The latest preview build has entered the Fast Ring and is being pushed out.  All the details on this release can be found on the Windows Blog

Hacked my way through getting Observium to pick up the nfsen RRD so that I see the Netflow tab in the device in Observium.

2016-06-16_153005

Here’s what I did…

Install Prerequisite Software

apt-get install gcc flex librrd-dev make librrdp-perl librrds-perl libsocket6-perl libmailtools-perl mrtg rrdtool

Install nfdump

Download nfdump from SourceForge: https://sourceforge.net/projects/nfdump/files/stable/nfdump-1.6.13/

tar zxvf nfdump-1.6.13.tgz
cd nfdump-1.6.13/
./configure --enable-nfprofile --enable-nftrack
make && make install

Install nfsen

Download nfsen from SourceForge: https://sourceforge.net/projects/nfsen/files/stable/nfsen-1.3.7/

tar zxvf nfsen-1.3.7.tgz
cd nfsen-1.3.7
cp etc/nfsen.conf.dist etc/nfsen.conf

Make configuration changes to nfsen

Modify etc/nfsen.conf

$USER = www-data;

$WWWUSER = www-data;

$WWWGROUP = www-data;

%sources = (

'routername' => { 'port' => '9996', 'col' => '#0000ff', 'type' => 'netflow', 'IP' => '1.2.3.4' },

);

$MAIL_FROM = 'me@domain.com';

$SMTP_SERVER = 'mail.domain.com';

Save the file and then make a directory where nfsen will store data.

mkdir -p /var/nfsen
./install.pl etc/nfsen.conf

Start nfsen

cd /var/nfsen/bin
./nfsen start

Configure to start nfsen automatically at reboot.

ln -s /var/nfsen/bin/nfsen /etc/init.d/nfsen
update-rc.d nfsen defaults 20

Configure Apache2

Configure Apache2 so we can access nfsen while still using observium.

Make a directory to store nfsen HTML files

mkdir -p /var/www/html/nfsen

Edit /etc/apache2/conf-enabled/observium.conf and add the following line before the closing </VirtualHost>.

Alias /nfsen /var/www/html/nfsen

Restart Apache2

service apache2 restart

At this point you should be able to access http://yourip/nfsen/nfsen.php

Cannot create graph

If you see that error, check permissions of /var/nfsen and make sure it is accessible by www-data specified in /var/nfsen/etc/nfsen.conf.

Observium Configuration

Note: The %source in /var/nfsen/etc/nfsen.config must match the host you are using in Observium and it is case sensitive.

So I had a hard time with Observium configuration and decided to just hack it up.

I have Observium installed in /opt/observium, so substitute accordingly.

Add the following to /opt/observium/config.php.

$config['nfsen_enable'] = 1;
$config['nfsen_rrds'] = /var/nfsen/profiles-stat/live/;
$config['nfsen_split_char'] = ;
$config['nfsen_suffix'] = ;

Enjoy your graphs.

2016-06-16_155352

Please See: https://www.howtoforge.com/community/threads/lets-encrypt-working-with-ispconfig-interface-postfix-dovecot-tls-pure-ftpd-monit.75546/

ARCHIVED

I successfully configured Dovecot and Postfix to use my LetsEncrypt SSL certificate for my mail domain.

Generate SSL Certificate

When I installed ISPConfig 3.1b, I followed instructions on setting up LetsEncrypt which placed it in /opt/letsencrypt; If you have LetsEncrypt installed elsewhere, substitute the path below with the correct path.

I run in standalone mode so I need to stop Apache2.

service apache2 stop

Create the certificate.

Update: 12/2016 Install the certbot tool following this guide for Debian Jessie 8:  https://certbot.eff.org/all-instructions/#debian-8-jessie-apache

certbot certonly --standalone -d mail.techish.net

The certificate now lives in /etc/letsencrypt/live/mail.techish.net/

Configure Dovecot

I modified /etc/dovecot/conf.d/10-ssl.conf and added the following lines:

ssl = yes
ssl_cert = </etc/letsencrypt/live/mail.techish.net/fullchain.pem
ssl_key = </etc/letsencrypt/live/mail.techish.net/privkey.pem

Then I restarted Dovecot

service dovecot restart

That didn’t seem to work;  it was still publishing an invalid certificate, so I had a look around at more configuration files.

