Monitoring your internal infrastructure when it does not have outbound access can be problematic. You can use an OnSight vCollector instance as a proxy, centralizing the flow of data and reducing outband access to a single instance.
Set OnSight as a proxy during Agent installation
During Agent installation, you have the option to set up the OnSight as a proxy for the Panopta Agent using the Agent manifest file.
Create an Agent manifest file. To create the file, see the following sections:
Edit the manifest file and set the aggregator_url parameter to point to the URL or IP address of your OnSight or OnSights. If you replace the aggregator URL value within the Agent configuration file with the OnSight Agent Proxy URL, all Agent communication will flow through the proxy. You can also place multiple URLs should you have more than one OnSight. This introduces high availability to your internal monitoring to ensure that you are always receiving the Agent metric data, even if one of your OnSight instances is not responding.
Using Multiple Aggregator URLs In most mission critical environments, it is highly recommended that you deploy multiple OnSights for a high availability pair. You can also specify each OnSight as an aggregator endpoint in your agent's config file. It is a best practice to use DNS with multiple A records in order to make changes centrally without having to visit each agent.
For Linux, this file is located in /etc/panopta-agent/ with the following content:
For Windows, the file is located in C:\Program Files\PanoptaAgent\Agent.cfg or C:\Program Files(x86)\PanoptaAgent\Agent.cfg and the relevant section of the configuration is shown below:
Note: If you are using the Windows version of the Agent, you will have to restart the service from within the services menu before seeing any configuration changes take place.
3. Save and close the file.
4. Run the Windows or Linux command to install and add the OnSight proxy to Panopta.
Example Agent manifest file
The contents of the manifest file for both Windows and Linux are shown below. You do not need to specify values for everything. A detailed description of each parameter is explained below the sample contents:
To use OnSight as a proxy for an existing Panopta Agent, perform the following:
Define the Aggregator URL in the Panopta Agent configuration file. For Linux this can be found in /etc/panopta-agent/panopta_agent.cfg. For Windows, it is usually the agent.conf file in the directory you created for the Panopta Agent. Keep this file open for later.
From the instance's tree in the control pane, select the OnSight instance to open its details page.
Click the IP Address of the OnSight to open the OnSight Console.
On the OnSight Console login page, enter the following credentials:
Password: <OnSight key>
Successfully logging in will open the OnSight Console.
Select Enable in the Agent proxy field to get a URL that can be used as the proxy.
If you replace the aggregator URL value within the Agent configuration file with the OnSight Agent Proxy URL, all Agent communication will flow through the proxy. You can also place multiple URLs should you have more than one OnSight. This introduces high availability to your internal monitoring to ensure that you are always receiving the Agent metric data, even if one of your OnSight instances is not responding.