Macenterprise.org

MacResource.org - Mac OS X enterprise deployment project

Contact Us

Main Menu

Scripts & Tools

All Scripts & Tools

Apple Remote Desktop

macosxlabs.org archives

Display News - Latest 1-3
Recent Articles Site Construction Underway Parallels Server Archived Webcast Posted MacEnterprise welcomes the formation of the Enterprise Desktop Alliance Centrify DirectControl Demo movie June 19th Webcast - Parallels Server for Mac

Next Webcast

10:00 - 11:30 am PST
1:00 - 2:30 pm EST
18:00 - 19:30 GMT

Webcast ID:

Passcode:

Reporting with Radmind 1.8.0

E-mail

Written by Patrick McNeal
Friday, 23 March 2007
Overview Version 1.8.0 of the Radmind tools introduced a major new reporting feature that allows administrators to better track the status of client machines. In addition to automatic reporting, a new repo tool has been added that can report arbitrary strings to a radmind server. Once deployed, radmind 1.8.0 provides an easy place to determine the overall state, usage and configuration of your machines. Since the 1.8.0 radmind server offers reporting as a capability, there are no roll out requirements. Once both the client and server are using version 1.8.0 or later of the tools, reporting will just happen. In order to support reporting, a new verb, REPO, was added to the Radmind Access Protocol ( RAP ). This verb takes two arguments, an event and a report message. The event is used to categorize the type of message and is limited to one word, while the message can be of any length. Automatic Reporting ktcheck makes four types of reports, all using the event "ktcheck." "Updates available" when a client's command files or transcripts are out of date, but have not been updated. "Updates retrieved" when a client's command file or transcripts are out of date, and they have been updated successfully. "No updates needed" when a client's command files and transcripts are correct. This does not mean that the filesystem is correct. You'll have to run fsdiff to verify that. "Error" when the client encounters an error while doing the update. This might be caused by an issue with permissions, disk space or the disk itself. lapply makes three types of reports, all using the event "lapply." "Changes applied successfully" when a client successfully applies all updates. "Error, changes made" when lapply makes some changes, but encounters an error preventing a complete update. "Error, no changes made" when lapply encounters an error, but no changes were made. Arbitrary Reporting repo, the general reporting tool, can be used to report any event and message. Administrators should be aware that this includes "ktcheck" and "lapply" events. To minimize the ability of a malicious user to make such erroneous report messages, one could configure their radmind server to use client certificates and make sure the certificates are only readable on the client by a privileged user. To log the message "System rebooting" as an event type "system" you would run: repo -e system "System rebooting" Server Log Format One the server, reports are logged via syslog to the default radmind log. They have the following format: report HOSTNAME IP CN - EVENT MESSAGE... First the string "report", followed by the client's hostname and IP address. If the client authenticates to the server with a certificate, its common name will be listed next. If the client does not present a certificate, a '-' will be listed. Next, a '-' is printed as a placeholder for a future field. Finally, the event and message are logged as reported by the client. This common format will allow administrators to quickly grep for a specific host, event or message to determine what's going on in their system, determine what hosts have not been updated or even what hosts have not checked in. More Information For more details on reporting, see the radmind.8 man page or contact the This e-mail address is being protected from spam bots, you need JavaScript enabled to view it mailing list.
Last Updated ( Sunday, 20 May 2007 )