Skip to content

Collectd Pandora FMS: Maximizing Monitoring Efficiency

Collectd is a daemon (i.e. running in the background on computers and devices) that periodically collects metrics from different sources such as operating systems, applications, log files, and external devices, providing mechanisms to store values in different ways (e.g. RRD files) or makes it available over the network. With this data and its statistics you may monitor systems, find performance bottlenecks (by performance analysis) and predict system load (capacity planning).

Content:

Programming language and compatibility with operating systems

Collectd is written in C for *nix operating systems; that is, UNIX-based, such as BSD, macOS and Linux, for portability and performance, since its design allows it to run on systems without scripting language or cron daemon, as integrated systems. For Windows it can be connected using Cygwin (GNU and open source tools that provide similar features to a Linux distribution on Windows).
Collectd is optimized to take up the least amount of system resources, making it a great tool for monitoring with a low cost of performance.

Plug-ins of collectd

Collectd as a modular demon

The collectd system is modular. In its core it has limited features and to use it, you need to know how to compile a program in C. You also need to know how to start the executable in the right way so that the data is sent to where it is needed. However, through plug-ins, value is obtained from the data collected and sent, extending its functionality for multiple use cases. This makes the daemon modular and flexible and the statistics obtained (and their format) can be defined by plug-ins.

Plug-in types

Currently, there are 171 plug-ins available for collectd. Not all plug-ins define data collection themes, as some extend capabilities with interfaces for specific technologies (e.g. programming languages such as Python).

  • Read plug-ins fetch data and are generally classified into three categories:
    • Operating system plug-ins, which collect information such as CPU usage, memory, or the number of users who logged into a system. Usually, these plug-ins need to be ported to each operating system.
    • Application plug-ins, which collect performance data about an application running on the same computer or at a remote site. These plug-ins normally use software libraries, but are otherwise usually independent of the operating system.
    • Generic plug-ins, which offer basic functions that users may make use for specific tasks. Some examples are the query for network monitoring (from SNMP) or the execution of custom programs or scripts.
  • Writing plug-ins offer the ability to store collected data on disk using RRD or CSV files; or send data over the network to a remote daemon instance.
  • Unixsock plugins allow you to open a socket to connect to the collectd daemon. Thanks to the collectd utility, you may directly obtain the monitors in your terminal with the getval or listval parameters, where you may indicate the specific parameter you wish to obtain or obtain a list with all the parameters that collectd has collected.
  • You also have the network plug-in, which is used to send and receive data to and from other daemon instances. In a common network configuration, the daemon would run on each monitored host (called “clients”) with the network plug-in configured to send the collected data to one or more network addresses. On one or more of the so-called “servers”, the same daemon would run, but with a different configuration, so that the network plug-in receives data instead of sending it. Often, the RRDtool plugin is used in servers to store performance data (e.g. bandwidth, temperature, CPU workload, etc.)

To activate and deactivate the plug-ins you have, you may do so from the configuration file “collectd.conf”, in addition to configuring them or adding custom plugins.

Benefits of Collectd

 

  • Open source nature
    Collectd is open source software, just like its plug-ins, though some plug-ins don’t have the same open source license.

 

Collectd Integration with Pandora FMS

Monitoring IT environments

Collectd provides statistics to an interpretation package, so in a third-party tool, it must be configured to generate graphs and analysis from the data obtained, in order to see and optimize IT environment monitoring. Collectd has a large community that contributes improvements, new plugins, and bug fixes.

Effective execution in Pandora FMS

The pandora_collectd plugin (https://pandorafms.com/guides/public/books/collectd) allows to collect this information generated by collectd itself and send it to your Pandora FMS server for further processing and storage.
The plugin execution generates an agent with all the information of collectd transformed in Pandora FMS modules; with this, you may have any device monitored with collectd and obtain a data history, create reports, dashboards, visual consoles, trigger alerts and a long etcetera.

A very important feature of “pandora_collectd” is that it is a very versatile plugin, as it allows you to process data collected from collectd before sending it to your Pandora FMS server. By means of regular expressions, it allows you to decide according to the features you have, which metrics you want to collect and which ones you want to download, to send the desired metrics to your Pandora FMS server, in an optimal way. In addition, it allows you to modify parameters such as the port or the IP address of the tentacle server that you wish to use.
Also, it is possible to customize what we want your agent to be called, where the modules will be created, and modify their description.
Another important aspect of this plug-in is that it can run both as an agent plug-in and as a server plug-in. By being able to modify the agents resulting from the monitoring, you may easily differentiate one from the other and monitor a high amount of devices in your Pandora FMS environment.
In addition, your plugin is compatible with the vast majority of Linux and Unix devices so there will be no problems with its implementation with collectd.
To learn how to set up collectd in Pandora FMS, visit Pandora FMS Guides for details.

