Wednesday, November 16, 2016

RSAT for Windows 10 Anniversary



This one's for all of the IT pros out there....

If you updated your Windows 10 workstation to the Anniversary update, you might notice that the RSAT tools are missing (again). Fortunately all you need to do is download and install the new version and reboot when prompted to do so. Here is the link:

https://www.microsoft.com/en-us/download/details.aspx?id=45520&751be11f-ede8-5a0c-058c-2ee190a24fa6=True

For x64 Windows the file is "WindowsTH-RSAT_WS2016-x64.msu" and is only 94mb large.

- Joe


Tuesday, September 6, 2016

Add All Online Account Plug-ins to Ubuntu 16.04 LTS

Do you only have Facebook, Flickr, and Google listed in Online Accounts like I did? Why not go for broke and install them all.

Execute the following line in the terminal:
sudo apt-get install account-plugin-*

That looks better...  :) 



- Joe


Reference:

Saturday, March 5, 2016

SNMP Configuration in CentOS or RHEL 7


This is the follow-up to my original post on configuring SNMP v3 in CentOS or RHEL 6. Make sure you check out that post first for some background information if you need it.

So let’s get started.

Install net-snmp

If SNMP is not yet installed on your server, execute the following shell command:

sudo yum -y install net-snmp net-snmp-utils

Create an SNMP configuration file

When net-snmp is installed on the machine, a sample/default file is created. So lets move that file to a new location as we are not going to use it. Execute,

sudo mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig

Next, lets create a new file from scratch:

sudo vim /etc/snmp/snmpd.conf

Hit 'i' to enter insert mode, then enter in the following text:

# Basic SNMP Community Information
# Note Source IPs. Enter in your own IPs that will be allowed to communicate with the service.
# It is recommended to allow localhost so you can run tests with snmpwalk.
# Otherwise omit localhost if it is not needed.
# You can list allowed subnets if you wish. Example below.
#
#           Community.Name  Source.IP.Allowed
rocommunity public          127.0.0.1
rocommunity public          10.40.60.57
rocommunity public          192.168.1.0/24

# Optional location information
syslocation MyLocation

# Optional contact information
syscontact Super User <myemail@domain.com>

# SNMP v3 User Information

** Note that the last line is commented out by the '#' and there is nothing in the SNMP v3 User Information section yet. Also, do NOT use "public". Define your own community name.

Save the file and exit by hitting Esc, then :wq to save and quit.

Create the SNMP v3 User

In this example, the read only SNMP v3 user we are going to create in this example defines three things
  • snmpv3user = Rename this to the user name you desire.
  • snmpv3authentication = Define your user authetication key here.
  • snmpv3privacy = Define your privacy key here.
Execute the following commands in order to create your user:

sudo systemctl stop snmpd.service
sudo net-snmp-create-v3-user -ro -A snmpv3authentication -a SHA -X snmpv3privacy -x AES snmpv3user
sudo systemctl reload snmpd.service
sudo systemctl start snmpd.service

** This specific user, with these specific options, is set up with SHA authentication and AES 128 bit privacy.

Note the difference in how to restart services in CoreOS/RHEL v7 - It now uses systemd which takes time to get used to...

So now the core configuration for SNMP v2c communities and your v3 user are now set up. Lets finish this by creating the firewall rules to allow the monitoring traffic in/out.

Create a Firewall Rule to Allow SNMP Traffic

Execute the following command,

sudo firewall-cmd --add-port=161-162/udp --zone=public --permanent

** This rule allows SNMP communication from ALL inbound IP addresses. Note that in v7 we must use "firewall-cmd" instead of iptables to make firewall rule changes.

Set SNMP to Run at Boot Time

Finally execute,

sudo chkconfig snmpd on

From this point, you can now add in your CentOS/RHEL server to your monitoring system via SNMP v2c (as defined by your community you selected), or by SNMP v3 user you created.

- Joe

SNMP v3 Configuration in CentOS or RHEL 6


Good evening IT Pros!

Tonight’s post is a quick overview of setting up a simple SNMP v2c community and SNMP v3 read only user in CentOS v6.x or Red Hat Enterprise Linux (RHEL) v6. I'm not going to get into the nitty gritty of every single line in the config file or the "why". The purpose of this post is to at least lead you in the right direction with getting a 'more secure' SNMP configuration set up in your environment on your CentOS/RHEL servers. There is always a better security configuration out there.

