By default,
OverTime will present a single master list of devices that it is monitoring for
all users to view.
When the
users are from different companies, the devices can be grouped by company and
access restricted.
To achieve this
configuration, OverTime requires
1)
Individual user account that limit access to OverTime.
2) A file
that defines the groups and users that have access to those groups
(security.xml)
Each user,
except for the 'admin' user, is associated with just one group.
The 'admin'
user has access to all groups and all devices.
The user's
group is shown in the output with the group's name as the user's home page in
OverTime.
Each device
should be represented in just one group and if not explicitly listed then the
device is treated as if it were listed in the default group.
Each group
can have color specifications that are used when drawing graphs.
Enabling security.
To enable
security the following steps need to be performed:
1)
Edit
overtime.cfg and add a new line like this:
Windows:
pwdfile C:\overtime\cfgs\overtime.pwd
Unix:
pwdfile \var\opt\overtime\cfgs\overtime.pwd
and save the file.
2)
Specify
the administration user name and password by running from the command line
‘adminuser’ which is in the cgi-bin directory of OverTime’s web server.
3)
At
this point, access to Overtime will be restricted to the created users.
4)
From
your browser go to URL /cgi-bin/adminuser?
5)
Log in
as the administrator you just created and create new users as required.
6)
If
per-device access is required, then in the overtime/cfgs directory create a new
file called security.xml
security.xml
Here is an example of that file
showing the layout:
|
<!--
this is the group file for OverTime. --> <!--
It has some restrictions above a normal xml file--> <!--
Each tag must start and finish on the same line--> <!--
Blanks can only proceed an opening tag --> <groups> <group name="Company One"> <users> <user>Co1User1</user> <user>Co1User2</user> </users> <hosts> <host name="Compnay One Main Router">NETic-Router</host> <host>Switch101</host> </hosts> <colors> <color>00F0FF</color> <color>0F8888</color> <color>888888</color> <color>0FF088</color> <color>0F88F0</color> </colors> </group> <group name="Non Company one Devices"> <users> <user>Co2User1</user> </users> <hosts> <host name="Main
server">host1</host> <host>IGateway</host> <host name="Backup
Server">host11</host> <host>router5</host> </hosts> </group> </groups> |
security.xml
tags
<groups>
<groups>
is the opening tag, which encapsulates everything up to the closing
</groups> tag.
<group>
There can
be one or more <group> tags defined. Each <group> tag defines a new
group and it has an optional name parameter. <group> tags can not be nested
and must end with </group>
<users>
The
<users> tag is mandatory and defines the list of users that have access
to this group.
<user>
Each
<user> tag must be enclosed within a <users> tag group. Each
<user> tag has a user name (case sensitive) that permits that user to
view the hosts for this group. You should have already defined the user name
with ‘adminuser’.
<hosts>
The
<hosts> tag is mandatory and defines the list of hosts that are in this
group.
<host>
Each
<host> tag must be enclosed within a <hosts> tag group. Each
<host> tag defines a host (case sensitive) that is in this group. An
optional name within the group tag is the alias that will be shown on the main
page for the device rather than actual real name.
<colors>
The colors tag is optional and defines the list of graph colors to be
used when drawing graphs for the devices in that group. If the <colors>
tag is present within a group then it MUST be defined after both the </users>
and </hosts> tag.
<color>
Each <color>
tag must be enclosed within a <colors> tag group. Each color is a hex
string (6 hex digits in three pairs, defining red green and blue) ie: 00FF00
would be pure green.
The first
color defined will be used for color 1, the second definition will be used for
color 2 etc.
How are
these colors used?
OverTime
produces four types of graphs, IO, IO Errors, PingTime and General.
The first
color is used in an IO graph for output octets and for a PingTime graphs
minimum response time (default is blue).
The second
color is used for PingTime graphs where it represents the average values
(default red).
The third
color is used in IO and PingTime graphs. The IO graph uses it for input octet
measurement and the PingTime graphs use it to represent maximum values (default
green).
The fourth
color is used in IO Error graphs to represent In Errors (default yellow).
The fifth
color is used in IO Error graphs to represent Out Errors (default cyan).
General
graphs use colors 1-54 for each of the values they graph.
|
Color |
IO |
IO Errors |
PingTime |
General |
|
1 |
Out |
|
Min |
Line 1 |
|
2 |
|
|
Average |
Line 2 |
|
3 |
In |
|
Maximum |
Line 3 |
|
4 |
|
In Errors |
|
Line 4 |
|
5 |
|
Out Errors |
|
Line 5 |
|
6 |
|
|
|
Line 6 |
|
… 54 |
|
|
|
… Line 54 |
Colors 1-54
are used for general graphs.