Collectd vs StatsD: A Comparison

Key differences

As we have seen, collectd is suitable for monitoring CPU, network, memory usage and different plugins for specific services such as NGinx. Due to its features, it collects ready-to-use metrics and must be installed on machines that need monitoring.

Whereas StatsD (written in Node.js) is generally used for applications that require accurate data aggregation and sends data to servers at regular intervals. Also, StatsD provides libraries in multiple programming languages for easy data tracking.

Once this is understood, collectd is a statistics gathering daemon, while StatsD is an aggregation service or event counter. The reason for explaining their differences is that collectd and StatsD can be used together (and it is common practice) depending on the monitoring needs in the organization.

Use cases and approaches

  • Cases of StatsD use:
    • Monitoring Web Applications: Tracking the number of requests, errors, response times, etc.
    • Performance Analysis: Identification of bottlenecks and optimization of application performance.
  • Cases of use of collectd:
    • Monitoring hardware resources such as CPU usage, memory used, hard disk usage, etc.
    • Monitoring specific metrics of available IT services.

The Importance of Collectd Integration with Pandora FMS

    • Lightweight and efficient
      Collectd in Pandora FMS is lightweight and efficient, with the ability to write metrics across the network, by itself a modular architecture and because it runs mainly in memory.
    • Versatility and flexibility
      This plugin allows you to decide which metrics you want to collect and which to discard in order to send only the metrics you want to your Pandora FMS server. It also allows you to adjust the data collected from time to time, according to the needs of the organization.
    • Community support and continuous improvement
      In addition to the fact that collectd is a popular plugin, there is community support for those who constantly make improvements, including specialized documentation and installation guides.
      All this makes us understand why collectd has been widely adopted for monitoring IT resources and services.

Conclusion

Collectd is a very popular daemon for measuring metrics from different sources such as operating systems, applications, log files and external devices, being able to take advantage of the information for system monitoring. Among its key features we can mention that, being written in C, in open source, it can be executed on systems without the need for a scripting language. As it is modular, it is quite portable through plug-ins and the value of the collected and sent data is obtained, the collectd feature is extended to give a better use in monitoring IT resources. It is also scalable, whether one or a thousand hosts, to collect statistics and performance metrics. This is of great value in IT ecosystems that continue growing for any company in any industry.

The pandora_collectd plugin collects information generated by the collectd itself and sends it to Pandora FMS server from which you may enhance the monitoring of any monitored device and obtain data from which to generate reports or performance dashboards, schedule alerts and obtain history information for capacity planning, among other high-value functions in IT management.

For better use of collectd, with the ability to be so granular in data collection, it is also good to consolidate statistics to make them more understandable to the human eye and simplify things for the system administrator who analyzes the data. Also, it is recommended to rely on IT monitoring experts such as Pandora FMS, with best monitoring and observability practices. Contact our experts in Professional services | Pandora FMS

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About PandoraFMS
Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes.
Of course, one of the things that Pandora FMS can control is the hard disks of your computers.

Empowering Businesses: The role of MSPs in delivering Desktop as a Service (DaaS)


The advantages of Desktop as a Service (DaaS) for MSPs. 

As organizations strive to maintain operational continuity, optimize their resources, and secure sensitive data, Desktop as a Service (DaaS) has emerged as a pivotal solution for MSPs.

The DaaS market is expected to be worth 18.7 Billion USD by 2032 at a 21% CAGR, meaning MSPs can play a crucial role in providing organizations with a comprehensive and tailored approach that surpasses the benefits of organizations implementing solutions independently.

DaaS solutions provide an ideal transition for MSPs already overseeing client endpoints that are hosted on-premises or in private data center environments, facilitating a seamless shift to the cloud. The transition to DaaS presents a strategic move and offers a range of advantages.

Among these advantages is the advanced security functionality that is inherent in DaaS environments.

These solutions often come equipped with robust security measures, including encryption, multi-factor authentication (MFA), and centralized management tools.

MSPs can leverage these features to deliver their clients’ data and applications, while ensuring a higher level of protection in the cloud than may be feasible in on-premises environments.

Reasons why MSPs adopt DaaS solutions

A quick path to VDI

DaaS emerges as an ideal solution for MSPs seeking to deliver VDI for their customers.

Offering a straightforward approach that mitigates the need for specialized talent well-versed in VDI or EUC technology, the ease of use and simplicity of management of DaaS through a singular console allows MSPs to establish proof of concept (PoC) environments swiftly, providing customers with access to operational desktop solutions in almost no time.

Deliver modern workplace solutions

The meteoric rise of the remote work culture necessitates technologies that enable seamless connectivity regardless of physical location. DaaS solutions empower MSPs to provide their customers access to virtual desktops and applications from anywhere with an internet connection.

