File: logfetch.1

package info (click to toggle)
xymon 4.3.30-5
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 11,384 kB
  • sloc: ansic: 69,137; sh: 3,601; makefile: 863; javascript: 452; perl: 48
file content (72 lines) | stat: -rw-r--r-- 2,969 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
 
.TH LOGFETCH 1 "Version 4.3.30:  4 Sep 2019" "Xymon"
.SH NAME
logfetch \- Xymon client data collector
.SH SYNOPSIS
.B "logfetch [options] CONFIGFILE STATUSFILE"

.SH DESCRIPTION
\fBlogfetch\fR is part of the Xymon client. It is responsible
for collecting data from logfiles, and other file-related data,
which is then sent to the Xymon server for analysis.

logfetch uses a configuration file, which is automatically
retrieved from the Xymon server. There is no configuration
done locally. The configuration file is usually stored in
the \fB$XYMONHOME/tmp/logfetch.cfg\fR file, but editing this file has
no effect since it is re-written with data from the Xymon 
server each time the client runs.

logfetch stores information about what parts of the monitored
logfiles have been processed already in the \fB$XYMONHOME/tmp/logfetch.status\fR 
file. This file is an internal file used by logfetch, and should
not be edited. If deleted, it will be re-created automatically.

.SH OPTIONS
.IP "\-\-debug[=stderr]"
Enables debug mode. Note that when run by the xymonclient, debug 
output may be written into the client data report, which can cause
false positives and other unintended side effects. Use '=stderr' to
cause the output to be written to stderr instead.

.IP "\-\-noexec"
The client-local.cfg(5) section for this host, class, or OS is
automatically retrieved from the server during client submission. 
Logfetch can be requested to execute arbitrary commands to generate
a list of log files to examine dynamically, but this can present a
security risk in some environments. Set this option to prevent
logfetch from executing requested commands


.SH SECURITY
logfetch needs read access to the logfiles it should monitor. If you 
configure monitoring of files or directories through the "file:"
and "dir:" entries in 
.I client\-local.cfg(5)
then logfetch will require at least read-access to the directory
where the file is located. If you request checksum calculation
for a file, then it must be readable by the Xymon client user.

Do \fBNOT\fR install logfetch as suid-root. There is no
way that logfetch can check whether the configuration file it uses
has been tampered with, so installing logfetch with suid-root
privileges could allow an attacker to read any file on the system
by using a hand-crafted configuration file. In fact, logfetch will
attempt to remove its own suid-root setup if it detects that it
has been installed suid-root.

.SH "ENVIRONMENT VARIABLES"
.IP DU
Command used to collect information about the size of directories.
By default, this is the command \fBdu \-k\fR. If the local
du-command on the client does not recognize the "\-k" option,
you should set the DU environment variable in the 
\fB$XYMONHOME/etc/xymonclient.cfg\fR file to a command that
does report directory sizes in kilobytes.

.SH FILES
.IP $XYMONHOME/tmp/logfetch.cfg
.IP $XYMONHOME/tmp/logfetch.status

.SH "SEE ALSO"
xymon(7), analysis.cfg(5), client-local.cfg(5)