BigPanda

BigPanda Agent

On-premise tools are integrated by using the BigPanda agent. The agent is a low-footprint daemon installed on the master host of your monitoring tool. It consumes alerts from the tool in real time, and then transmits them to BigPanda via SSL-encrypted HTTP calls.

You can install the BigPanda agent on any of the following OS versions:

  • RHEL—5, 6, and 7
  • CentOS—5, 6, and 7
  • Debian—7.3
  • Ubuntu—12.04 (Precise), 12.10 (Quantal), 13.04 (Raring), 13.10 (Saucy), 14.04 (Trusty), 15.04 (Vivid), and 16.04 (Xenial)

BigPanda Agent Behind a Proxy Server

You can configure the BigPanda agent to work behind a proxy server.

Prerequisites

Install the BigPanda agent on your server by following the installation instructions for the integration.

Procedure

  1. Use ssh to connect to the server where the agent is installed.
  2. Open /etc/bigpanda/bigpanda.conf in a text editor. For example, sudo vim /etc/bigpanda/bigpanda.conf.
  3. Add the proxy configuration under the backend section of the configuration JSON. 
{
  "root": {
    "backend": {
       "proxies": {
         "http": "http://10.10.1.10:3128",
         "https": "http://10.10.1.10:1080"
       }
    }
  }
}

The proxy configuration semantics are based on the semantics of the Python Requests library.

  1. Save the configuration file and restart the agent.

BigPanda Agent Raw Alerts Plugin

This plugin works similar to the REST API integration. Alert JSON files are generated by a source and queued up in a directory for this plugin to consume them.

Using the Plugin

This plugin is used in conjunction with certain source systems like our SNMPD agent. It can also be initialized and used with any other source.

  1. Go to the BigPanda console in the Integrations tab.
  2. Select the REST API Integration. Name this Integration and generate an App Key
  3. Run the following command in the command line.
    $ sudo bigpanda-config --add rawalertstransfer --app-key **<GENERATED APP KEY>**

Testing the plugin

To test this new plugin you can add a json file to the following directory. /var/lib/bigpanda/queue/

Please note: Follow the guidelines to a valid alert payload when writing to the directory. Payload property options can be found in the Alerts API here

Multiple App Key Support

By default, the plugin will use the app_key provided during plugin initialization.
 
It is possible to override this app_key to use a different integration's key simply by including the app_key in the JSON file as seen in the example below.

{
  "app_key": "48275f111111111111cafdca981",
  "status": "critical",
  "host": "host_test",
  "category": "testing",
  "description": "This is an example"
}

Throttling

To help balance alert load on the BigPanda servers, the agent has a built-in throttling mechanism.
 
Configured globally, throttling is performed on a per Agent plugin level. This means that if your BigPanda Agent has plugins configured for both Nagios and Raw Alerts, each plugin will be separately throttled.

Property
Type
Description / Default

throttle_count

integer

(Default: 2000) This is the maximum number of alerts to send out per plugin per throttle_interval

throttle_interval

integer

(in seconds -- Default: 60) This interval resets the throttle_count once its value elapses.

E.G. If 3000 alerts are passed in the first 10 seconds, there will be a pause for the remaining 50 seconds for that plugin.

To override these settings, add these two properties to the backend property object in /etc/bigpanda/bigpanda.conf (be sure to restart the agent!):

{
  "root": {
    "agent_id": "0000000-4444-333-222-11111111",
    "version": "5.11.0",
    "plugins": [
			
    ],
    "data_encoding": "utf-8",
    "backend": {
      "verify_certificate": true,
      "address": "https://api.bigpanda.io",
      "timeout": 30,
      "api_token": "12345678901234567890",
      "throttle_count": "4000",
      "throttle_interval": "80"
    }
  }
}

Agent Logs

You can configure logging options for the BigPanda agent, including the level of logging and the log file handling. Log files can be helpful when debugging an integration.

Prerequisites

  • Ensure your BigPanda agent is upgraded to version 3.5.0+. You can check the version in the agent configuration file: /etc/bigpanda/bigpanda.conf. If your version is older than the required version, upgrade to the latest version of the BigPanda agent.

  • Open the logging configuration file in edit mode: /etc/bigpanda/logging.conf.

Changing the Level of Logging

  1. Locate the logger_root section of the configuration file.
  2. Change level of the root logger to the level that suits your needs.
    Enter one of the following options for the severity of events to include in the logs. The default level is INFO.
    • DEBUG—Detailed information. Consider this level when you are actively diagnosing problems.
    • INFO—Confirmation that things are working as expected.
    • WARNING—Indication that something unexpected happened or indicative of some problem in the near future (for example, disk space low). The software is still working as expected.
    • ERROR—Indication that, due to a more serious problem, the software has not been able to perform some function.
    • CRITICAL—Serious errors, indicating that the program itself may be unable to continue running.