Easily scale with customer demands

One of the fundamental advantages of DaaS is its inherent scalability. Organizations can dynamically adjust their desktop infrastructure in response to fluctuating workloads and evolving needs. MSPs can help them scale, ensuring their customers can seamlessly expand or streamline their resources without operational disruptions, optimizing efficiency and cost-effectiveness.

Optimizing cloud services

The pervasive adoption of cloud services has substantially bolstered the DaaS market. Cloud infrastructure has matured into a reliable, secure, and cost-effective option, making DaaS an appealing choice for businesses seeking to streamline their desktop environments. MSPs can leverage their expertise to navigate the intricate landscape of cloud services, ensuring optimal performance, scalability, and security within the DaaS framework.

Addressing customer security concerns

Amid the transition to DaaS, data security emerges as a paramount concern. The storage of sensitive data in the cloud necessitates robust security measures to fortify against potential data breaches and unauthorized access. MSPs specializing in DaaS offer comprehensive security protocols, including encryption, multi-factor authentication, and proactive threat monitoring, thereby assuaging organizations’ security apprehensions.

MSPs are a crucial partner for DaaS implementation

While some organizations might contemplate implementing DaaS solutions independently, the expertise and comprehensive support provided by MSPs present a compelling case for collaboration.

MSPs offer specialized knowledge, round-the-clock support, proactive monitoring, and strategic guidance, ensuring that businesses leverage DaaS to its fullest potential while mitigating risks and maximizing benefits.

By taking charge of the complex billing and licensing processes, MSPs can streamline the financial aspects for their clients. They can provide simplified, consolidated invoices and optimize their clients’ budgets through strategic cost management techniques.

As organizations navigate the complexities of remote work integration, cloud adoption, data security, scalability, and technological advancements, MSPs emerge as indispensable partners. Their specialized expertise, coupled with a holistic approach to managing and optimizing DaaS solutions, positions MSPs as facilitators of transformative and resilient business environments in an increasingly digital landscape.

Why choose Parallels DaaS?

Parallels DaaS stands out as a cutting-edge solution tailored for MSPs aiming to elevate their service offerings. The platform revolutionizes the delivery of desktop services to clients by optimizing manageability, scalability, and security.

Its core strength lies in its cloud-native architecture, which simplifies deployment and maintenance while ensuring exceptional user experiences across devices via a modern HTML5-based web-browser interface.

Parallels DaaS excels in several key areas:

Uncomplicated cloud-native architecture

Built in the cloud, Parallels DaaS capitalizes on agility, cost-effectiveness, and resilience. Its architecture strategically places access points closer to both data and users, enhancing MSP performance and reducing latency.

Fast and efficient resource scaling

The ability to swiftly scale desktop infrastructure according to fluctuating demands allows MSPs to optimize costs without compromising on performance or accessibility.

Global access and modern management portal

Leveraging a web-based management portal, Parallels DaaS empowers MSPs to provide their customers with access to applications and desktops. The management portal streamlines administrative tasks, making it simpler to configure and manage various aspects of the DaaS environment.

Upleveled security and compliance

Parallels DaaS sets a high bar for security by isolating the control and data layers. The gateway service operates within the client’s environment, ensuring that access control is managed by Parallels while keeping the sensitive data securely within the client’s domain. This innovative approach enhances data security and compliance measures.

Upgrade existing solutions

MSPs can elevate their DaaS offering by replacing on-premises, private data centers or outdated DaaS environments. The platform’s flexibility enables MSPs to optimize costs providing a more predictable cost structure, empowering MSPs to manage expenses effectively and enhance profitability.

Enabling MSPs’ cloud transition

Parallels DaaS reduces the barrier to entry for MSPs transitioning into this space. This ease of deployment and management without the requirement of highly skilled specialized technical staff allows MSPs to focus more on service delivery and client satisfaction rather than grappling with complex technical requirements.

Optimize and manage costs

Parallels DaaS optimizes cloud spending by efficiently managing resources, leading to lower overall costs for MSPs and ultimately increasing profits through a more streamlined and cost-effective service delivery.

By leveraging Parallels DaaS, MSPs can gain a competitive edge. The solution’s unique architecture not only streamlines operations but also fortifies security measures. It ensures a seamless and secure desktop experience for end users while simplifying management tasks for service providers.

Ready to try it? Sign up for your free trial and learn more about Parallels DaaS!

 

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Parallels 
Parallels® is a global leader in cross-platform solutions, enabling businesses and individuals to access and use the applications and files they need on any device or operating system. Parallels helps customers leverage the best technology available, whether it’s Windows, Linux, macOS, iOS, Android or the cloud.