I’ll post a follow up on how to get this done in CentOS/RHEL v7 at a later time. This article assumes that you are somewhat familiar with how to execute shell commands and work with the vim text editor. I also assume that the following is set up:
  • SELinux is enabled, hence the firewall is enabled too and is probably not allowing SNMP traffic in/out of the server.
  • You have SUDO and/or ROOT access to the server.
  • Net-SNMP is not installed yet.
Configuring and setting up SNMP is very straightforward. I will describe the process by the following steps:
  1. Install Net-SNMP using the yum package manager.
  2. Create an SNMP configuration file.
  3. Create your SNMPv3 user.
  4. Allow SNMP traffic through the firewall.
  5. Ensure the SNMP daemon starts at boot time.
  6. Profit.
So let’s get started!

Install net-snmp

If SNMP is not yet installed on your server, execute the following shell command:

sudo yum -y install net-snmp net-snmp-utils

Create an SNMP configuration file

When net-snmp is installed on the machine, a sample/default file is created. So lets move that file to a new location because we are not going to use it. Execute,

sudo mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig

Next, lets create a new file from scratch:

sudo vim /etc/snmp/snmpd.conf

Hit 'i' to enter insert mode, then enter in the following text:

# Basic SNMP Community Information
# Note Source IPs. Enter in your own IPs that will be allowed to communicate with the service.
# It is recommended to allow localhost so you can run tests with snmpwalk.
# Otherwise omit localhost if it is not needed.
# You can list allowed subnets if you wish. Example below.
#
#           Community.Name  Source.IP.Allowed
rocommunity public          127.0.0.1
rocommunity public          10.40.60.57
rocommunity public          192.168.1.0/24

# Optional location information
syslocation MyLocation

# Optional contact information
syscontact Super User <myemail@domain.com>

# SNMP v3 User Information

** Note that the last line is commented out by the '#' and there is nothing in the SNMP v3 User Information section yet. Also, do NOT use "public". Define your own community name.

Save the file and exit by hitting Esc, then :wq to save and quit.

Reload the SNMP configuration then restart the service by executing in order:

sudo service snmpd reload
sudo service snmpd restart

At this point, SNMP v2c communities are set up and running. However we still need to create the SNMP v3 user and allow the traffic through the firewall for remote hosts (such as your SolarWinds, SCOM, or Nagios server).

Create the SNMP v3 User

In this example, the read only SNMP v3 user we are going to create in this example defines three things
  • snmpv3user = Rename this to the user name you desire.
  • snmpv3authentication = Define your user authetication key here.
  • snmpv3privacy = Define your privacy key here.
Execute the following commands in order to create your user:

sudo service snmpd stop
sudo net-snmp-create-v3-user -ro -A snmpv3authentication -a SHA -X snmpv3privacy -x AES snmpv3User
sudo service snmpd reload
sudo service snmpd restart

** This specific user, with these specific options, is set up with SHA authentication and AES 128 bit privacy.

So now the core configuration for SNMP v2c communities and your v3 user are now set up. Lets finish this excersize by creating the firewall rules to allow the monitoring traffic in/out.

Create an IPTABLES rule to allow SNMP traffic

Execute the following commands,

sudo iptables -A INPUT -p udp -m state --state NEW -m udp --dport 161 -j ACCEPT

** This iptables rule allows SNMP communication from ALL inbound IP addresses.

Set SNMP to Run at Boot Time

Finally execute,

sudo chkconfig snmpd on

From this point, you can now add in your CentOS/RHEL server to your monitoring system via SNMP v2c (as defined by your community you selected), or by SNMP v3 user you created.

Next, I'll post the instructions for CentOS/RHEL 7 since the commands are completely different thanks to the changes to firewalld and systemd.

- Joe

Thursday, January 21, 2016

Joe's Super Simple Windows Powershell Log Parser


Hello IT Pros!

I’ve got another really helpful post today. It is a very simple log file parser for Windows Powershell. This script was built when my colleagues and I needed a way to monitor the count of specific failures in an application by parsing through it’s log file for the error entries. Here is the code:

$logcount = Get-Content -path 'C:\PATH_TO_LOG_FILE\logfile.log' | Select-String -pattern "ERROR" –simplematch
If ($logcount -eq 0) { Write-Host 'Statistic: ' $logcount }
Else { Write-Host 'Statistic: ' $logcount.count }

As you can see, yes this is a very simple script and was designed to be used as a SolarWinds SAM template for monitoring purposes. But it can be adapted for a variety of use cases. It should work in Powershell 2.0 but 3.0 is recommended. Enjoy!

- Joe