure port where content is ingested by the REST API plug-in. This port is used by all REST API samplers running on the probe.

This setting requires an SSL certificate and SSL certificate key.

If you configure this port without configuring the insecure port, then the REST API sampler listens only on the secure port.

If you configure both insecure and secure ports, then the REST API sampler listens on both ports concurrently.

Caution: If you set the same value for both HTTP and HTTPS ports, then the Netprobe only starts the REST API HTTPS server. If the SSL certificate or key is invalid for the server, then the Netprobe does not start the HTTP server.

When you use HTTPS for the REST API plug-in, follow these guidelines:

  • The common name must be the REST API server host name associated with the SSL certificate.
  • As a best practice, use the same certificate authority (CA) as is used for other Netprobe certificates.
  • The certificate created is used by the REST API plug-in as well as the Netprobe to communicate with the . The Netprobe only uses the certificate if it is in secure mode.

Note: Updating the port causes all REST API samplers on the probe to reload.

Note: If this option is set, then the REST API plug-in uses the SSL certificate and SSL certificate key as specified in the -ssl-certificate and -ssl-certificate-key command-line parameters, respectively. For more information, see Netprobe Command-line Options.

If you do not configure this setting, but there exists a REST API sampler under the type specified in selfAnnounce > managedEntities > managedEntity > types, then the Self Announcing Netprobe starts a REST API HTTP server with the default port 7136.

Mandatory: No
selfAnnounce > dynamicEntities  

List of Dynamic Entities options.

You can start the Collection Agent by adding the following configuration in the selfAnnounce settings in the Netprobe setup file:

 <dynamicEntities>
 	<collectionAgentParameters>CollectionAgentParams</collectionAgentParameters>
 	<mappingType>DynamicEntitiesMapping</mappingType>
 </dynamicEntities>

Mandatory: No
selfAnnounce > dynamicEntities > collectionAgentParameters

Specifies the parameters used to connect to a Collection Agent. The value of this parameter should be the same as the name of the configured Collection Agent parameters setting in the Gateway Setup Editor.

Note: Beginning Geneos 6.0.0, the Collection Agent parameters are now configured under the Dynamic Entities section. For more information, see Collection Agent parameters in Dynamic Entities.

Mandatory: No
selfAnnounce > dynamicEntities > mappingType

Specifies the mapping type used to generate Dynamic Managed Entities for this probe. The value of this parameter should be the same as the name of the configured Mapping type setting in the Gateway Setup Editor

A Self-Announcing Netprobe version 5.1.2 or later, that is configured with a Dynamic Entities Mapping type, will not connect to a Gateway version 5.0.x or earlier. A failed connection will be recorded in the Netprobe log, with a warning that the Gateway version is too old.

For more information, see Mapping type in Dynamic Entities.

Mandatory: No
selfAnnounce > managedEntities  

List of managedEntity sections.

You can have multiple Managed Entities on the setup file.
selfAnnounce > managedEntities > managedEntity

Specifies the configuration details for the Managed Entity to be created on the Gateway.

Mandatory: This field is only mandatory if the dynamicEntities section is not configured. If the dynamicEntities section is configured, then this section is optional.

selfAnnounce > managedEntities > managedEntity > name

The name of the Managed Entity to create on the Gateway. This name must not already be in use in the Gateway configuration or be used for other Self-Announcing Netprobes. The Managed Entity name is case sensitive.

The name of the Managed Entity can be composed of any number of data elements containing raw text and special macro elements that resolve to installation-specific strings, such as hostname. This allows a single Setup File to be used for Self-Announcing Netprobes on many different servers.

The following macro elements are supported:

  • hostname — the server host name. Dots in the hostname are replaced with underscores. For example, if the hostname is server.name.com, then it becomes server_name_com.
  • probeHostname — the server host name. Unlike the hostname macro, this macro retains the original format of the hostname and does not replace the dots.
  • port — the Netprobe listen port.

Mandatory: This field is only mandatory if the dynamicEntities section is not configured. If the dynamicEntities section is configured, then this section is optional.

selfAnnounce > managedEntities > managedEntity > attributes

A list of user defined attributes that will be applied to the created Managed Entity. Managed Entities can contain any number of attributes. Each attribute is specified as a name-value pair containing a textual value. These attributes can then be used for searching and sorting in ActiveConsole.

A special GeneosDisplayName attribute is used to identify entities in the Active Console state tree and everywhere the display name is used. However, the name and path of each entity is unchanged. For more information, see Managed Entity Configuration in Managed Entities and Managed Entity Groups.

Mandatory: No
selfAnnounce > managedEntities > managedEntity > variables

A list of user defined variables that will be set on the created Managed Entity. Managed Entities can contain any number of variables. The variables section is not parsed by the probe, it is passed to the Gateway to be checked. Variables setting can be copied from XML Section of Gateway > ManagedEntity > Advanced tab > Var inGateway Setup Editor, or from Gateway setup file.

