BigPanda Agent
Configure the BigPanda agent to send monitoring alerts from a non-standard tool.
The BigPanda agent is a low-footprint utility installed on the master host of your monitoring tool. It consumes alerts from the tool in real-time and then transmits them to BigPanda via TLS-encrypted HTTP calls.
The utility is installed on the main server where the monitoring data can be accessed. The agent can then be configured to capture the necessary data from its respective location and push it to BigPanda for normalization into a BigPanda Alert. Native configuration commands exist for some popular monitoring systems like Nagios, Zenoss, and Zabbix.
You can install the BigPanda agent on any of the following OS versions:
OS | Version(s) |
---|---|
RHEL | 7 and 8 |
CentOS | 7 and Stream |
Debian | 9 (Stretch), 10 (Buster), and 11 (Bullseye) |
Ubuntu | 16.04 (Xenial), 18.04 (Bionic), 20.04 (Focal), and 22.04 (Jammy) |
Python requirement
To use the Open Integration Manager for Agent-based integrations, Python version >= 3.8.0 and an Agent version >= 10.2 are required.
Key Features
- Sends monitoring data from on-prem solutions to the BigPanda Console
- Works with multiple integrations
- Built-in alert throttling
- Configurable event logging
Available Configuration Options
The generic BigPanda agent is available for configuration on the below systems:
Integrations that Require the BigPanda Agent
The following integrations leverage the BigPanda Agent:
See the specific integration instructions for details on installation and configuration.
Throttling
To help balance alert load on the BigPanda servers, the agent has a built-in throttling mechanism.
Configured globally, throttling is performed on a per-Agent plugin level. This means that if your BigPanda Agent has plugins configured for both Nagios and Raw Alerts, each plugin will be separately throttled.
Property | Type | Description / Default |
---|---|---|
throttle_count | integer | (Default: 2000) This is the maximum number of alerts to send out per plugin per throttle_interval |
throttle_interval | integer | (in seconds -• Default: 60) This interval resets the throttle_count once its value elapses.E.G. If 3000 alerts are passed in the first 10 seconds, there will be a pause for the remaining 50 seconds for that plugin. |
To override these settings, add these two properties to the backend
property object in /etc/bigpanda/bigpanda.conf
. Be sure to restart the agent.
{
"root": {
"agent_id": "0000000-4444-333-222-11111111",
"version": "5.11.0",
"plugins": [
],
"data_encoding": "utf-8",
"backend": {
"verify_certificate": true,
"address": "https://api.bigpanda.io",
"timeout": 30,
"api_token": "12345678901234567890",
"throttle_count": 4000,
"throttle_interval": 80
}
}
}
Logging
The BigPanda Agent is designed to log events into a file for visibility. This logging has default configurations that can be updated to the desired specifications.
The agent provides the option to
- Configure logging options through a single file
- Change the level of logging the agent performs
- Change the destination of the logs
To learn more about configuring log files in the BigPanda Agent, see the Configure the BigPanda Agent Log documentation.
The BigPanda Agent Raw Alerts Plugin
The Raw Alerts plugin works similarly to the REST API integration. Alert JSON files are generated by a source and queued up in a directory to be consumed by the plugin.
Use the Plugin
This plugin is used in conjunction with specific source systems (like our SNMPD agent). It can also be initialized and used with any other source.
- Go to the BigPanda console in the Integrations tab.
- Select the REST API Integration. Name the Integration and generate an App Key.
- Run the following command in the command line:
$ sudo bigpanda-config --add rawalertstransfer --app-key <GENERATED APP KEY>
Test the Plugin
To test the new plugin, you can add a JSON file to the following directory. /var/lib/bigpanda/queue/
Follow the guidelines to a valid alert payload when writing to the directory. Payload property options can be found in the Alerts API.
Multiple App Key Support
By default, the plugin will use the app_key
provided during plugin initialization.
It is possible to override this app_key
to use a different integration's key by including the app_key
in the JSON file, as presented in the example below.
{
"app_key": "48275f111111111111cafdca981",
"status": "critical",
"host": "host_test",
"category": "testing",
"description": "This is an example"
}
Next Steps
Learn how to Install the BigPanda Agent for RedHat or Centos, Debian or Ubuntu, or Docker.
Learn how to Configure the BigPanda Agent Log
Learn how to Integrate with BigPanda
Updated about 24 hours ago