How to install Xymon Monitoring System

Step 1: PreRequisites

Following are some services/packages which are necessary for xymon installation

# yum update
# yum install xinetd gcc fping libpcre rrdtool pcre-devel openssl-devel openldap-devel c-ares rrdtool-devel

Step 2: Package fping Installation

Download package fping, install and configure it on server

# cd /usr/local/
# wget
# tar -zxvf fping.tar.gz
# cd fping-2.4b2_to/
# ./configure
# make
# make install

Step 3: Download Xymon Source Files

In order to make Xymon Monitoring server, download the source files from

# wget

Step 4: Create Xymon User

# useradd xymon

Step 5: Xymon Installation and Configuration

Extract the source files, install and configure the files:

# tar -zxvf download
# mkdir /usr/local/xymon
# chown xymon:apache xymon
# cd xymon-4.3.20/
# ./configure
Configuration script for Xymon

This script asks a few questions and builds a Makefile to compile Xymon

Checking your make-utility
Checking pre-requisites for building Xymon

Checking for fping ...
Xymon has a built-in ping utility (xymonping)
However, it is not yet fully stable and therefore it
may be best to use the external fping utility instead.
I found fping in /usr/local/sbin/fping
Do you want to use it [Y/n] ?
Checking to see if '/usr/local/sbin/fping' works ... is alive
OK, will use '/usr/local/sbin/fping' for ping tests
NOTE: If you are using an suid-root wrapper, make sure the 'xymond'
      user is also allowed to run fping without having to enter passwords.
      For 'sudo', add something like this to your 'sudoers' file:
      xymon ALL=(ALL) NOPASSWD: /usr/local/sbin/fping

Checking for PCRE ...
Compiling with PCRE library works OK
Linking with PCRE library works OK

Checking for C-ARES library ...
Compiling with c-ares library works OK
C-ARES version: Found 1.10.0 - OK, require 1.10.0
Linking with c-ares library works OK

Checking for RRDtool ...
Not RRDtool 1.0.x, checking for 1.2.x
Compiling with RRDtool works OK
Linking with RRDtool works OK

Checking for OpenSSL ...
Compiling with SSL library works OK
Linking with SSL library works OK
Checking if your SSL library has SSLv2 enabled
Will support SSLv2 when testing SSL-enabled network services

Xymon can use the OpenSSL library to test SSL-enabled services
like https-encrypted websites, POP3S, IMAPS, NNTPS and TELNETS.
If you have the OpenSSL library installed, I recommend that you enable this.

Do you want to be able to test SSL-enabled services (y) ?
Checking for LDAP ...
Compiling with LDAP works OK
LBER library not needed
Linking with LDAP works OK

Xymon can use your OpenLDAP LDAP client library to test LDAP servers.

Do you want to be able to test LDAP servers (y) ?
Checking for clock_gettime() requiring librt ...
clock_gettime() requires librt

Checking for Large File Support ...
Large File Support OK

Setting up for a Xymon server

What userid will be running Xymon [xymon] ?
Found passwd entry for user xymon:x:516:517::/home/xymon:/bin/bash

Where do you want the Xymon installation [/home/xymon] ?
OK, will configure to use /usr/local/xymon as the Xymon toplevel directory

What URL will you use for the Xymon webpages [/xymon] ?
Where to put the Xymon CGI scripts [/usr/local/xymon/cgi-bin] ?
(Note: This is the filesystem directory - we will get to the URL shortly)

What is the URL for the Xymon CGI directory [/xymon-cgi] ?
(Note: This is the URL - NOT the filesystem directory)

********************** SECURITY NOTICE ****************************
If your Xymon server is accessible by outsiders, then you should
restrict access to the CGI scripts that handle enable/disable of
hosts, and acknowledging of alerts. The easiest way to do this is
to put these in a separate CGI directory and require a password to
access them.
Even if your Xymon server is on a secured, internal network, you
may want to have some operations (like disabling a host) be password-
protected - that lets you see who disabled or acknowledged an alert.

Where to put the Xymon Administration CGI scripts [/usr/local/xymon/cgi-secure] ?
(Note: This is the filesystem directory - we will get to the URL shortly)

What is the URL for the Xymon Administration CGI directory [/xymon-seccgi] ?
(Note: This is the URL - NOT the filesystem directory)

** Note that you may need to modify your webserver configuration.
** After installing, see /usr/local/xymon/server/etc/xymon-apache.conf for an example configuration.

To generate Xymon availability reports, your webserver
must have write-access to a directory below the Xymon
top-level directory. I can set this up if you tell me
what group-ID your webserver runs with. This is typically
'nobody' or 'apache' or 'www-data'

What group-ID does your webserver use [nobody] ?

Where to put the Xymon logfiles [/var/log/xymon] ?

What is the name of this host [] ?

What is the IP-address of this host [] ?

Where should I install the Xymon man-pages (/usr/local/man) ?
Using Linux Makefile settings

Created Makefile with the necessary information to build Xymon
Some defaults are used, so do look at the Makefile before continuing.

Configuration complete - now run make (GNU make) to build the tools

Step:6 Install Xymon

Configuration is completed successfully, now execute make and make install command to install the xymon monitoring server.

# make
# make install

Step:7 Start Xymon Service

After Installation login with xymon user and start the xymon server

# su xymon
# /usr/local/xymon/server/bin/ start
Xymon started

Step:8 Concatenate Config File

Concatenate xymon-apache.conf with httpd.conf

# cat /usr/local/xymon/server/etc/xymon-apache.conf >> /etc/httpd/conf/httpd.conf


Case 1: Directory Path

Create a softlink in /var/www/html / where you DocumentRoot is set(by default directory is /var/www/html)

# cd /var/www/html
# ln -s /usr/local/xymon xymon

Case 2: fping permissions issue

In case you face xymongen alert just change the ownership and file permissions of fping

# chown root:xymon /usr/sbin/fping
# chmod 710 /usr/sbin/fping
# chmod ug+s /usr/sbin/fping

Order of commands matters, Linux will reset setuid bit after a chown for security reasons.
So, you must do these commands in the order defined in the manual (chown first).