Keeping encryption secure from BitLocker sniffing

Recently, the YouTube channel stacksmashing uploaded a video on breaking the built-in encryption in Windows, essentially bypassing Windows Disk Encryption on most devices using Microsoft’s globally dominant operating system with a cheap $10 tool.

This all in just 43 seconds – record time. And while encryption has often been the poster child for efficient and secure data protection, now it seems like encryption, too, has its holes, despite relying on advanced features such as Trusted Platform Modules (TPM), which are now also required by the newest Windows OS.

But can this security hole be properly navigated? Thankfully, the solution is relatively easy and also does not cost as much as a full data breach would.

Exploring BitLocker sniffing

The method bypassing encryption has been dubbed “BitLocker sniffing,” named after the built-in Windows encryption tool BitLocker. Essentially, data from the TPM is exposed on the bus, and if anything is using the TPM, one can then “sniff” out the data that gets exposed on the bus at some point during the de-encryption process. This can happen on older machines, specifically those whose TPM is not integrated into the CPU.

The exploit on BitLocker relies on the fact that it is not using a password or any other secondary authentication method alongside the TPM. In the case presented in the video, the PC boots automatically with only the TPM providing access to the Disk Encryption Key (also known as Volume Master Key – VMK). While switching on the machine, the BitLocker automatically uses the TPM to decrypt the VMK and boots to Windows login almost immediately. So, the VMK is available in the plain on the bus as the system is booting up.

Simply put, the communication between the TPM and the computer’s processor is exposed during startup, meaning that the encryption key can be read by someone snooping on the signal between the TPM and the CPU, which can be done with a cheap tool and some firmware.

This might remind someone familiar with cybersecurity of how in some cases man-in-the-middle attacks can “eavesdrop” on a person’s internet connection/Bluetooth/RFID signal while trying to connect to somewhere or something. This occurs because the data stream can become exposed while traveling to a receiver, unless there’s some form of additional security involved, like using a VPN while connected to public Wi-Fi, ensuring a protected hidden connection. Basically, adding another security layer on top is required to mask the data transfer.

Is encryption not enough?

This new piece of research is very interesting, especially since using a TPM security module or chip is now a requirement of the Windows 11 OS, which is why many older processors that might not have satisfied the requirement were barred from having the eligibility to install the OS.

The issue is not whether encryption is enough of an incentive for someone to want the newest OS features, but the fact that, so far, it’s always been a signal of added security. However, with BitLocker sniffing, it seems like encryption might be just another redundant security function…or is it?

Truthfully, encryption is a necessary – no, a compulsory – security measure for any user that has to ensure their data remains safe and securely stored, limiting potential access opportunities even after a device gets stolen. What’s more, as an added security layer, it makes activities that much harder for crooks, as it delays their potential breach time, giving more time to security responders.

Every company security strategy has to include encryption, as this is also required for regulatory compliance and cyber insurance, where the trend sees compulsory standards raised every year.

To answer the headline then: No, encryption is not enough, as multiple security layers are needed for any strategy to work against malicious threats, but it is a necessary component; businesses must include it for better protection. However, encryption does not need to be as it is, a singular security layer, and there are ways to protect it even against BitLocker sniffing.

It’s all about the layers

Was it Shrek who described how ogres are layered like onions? Well, like ogres, successful cybersecurity apps and measures are layered too. At ESET, the PROTECT Platform is one example of that, since in and of itself, it contains multiple layers of technologies that protect against threats, be they zero-days that have never seen the light of day or known malware trying its best to avoid detection with newer evasion techniques.

As such, ESET can also guarantee better encryption thanks to a simple thing – a password. It might seem like a simple layer, but it is very powerful, as thanks to its inclusion within ESET Full Disk Encryption (EFDE) and ESET Endpoint Encryption (EEE), it protects against techniques such as BitLocker sniffing, as that technique relies on unprotected communication between a discrete TPM chip and a CPU. Thus, any secondary authentication that happens before the process starts prevents the encryption key from being out in the open.

In normal operation with EFDE and EEE, the user is required to enter their password upon booting up their computer. Essentially, the password is used in conjunction with other data and the TPM encryption to decrypt the VMK. So, without the user’s password, the correct VMK cannot be obtained. Yes, at some point the data decrypted by the TPM will be available in the plain; however, this cannot take place without knowing the user’s password first.

Powerful encryption, secure systems

In the end, cybersecurity will always need to keep evolving, just as threats do. However, sometimes simple security measures can demonstrate quite an impact.

Passwords have always been the first line of defense against external compromise (as gaining access to a single account can cause a chain reaction), and this will probably continue into the future.

However, a reminder needs to be said – never pick weak passwords, never reuse a single password across your accounts or encryption, and in general, be mindful of cybersecurity. And for businesses in general, consider what level of security you require – as just a single product, or a single additional measure like a strong password for your encryption, can make a difference.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×