Ep. 11: Detecting configuration errors with the Analyze Configuration feature
Note: All the videos on our website offered in the German language have English subtitles and transcripts, as given below.
[0:00:01] | There IS something I had forgotten... |
[0:00:03] | Analyze Configuration. |
[0:00:17] | Analyze Configuration is a feature we added to Checkmk not too long ago to help you in identifying certain typical configuration errors in your Checkmk system. |
[0:00:29] | For example, these can be security problems, performance, or similar issues. You can find this function in its own WATO module. |
[0:00:38] | You can find the module relatively far down, here under 'Analyze configuration'. The process takes a few seconds to start, because some of the tests are already running. |
[0:00:51] | In the overview you can now see that most of the tests are green, and here in my case I have three that are on yellow. |
[0:00:57] | These are mostly tasks that have to do with performance or security. Let's take a look at the lowest one. |
[0:01:02] | This is the warning that we are accessing the website without encryption.It is of course recommended that you use HTTPS rather than HTTP – meaning of course with SSL encryption. |
[0:01:14] | This is a bit complicated to set up because you have to create a certificate. How to do this is described in its own user guide article – maybe we'll make a separate episode covering it in this series. From each test there is then some information that can be retrieved, from which you can learn more details. |
[0:01:33] | Let's take a closer look at a test, namely the 'number of Apache processes'. I return to the information, and here I receive the explanation that by default, 64 Apache processes could be started. |
[0:01:48] | What are these Apache processes? |
[0:01:50] | Well, in this case Apache is the web server which is responsible for implementing the Checkmk interface. 64 processes means that 64 users can access pages simultaneously. |
[0:02:00] | Of course this is a lot, because only the time is considered during which a page is actually being computed. |
[0:02:07] | For my test system, significantly fewer processes are sufficient. I can even modify this setting right here, which brings me to the global settings, which I alter from 64 to 10. |
[0:02:17] | I save the whole thing, activate the changes, and now it is limited to just 10 processes. This of course will save a lot of memory. |
[0:02:27] | When I now go back to the 'Analyze configuration' you can see that the test is still yellow. So, why is that the case? In this situation the point is that Checkmk simply cannot know how many processes are appropriate for you. |
[0:02:42] | Therefore you must either acknowledge the test, or turn it off after you have done so. For acknowledgement there is a symbol on the right side, then I can say, I know that it is still on WARN, but I don't care, because I have taken that into account and adjusted the setting myself. |
[0:03:00] | This ensures that the test is clean at this point. And if you do this one by one for all tests, then you can look in there from time to time, and if anything there is yellow, you can deal with it, and if there is anything green, then your system configuration is reasonably performant and secure. |
[0:03:15] | Of course I have to say that there is neither a test for every possible type of error that can be made, nor one for every wrong configuration. |
[0:03:21] | So, even if everything is green, it is no guarantee that things are secure, but if everything is not green, it is a very, very good indication that you should be checking into some of these things concerning performance or security. |
[0:03:33] | Well, that's it for today. Thanks for watching, and I hope to see you for the next episode. |
Want to know more about Checkmk? Join us for our Introduction to Checkmk Webinar