Variables may be ignored by the Gateway. For more information, see Managed Entity variables in Rejection reasons.

Mandatory: No
selfAnnounce > managedEntities > managedEntity > types

A list of referenced types that will be applied to the created Managed Entity. These types refer to the named types in the Gateway configuration. These types (and the associated samplers) will be loaded into the created Managed Entity when the Netprobe connects to a Gateway. Duplicate types will be ignored.

Mandatory: No
selfAnnounce > gateways  

A list of candidate Gateways that the Netprobesattempts to connect to. The order of the list determines which Gateway the Netprobe connects to if there is a tie.

For more information, see Load balancing in Self Announcing Netprobes.

Mandatory: Yes, at least one Gateway
selfAnnounce > gateways gateway > hostname

The hostname of a candidate Gateway, to which the Netprobe will connect.

Mandatory: Yes
selfAnnounce > gateways gateway > port

The listen port of a candidate Gateway to which the Netprobe will connect.

Default: 7039

Mandatory: No
selfAnnounce > gateways gateway > secure

Flag to indicate if the probe should use a secure or an insecure protocol when connecting to the Gateway.

Mandatory: No
Default: False
selfAnnounce > encodedPassword  

A password encoded using the Unix crypt command-line utility, which is then requested when you attempt to execute a Netprobe command.

When defined, this setting takes precedence over passwords defined through environment variables. For more information, see Types of password offered by the Gateway and how to generate them in Secure Passwords.
selfAnnounce > cyberArkApplicationID  

Name used to identify the CyberArk permissions for the Self-Announcing Netprobe. This determines which passwords can be requested, and must be configured in the CyberArk web interface.

This setting is used for the CyberArk Local Credential Provider. If not defined, then the value defaults to ITRS-Geneos.
selfAnnounce > cyberArkSdkPath  

Path to the Application Password SDK installed on the Netprobe host. The path must be fully specified and cannot embed any references to environment variables.

This setting is used for the CyberArk Local Credential Provider. If not defined, then the value defaults to the following:

  • %ProgramFiles(x86)%\CyberArk\ApplicationPasswordSdk\clipasswordsdk for Windows.
  • /opt/CARKaim/sdk/clipasswordsdk for Linux and other platforms.
selfAnnounce > userAssignmentAndSnoozeFilenamePrefix  

Specifies the prefix that will be used in the filenames for user assignment and snooze files created by Netprobe.

If specified, the format of the files will be <userAssignmentAndSnoozeFilenamePrefix>.user_assignment and <userAssignmentAndSnoozeFilenamePrefix>.snooze.

If not specified, the format of the files will be <probename>.user_assignment and <probename>.snooze, where <probename> is the name of the Self-Announcing Netprobe configured in the Netprobe setup file.

Mandatory: No

OS environment variables Copied

Beginning Geneos 5.3.x, the Netprobe setup file supports using macros to access environment variables available to the host platform.

The syntax for the new macro is [[$env:VARIABLE_NAME]].

The Netprobe evaluates environment variables only once during its lifecycle. That is, during a Netprobe process startup and restart.

If an environment variable cannot be determined, then the macro remains unresolved.

Environment variables abide by OS-specific rules, precedence, and profiles.

Linux environment variables Copied

On Linux, you can use any available environment variables. For example, if the value of $SHELL in the Linux environment is /bin/bash, then [[$env:SHELL]] resolves to /bin/bash in the Netprobe setup file.

Linux variables are case-sensitive.

Windows environment variables Copied

On Windows, you can use any user environment variable defined under Environment Variables in System Properties.

Windows environment variables are case-insensitive.

If the Netprobe is run as a Windows service, then it evaluates the environment variable macros using the environment values defined at startup.

Connection rules Copied

Reasons for rejection Copied

Gateways may refuse to accept a Self-Announcing Netprobe for a few reasons. For more information, see Rejection reasons.

Configuration conflicts Copied

The Self-Announcing Netprobe may encounter conflicts between its setup file and the Gateway setup file. For more information, see Configuration conflicts.

Disconnection behaviour Copied

The Netprobe follows a set of rules when connecting to the Gateway. For more information, see Disconnect behaviours.

Hot standby Gateways Copied

Where hot standby Gateway pairs are used, both should be specified in the Netprobe setup file. A non-active Gateway will refuse to accept the Netprobe, so there is no risk of the Netprobe choosing a secondary Gateway while the primary is still up.

For more information on Gateway hot standby behaviour, see Hot Standby.

["Geneos"] ["Geneos > Netprobe"] ["User Guide"]

Was this topic helpful?