Changing the Log File Handling

You can change the location where the logs are saved, the file size, and the number of log files in rotation.

  1. Locate the handler_rootHandler section of the configuration file.
  2. Change the parameters of args to the desired settings for handling the BigPanda agent log files.

First Parameter

Make sure that the bigpanda user has read and write access to the new location.

Args Parameter
Description
Default Value

First Parameter

Location where the log files are saved.

/var/log/bigpanda/agent.log

Third Parameter

Size of each log file. You may need to increase the file size when troubleshooting a problem with BigPanda support.

1024*1024*10

Fourth Parameter

Number of log files in rotation. You may need to increase the number of files in rotation when troubleshooting a problem with BigPanda support.

3

First Parameter

Make sure that the Bigpanda user has read and write access to the new location.

`args=('/mylogfiles/agent.log','a',1024*1024*10*10,5)`

Incorrect syntax will cause an error when loading the logging configuration file. If this error occurs, the agent uses the default settings.

Post-Requisites

  • Restart The BigPanda agent by running one of the following commands.

    • For RHEL 5 and 7, CentOS 5 and 7, Debian, and Ubuntu:

    sudo service bigpanda restart

    • For RHEL 6 and CentOS 6:

    sudo initctl restart bigpanda

Changes to the logs will take effect only after the agent has been successfully restarted.

  • Check the log files for the agent. If the logging.conf file has successfully loaded and the log level is at least INFO, this line is printed to the logs: INFO Successfully configured logging from logging.conf

Upgrading the BigPanda Agent

You can upgrade the BigPanda Agent to access the features and fixes available in a newer version.

Prerequisites

  • Review the BigPanda Agent Release Notes.
  • Obtain access to the server where the BigPanda agent is installed.
  • Determine the OS on the server.

Procedure

  1. Stop the BigPanda agent by running one of the following commands.

    • For RHEL 5 and 7, CentOS 5 and 7, Debian, and Ubuntu:

    sudo service bigpanda stop

    • For RHEL 6 and CentOS 6:

    sudo initctl stop bigpanda

  2. Upgrade the agent by running one of the following commands.

    • For RHEL and CentOS:

    sudo yum install bigpanda-agent

    • For Debian and Ubuntu:

    sudo apt-get update

    sudo apt-get install bigpanda-agent

  3. Make sure that the BigPanda agent has started by running one of the following commands.

    • For RHEL 5 and 7, CentOS 5 and 7, Debian, and Ubuntu:

    sudo service bigpanda start

    • For RHEL 6 and CentOS 6:

    sudo initctl start bigpanda

  4. Verify that the agent version has been upgraded by running the following command.

    sudo grep version /etc/bigpanda/bigpanda.conf

Uninstalling the BigPanda Agent

To fully remove an agent-based integration, you must remove the BigPanda agent from the associated server.

Prerequisites

  • Obtain access to the server where the BigPanda agent is installed
  • Determine the OS on the server.

Uninstalling the Agent from RedHat Enterprise Linux (RHEL) and CentOS

  1. Connect to the server where you want to uninstall the BigPanda agent package. You must have root privileges.

  2. Run the following commands.

    • sudo yum remove bigpanda-agent

    • sudo rm /etc/yum.repos.d/bigpanda.repo

Uninstalling the Agent from Debian and Ubuntu

  1. Connect to the server where you want to uninstall the BigPanda agent package. You must have root privileges.

  2. Run the following commands:

    • sudo apt-get purge bigpanda-agent

    • sudo rm /etc/apt/sources.list.d/bigpanda.list

    • sudo apt-get update

Uninstalling The Agent Manually

Because this method does not remove the package from your package manager's database, the methods described above are recommended. Consider using this information to verify that the agent files are completely removed.

  1. Stop the BigPanda service by running the following command:

    • sudo service bigpanda stop

  2. Remove the BigPanda python module from the Python2.6 or Python2.7 library.
    This library is usually located in /usr/lib/pythonVERSION/site-packages/bigpanda or /usr/lib/pythonVERSION/dist-packages/bigpanda.

  3. Remove the following files:

    • /usr/bin/bigpanda-agent
    • /usr/bin/bigpanda-config
    • /etc/init/bigpanda.conf
    • /etc/init.d/bigpanda
    • /etc/rc*.d/*bigpanda
    • /etc/bigpanda
    • /var/log/bigpanda
    • /var/lib/bigpanda
    • /var/run/bigpanda

  4. Remove the BigPanda user and group by running the following commands:

    • sudo userdel -r bigpanda

    • sudo groupdel bigpanda