I then modified /etc/dovecot/dovecot.conf file.  In this file I saw the ssl_cert and ssl_key variables and I also noted the protocols. The bolded items are what I changed/added.

protocols = imap pop3 imaps pop3s
auth_mechanisms = plain login
disable_plaintext_auth = no
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_privileged_group = vmail
#ssl_cert = </etc/postfix/smtpd.cert
#ssl_key = </etc/postfix/smtpd.key
ssl_cert = </etc/letsencrypt/live/mail.techish.net/fullchain.pem
ssl_key = </etc/letsencrypt/live/mail.techish.net/privkey.pem

I then restarted Dovecot

service dovecot restart

Configure Postfix

I looked at /etc/postfix/main.cf and noted that the cert was pointed to /etc/postfix/ directory. I decided to backup the certs that existed and then create a symlink.

smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key

Backup and create symlinks.

cd /etc/postfix
mkdir ssl-backup
mv smtpd.* ssl-backup/
ln -s /etc/letsencrypt/live/mail.techish.net/fullchain.pem smtpd.cert
ln -s /etc/letsencrypt/live/mail.techish.net/privkey.pem smtpd.key

Restart Postfix

service postfix restart

Furthering my build-out for a monitoring solution which includes Observium as the primary SNMP polling system, I am writing an application to handle SNMP traps from my Windows servers.

Most of my servers are Windows 2008 R2 or Windows 2012 R2. With that being said, I can use evntwin.exe on the servers to setup traps for specific event logs on my Windows servers and send them to my trap receiver to further classify and alert/notify.

There are a few steps involved in the overall process here.

Create a Custom Event Log Source

Before I can translate a specific event log entry, I create an event log source DevTrap and use an Event ID of 1000.  This is optional, as you’ll see in the next step you can dig right in and start filtering traps from any existing Event Log sources.

C:>eventcreate /T success /id 1000 /l application /d Test event to be trapped. /so DevTrap

2016-06-14_123757

Translate Events to Traps

Using evntwin.exe, I click on Custom and then Edit >>

2016-06-14_124208

From here, I can navigate the event log tree in the left pane and find my DevTrap source in the Application log.

2016-06-14_124334

Double clicking on the row will give me some properties for the event and allow me to modify when to generate the trap based on number of events within a specific time period.  I left this as default since I’ll be testing manually and this won’t generate hundreds of traps.

2016-06-14_124452

Now the event is listed in the Events to be translated to traps box.  I need to Apply and then Export the trap translations.  If I wanted to add more, I could simply keep going before clicking Apply and Export.

2016-06-14_124506

When the Export dialog box opens, it wants to know where to save the configuration for the translations.  Choose a location that makes sense.  After saving, you can close evntwin.exe program.

2016-06-14_124825

A Look at events.cnf

So the events.cnf file was exported in the previous step.  This file contains commands that will be used with evntcmd.exe to actually process and do something with the translations.  Here is what my file contains thus far.

2016-06-14_124937

The format of the #pragma add line is:

#pragma add <LogName> <SourceName> <EventID> <EventCount> <TimeInterval>

I need to add a trap destination and community to this file:

#pragma ADD_TRAP_DEST public 10.147.204.88

I add the line and save my changes and the file looks as follows.

2016-06-14_125836

Here is a useful table if you want to build the file manually and include the trap destination.  Find more information on the use of evntcmd.exe at Microsoft’s TechNet article.

ADD specifies that you want to add an event to trap configuration.
DELETE specifies that you want to remove an event to trap configuration
DELETE_TRAP_DEST specifies that you do not want trap messages to be sent to a specified host within a community
ADD_TRAP_DEST specifies that you want trap messages to be sent to a specified host within a community.
CommunityName specifies, by name, the community in which trap messages are sent.
HostID specifies, by name or IP address, the host to which you want trap messages to be sent
EventLogFile specifies the file in which the event is recorded
EventSource specifies the application that generates the event.
EventID specifies the unique number that identifies each event

Using evntcmd.exe

Now that I have the configuration file as needed, I use evntcmd.exe to configure the trap translations and trap destinations.  Run the command from an elevated command prompt.

evntcmd.exe events.cf

Here is what the output looks like after running the command.

2016-06-14_130149

At this point, any event logged in Application as source of DevTrap with ID of 1000 will send a trap to my manager on 10.147.204.88.  I can test this by generating an event and monitoring my trap manager server to make sure I see it come across.

C:>eventcreate /T success /id 1000 /l application /d Test event to be trapped. /so DevTrap

2016-06-10_092724

Extending the Office 2016 trial is slightly different than the Office 2013/Office365.

An expired trial window pops up when you launch an Office 2016 application:

If you just close the window, you’ll see the following notification window in the Office application:

2016-06-10_092738

Steps to Extend Trial

  1. Navigate to the Office Installation Folder
    1. For 32bit Office installations, navigate to: C:Program Files (x86)Microsoft OfficeOffice16
    2. For 64bit Office installations, navigate to:  C:Program FilesMicrosoft OfficeOffice16
  2. Inside this folder, right-click on OSPPREARM.exe and click Run as Administrator.

 

2016-06-10_093055

Once OSPPREARM is finished, start your office application.  You will be prompted to activate the trial again.  Follow the on-screen instructions.

2016-06-10_093151

2016-06-10_093155

2016-06-10_093201

s
search
c
compose new post
r
reply
e
edit
t
go to top
j
go to the next post or comment
k
go to the previous post or comment
o
toggle comment visibility
esc
cancel edit post or comment