1Smokeping_probes_TacacsPlus(3) SmokePing Smokeping_probes_TacacsPlus(3)
2
3
4
6 Smokeping::probes::TacacsPlus - a TacacsPlus authentication probe for
7 SmokePing
8
10 Measures TacacsPlus authentication latency for SmokePing
11
13 *** Probes ***
14
15 +TacacsPlus
16
17 forks = 5
18 offset = 50%
19 passwordfile = /some/place/secret
20 secretfile = /another/place/secret
21 step = 300
22
23 # The following variables can be overridden in each target section
24 authtype = CHAP
25 mininterval = 1
26 password = test-password
27 pings = 5
28 port = 49
29 secret = test-secret
30 timeout = 5
31 username = test-user # mandatory
32
33 # [...]
34
35 *** Targets ***
36
37 probe = TacacsPlus # if this should be the default probe
38
39 # [...]
40
41 + mytarget
42 # probe = TacacsPlus # if the default probe is something else
43 host = my.host
44 authtype = CHAP
45 mininterval = 1
46 password = test-password
47 pings = 5
48 port = 49
49 secret = test-secret
50 timeout = 5
51 username = test-user # mandatory
52
54 This probe measures TacacsPlus authentication latency for SmokePing.
55
56 The username to be tested is specified in either the probe-specific or
57 the target-specific variable `username', with the target-specific one
58 overriding the probe-specific one.
59
60 The password can be specified either (in order of precedence, with the
61 latter overriding the former) in the probe-specific variable
62 `password', in an external file or in the target-specific variable
63 `password'. The location of this file is given in the probe-specific
64 variable `passwordfile'. See Smokeping::probes::passwordchecker(3pm)
65 for the format of this file (summary: colon-separated triplets of the
66 form `<host>:<username>:<password>')
67
68 The TacacsPlus protocol requires a shared secret between the server and
69 the client. This secret can be specified either (in order of
70 precedence, with the latter overriding the former) in the probe-
71 specific variable `secret', in an external file or in the target-
72 specific variable `secret'. This external file is located by the
73 probe-specific variable `secretfile', and it should contain whitespace-
74 separated pairs of the form `<host> <secret>'. Comments and blank lines
75 are OK.
76
77 The default TacacsPlus authentication type is ASCII. PAP and CHAP are
78 also available. See the Authen::TacacsPlus documentation for more
79 information;
80
81 The probe tries to be nice to the server and does not send
82 authentication requests more frequently than once every X seconds,
83 where X is the value of the target-specific "min_interval" variable (1
84 by default).
85
87 Supported probe-specific variables:
88
89 forks
90 Run this many concurrent processes at maximum
91
92 Example value: 5
93
94 Default value: 5
95
96 offset
97 If you run many probes concurrently you may want to prevent them
98 from hitting your network all at the same time. Using the probe-
99 specific offset parameter you can change the point in time when
100 each probe will be run. Offset is specified in % of total interval,
101 or alternatively as 'random', and the offset from the 'General'
102 section is used if nothing is specified here. Note that this does
103 NOT influence the rrds itself, it is just a matter of when data
104 acqusition is initiated. (This variable is only applicable if the
105 variable 'concurrentprobes' is set in the 'General' section.)
106
107 Example value: 50%
108
109 passwordfile
110 Location of the file containing usernames and passwords.
111
112 Example value: /some/place/secret
113
114 secretfile
115 A file containing the TacacsPlus shared secrets for the targets. It
116 should contain whitespace-separated pairs of the form `<host>
117 <secret>'. Comments and blank lines are OK.
118
119 Example value: /another/place/secret
120
121 step
122 Duration of the base interval that this probe should use, if
123 different from the one specified in the 'Database' section. Note
124 that the step in the RRD files is fixed when they are originally
125 generated, and if you change the step parameter afterwards, you'll
126 have to delete the old RRD files or somehow convert them. (This
127 variable is only applicable if the variable 'concurrentprobes' is
128 set in the 'General' section.)
129
130 Example value: 300
131
132 Supported target-specific variables:
133
134 authtype
135 The TacacsPlus Authentication type:ASCII(default), CHAP, PAP
136
137 Example value: CHAP
138
139 Default value: ASCII
140
141 mininterval
142 The minimum interval between each authentication request sent, in
143 (possibly fractional) seconds.
144
145 Default value: 1
146
147 password
148 The password for the user, if not present in the password file.
149
150 Example value: test-password
151
152 pings
153 How many pings should be sent to each target, if different from the
154 global value specified in the Database section. Note that the
155 number of pings in the RRD files is fixed when they are originally
156 generated, and if you change this parameter afterwards, you'll have
157 to delete the old RRD files or somehow convert them.
158
159 Example value: 5
160
161 port
162 The TacacsPlus port to be used
163
164 Example value: 49
165
166 Default value: 49
167
168 secret
169 The TacacsPlus shared secret for the target, if not present in the
170 secrets file.
171
172 Example value: test-secret
173
174 timeout
175 Timeout in seconds for the TacacsPlus queries.
176
177 Default value: 5
178
179 username
180 The username to be tested.
181
182 Example value: test-user
183
184 This setting is mandatory.
185
187 Gary Mikula <g2ugzm@hotmail.com>
188
190 Not as yet....
191
192
193
1942.7.2 2019-02-02 Smokeping_probes_TacacsPlus(3)