<html><body><div style="color:#000; background-color:#fff; font-family:Helvetica Neue-Light, Helvetica Neue Light, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif;font-size:16px"><div id="yui_3_16_0_1_1421489216966_3512"><span style="font-family: HelveticaNeue, 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif;" id="yui_3_16_0_1_1421489216966_3528">> Couldn’t you just use a passive monitoring solution and have the remote hosts sending their data in?</span><br></div><div class="qtdSeparateBR"><br><br></div><div class="yahoo_quoted" style="display: block;" id="yui_3_16_0_1_1421489216966_3486"><div style="font-family: Helvetica Neue-Light, Helvetica Neue Light, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif; font-size: 16px;" id="yui_3_16_0_1_1421489216966_3485"><div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif; font-size: 16px;" id="yui_3_16_0_1_1421489216966_3484"><div class="y_msg_container" id="yui_3_16_0_1_1421489216966_3483"><div id="yiv6117094047"><div id="yui_3_16_0_1_1421489216966_3482"><div class="yiv6117094047" id="yui_3_16_0_1_1421489216966_3514"><br clear="none" class="yiv6117094047"></div><div class="yiv6117094047" id="yui_3_16_0_1_1421489216966_3514" dir="ltr">Precisely what I was thinking the problem is that all the current plugins I'm aware of aren't what I would call public network friendly, security seems to have been added as an after thought in most cases.</div><div class="yiv6117094047" id="yui_3_16_0_1_1421489216966_3514" dir="ltr"><br></div><div class="yiv6117094047" id="yui_3_16_0_1_1421489216966_3514" dir="ltr">In an ideal world this is what I would like to see being possible:</div><div class="yiv6117094047" id="yui_3_16_0_1_1421489216966_3514" dir="ltr">1) A remote node is configured with a standard config and send out to a new site - All it needs is an IP address, hostname of central system and an authentication certificate.</div><div class="yiv6117094047" id="yui_3_16_0_1_1421489216966_3514" dir="ltr">2) once onsite the node boots up and talks back to the central system via HTTPS to retrieve it's config at which point it reconfigures itself and starts monitoring</div><div class="yiv6117094047" id="yui_3_16_0_1_1421489216966_3514" dir="ltr">3) Alerts are sent back using an external plugin also over HTTPS to the central system</div><div class="yiv6117094047" id="yui_3_16_0_1_1421489216966_3514" dir="ltr">4) Periodically the node checks back in to see if it's configuration needs updating - May be possible to do this live if a persistent HTTPS connection is maintained.</div><div class="yiv6117094047" id="yui_3_16_0_1_1421489216966_3514" dir="ltr">5) The central system monitors the node using freshness checks, if it doesn't receive any updates for a period of time, it marks the node down and sends an appropriate alert.</div><div class="yiv6117094047" id="yui_3_16_0_1_1421489216966_3514" dir="ltr"><br></div><div class="yiv6117094047" id="yui_3_16_0_1_1421489216966_3514" dir="ltr">In effect all that's really needed is an HTTP to Naemon proxy, I guess kind of similar to how Thunk works with MKLiveStatus but for write access instead of read. The basic idea is not to reinvvent the wheel if something already exists (such as using certificate-based auth rather than something more custom).</div><div class="yiv6117094047" id="yui_3_16_0_1_1421489216966_3514" dir="ltr"><br></div><div class="yiv6117094047" id="yui_3_16_0_1_1421489216966_3514" dir="ltr">I've been working on this idea even before Naemon was created but not being a developer by trade I do scratch my head on a few bits. Got the basic elements to a proof of concept more or less worked out if it is of interest.</div></div></div><br></div><div class="y_msg_container" id="yui_3_16_0_1_1421489216966_3483" dir="ltr">Lee</div> </div> </div> </div> </div></body></html>