Using the BigPanda Agent with a DMZ

You can set up the BigPanda agent to communicate with a monitoring server that is behind your corporate Demilitarized Zone (DMZ). First, configure the monitoring server to send alerts to a server in your DMZ. Then, set up SSH keys to allow the monitoring server to communicate with the DMZ server. Finally, configure the DMZ server to integrate with BigPanda. The following example demonstrates one method for implementing this setup on CentOS 7 using rynsc to transfer and synchronize files between the monitoring and the DMZ servers.

Prerequisites

  • Administrator access to both the monitoring and the DMZ servers.

  • Permissions to execute the rsync ssh commands, granted either through RSA keys or in the rsyncd.conf file.

  • Administrator access to BigPanda.

Configuring the Monitoring Server

  1. On the monitoring server, install the BigPanda agent by running the following command.

wget http://repos.bigpanda.io/config/bigpanda.repo -O /etc/yum.repos.d/bigpanda.repo

  1. Configure a scheduled task to run the following rsync command every minute.

rsync -a -e "ssh" --remove-source-files /var/lib/bigpanda/queue/ $DMZ_servername:/var/lib/bigpanda/queue

❗️

Be sure to replace $DMZ_servername with the network name of your DMZ server. The /var/lib/bigpanda/queue directory will be created when you install the BigPanda agent on the DMZ server.

You can use Windows Scheduled Task facility or a cron job. For example, follow these steps to create a cron job that runs as the root user.

  1. Open a crontab file by running the following command.

cron -u root -e

  1. Add the following line in the crontab file.

***** root /usr/bin/rsync -a -e "ssh" --remove-source-files /var/lib/bigpanda/queue/ $DMZ_servername:/var/lib/bigpanda/queue

❗️

Be sure to replace $DMZ_servername with the network name of your DMZ server.

Setting up SSH Keys

  1. On the monitoring server, generate a public SSH key with no password by running the following commands.

ssh-keygen -f ~/.ssh/id_rsa -q -P ""
cat ~/.ssh/id_rsa.pub

  1. Copy the key to your clipboard and log in to your DMZ server.

  2. If the SSH folder does not exist on the DMZ server, create it manually by running the following commands.

mkdir ~/.ssh
chmod 0700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 0644 ~/.ssh/authorized_keys

  1. In the ~/.ssh/authorized_keys file, add the SSH key that you copied in Step 2.

Configuring the DMZ Server

  1. On the DMZ server, install the BigPanda agent by running the following command.

wget http://repos.bigpanda.io/config/bigpanda.repo -O /etc/yum.repos.d/bigpanda.repo

  1. Install the appropriate BigPanda agent integration by following the on-screen instructions in BigPanda.

Recommended Reading