Endpoint Web Server
One of the interesting new features of Tivoli Management Framework 4.1 is the ability to post an endpoint's status to a Web server. This feature, when enabled, posts endpoint status change information on boot up or after any state change occurs. This allows for some interesting possibilities. For example it is now possible, with some simple customization, to log changes to a logfile, post changes to a graphical Web viewer or even, as part 2 of this tip shows, send events to the TEC once an endpoint's status changes.As this is a large subject I have broken this tip is into 2 parts. The first part describes the usage and setup of generic web posting and the second section shows specifically how this can be integrated with the IBM Tivoli Enterprise Console so that events can be sent on significant endpoint status changes. In addition part 2 will supply a CGI script that will post TEC events.
Web Servers
Before starting you will need to install a Web server such as Apache or Microsoft IIS. Do not attempt to use Spider as this uses redirection (i.e. you are redirected from one site to another automatically) which does not work with web posting.
Enabling Web Reporting
There are 2 new endpoint parameters in 4.1 that configure web posting:
web_post_interval
Specifies the interval, in seconds, at which an endpoint posts event and state change information to a Web server. Information is sent only if an event or state change occurs within this interval. The minimum value is 300 seconds (five minutes). The maximum value is 86,400 seconds (one day). The default value is zero which disables Web posting.
web_post_url
Specifies the URL to which an endpoint posts event and state change information.
For example:
http://web_server_name:port/relative_path_to_cgi_script/script_nameYou only need the port number if you are NOT using the default port of 80.
Configuration on the Endpoint
These can be set in 2 ways:
1. Use the wep command. On next restart new parameters will be used by LCFD.
e.g.
wep france set_config web_post_interval=900
wep france set_config
web_post_url=http://europe/scripts/epwebpost_handler.pl
wadminep france reexec_lcfd2. Edit the %LCF_DATDIR%\last.cfg file on the endpoint and add or change parameters web_post_interval and web_post_url. Restart the endpoint.
By default this feature is disabled.
The CGI script
After web posting has been enabled, the endpoint will post its status information as standard input to the script you have selected. The format used is a single line of variable=info pairs separated by ampersands (&):
For example:
time_stamp=2004 09 14 17:02:58 &last_restart=2004 09 14
16:57:58 &up_time=0 days,00:05:00h:m:s &run_state=Running &interp=w32-x86 &lcfd_version=41100 &machine_unique_id=D25F6Y7H1GD7TLSC45FT0000052B &machine_name=belgium&hostname=belgium &local_ip_interface=0.0.0.0&lcfd_port=10006 &lcfd_preferred_port=10006 &lcfd_alternate_port=9496 &gateway_ip_addr=192.168.100.2%2B9494 &gateway_port=9494 &login_interfaces=192.168.100.2%2B9494:192.168.100.3%2B9494:192.168.100.4%2B9494 &events=10To process this line of data you will need to create a simple CGI script. IBM supplies a sample script on the second Tivoli Framework CD in the /LCF/WEBPOST directory. This is a fairly simple Perl script named epwebpost_handler.pl that processes this input and writes it to a log file named epwebpost.log. However be aware that even in the version I looked at there was a problem in that it passes the incorrect data. To correct this change the header from Content-type: text/plain to Content-Type: text/html.
The script could be used for any purpose e.g. loading endpoint post data into a database or sending TEC events.
Detailed Data Posted
The endpoint posts the following information to the Web server:
Variable Description time_stamp The time when the packet of endpoint status information is sent to the Web server. last_restart The time, in hh:mm:ss format, that the endpoint was last started. up_time The time, in days, hh:mm:ss format, that the endpoint has been running. run_state running, standby, or shutdown. interp The interpreter type of the endpoint. lcfd_version The revision level of the endpoint machine_unique_id The unique identifier for the installed endpoint. machine_name The endpoint label. hostname The hostname for the endpoint. local_ip_interface The IP address configured for the endpoint to bind by the local_ip_interface parameter in the last.cfg configuration file. If no configuration is performed, the value is 0.0.0.0 (ANY_ADR). lcfd_port The current bound listening port for the endpoint. This value might be different from the preferred and alternate port fields. lcfd_preferred_port Specifies the preferred port for the endpoint. lcfd_alternate_port Specifies the alternate port for the endpoint. gateway_ip_addr The gateway IP address that the endpoint is currently logged in to. gateway_port The current configured gateway port number. login_interfaces The list of gateway IP addresses that are available for the endpoint to contact during login operations. events A colon separated list of events or state changes that have occurred during the monitoring interval configured by the web_post_interval parameter
Event Codes
There are currently 24 state changes that can be sent numbered from 01 to 60. The event codes are generated either by state transitions (login, logout, etc.) or error since the last web post.
These event codes are displayed in the table below:
Event Codes Description 01 STATECHANGE: LCFD process on this system has been SHUTDOWN 02 STATECHANGE: LCFD process on this system entered STANDBY mode. 03 STATECHANGE: LCFD process on this system has RESUMED operation. 04 STATECHANGE: LCFD successfully started its IPC server. 05 STATECHANGE: LCFD shut down its IPC server. 06 STATECHANGE: LCFD detected a change in the local network configuration. 10 LOGIN: LCFD has successfully login to a gateway and is running OK. 11 LOGIN: LCFD login to gateway attempt failed. The gateway is unreachable, or down. 12 LOGIN: LCFD is migrating to a new gateway as the result of a migration 13 LOGIN: LCFD has been redirected to another TMR. 20 UPCALL: LCFD upcall to gateway failed because the gateway is unreachable or down. 21 UPCALL: Warning, method execution was performed without a valid user ID 30 RUNIMPL: Method failed because the LCFD was unable to find or run the method implementation. 31 RUNIMPL: Method failed to complete because the method threw an exception before execution could complete. 40 RUNTASK: No appropriate executable is defined for this INTERP. 41 RUNTASK: Failed to create task file on endpoint. 42 RUNTASK: Failed to set required permission on temporary file. 43 RUNTASK: Error configuring required I/O streams. 44 RUNTASK: Failed to get user token for task. 45 RUNTASK: Failed to execute task. 50 TAPCALL: Tivoli Authentication Package initialization failed. 51 TAPCALL: Failed to initialize Tivoli Authentication Package token pool. 52 TAPCALL: Tivoli Authentication Package token cache has expired. 53 TAPCALL: Tivoli Authentication Package Account Name lookup failed. 60 HMAC: Endpoint received data that could not be decrypted. The following example shows sample data contained.
Part 2 of the tip will appear in the following weeks.