How to Install Pandora FMS Monitoring Tool in Ubuntu 20.04

Pandora FMS also know as "Pandora Flexible Monitoring System" is a monitoring tool used for servers, networks, applications, and virtual infrastructure. It is simple, scalable and suitable for complex and larger environments. It uses several protocols including, TCP, UDP, SNMP, HTTP and agents to collect the different metrics. You can monitor the status and performance of web servers, database servers, applications, routers, and other network devices using the Pandora FMS.

In this tutorial, we will show you how to install and configure Pandora FMS on Ubuntu 20.04.

Prerequisites

  • A server running Ubuntu 20.04.
  • Valid domain name pointed with your server IP.
  • A root password is configured the server.

Getting Started

First, it is recommended to update your system packages to the updated version. You can update them with the following command:

apt-get update -y

Once all the packages are updated, install all the dependencies required for Pandora FMS with the following command:

apt-get install snmp snmpd libnet-telnet-perl libgeo-ip-perl libtime-format-perl libxml-simple-perl libxml-twig-perl libdbi-perl libnetaddr-ip-perl libhtml-parser-perl xprobe2 nmap libmail-sendmail-perl traceroute libio-socket-inet6-perl libhtml-tree-perl libsnmp-perl snmp-mibs-downloader libio-socket-multicast-perl libsnmp-perl libjson-perl -y

Install LAMP Server

Next, you will need to install the Apache server, MariaDB, PHP and other required dependencies to your system. You can install all of them using the following command:

apt-get install apache2 mariadb-server php php-common php-gmp php-curl php-mbstring php-xmlrpc php-mysql php-gd php-bcmath php-xml php-cli php-zip php-pear php-zip php-sqlite3 php-snmp php-db graphviz php-curl php-ldap dbconfig-common unzip git -y

After installing all the packages, edit the php.ini file and define the recommended settings:

nano /etc/php/7.4/apache2/php.ini

Change the following lines:

memory_limit = 256M
upload_max_filesize = 100M
max_execution_time = 360
max_input_vars = 2000
date.timezone = Asia/Kolkata

Once you are finished, you can proceed to the next step.

Configure MariaDB Database

By default, MariaDB root password is not set. So you will need to set it in your system. You can do that by running the following script:

mysql_secure_installation

Answer all the questions as shown below to set the root password:

Enter current password for root (enter for none):
OK, successfully used password, moving on...
Set root password? [Y/n] Y
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

Next, log into the MariaDB shell with the following command:

mysql -u root -p

Provide your root password when prompt then enable the mysql_native_password plugin with the following command:

MariaDB [(none)]> USE mysql; 
MariaDB [(none)]> UPDATE user SET plugin='mysql_native_password' WHERE User='root';

Next, create a database and user for Pandora with the following command:

MariaDB [(none)]> CREATE DATABASE pandora;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON pandora.* to [email protected]'localhost' IDENTIFIED BY 'pandora';

Next, flush the privileges and exit from the MariaDB shell with the following command:

MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> EXIT;

Next, you will need to edit the /etc/mysql/my.cnf file and define the sql_mode.

nano /etc/mysql/my.cnf

Add the following lines:

[mysqld]
sql_mode=NO_ENGINE_SUBSTITUTION

Save and close the file when you are finished then restart the MariaDB service to apply the changes:

systemctl restart mariadb

Download Pandoa FMS

Next, you will need to download the latest version of pandora FMS from the Git repository. You can download it with the following command:

cd /var/www/html/
git clone https://github.com/pandorafms/pandorafms.git

Next, give proper permission and ownership to the downloaded directory:

chown -R www-data:www-data /var/www/html/pandorafms
chown -R www-data:www-data /var/www/html/pandorafms/pandora_console/
chmod -R 775 /var/www/html/pandorafms/pandora_console/

Next, edit the Pandora configuration file:

nano /var/www/html/pandorafms/pandora_console/include/config.inc.php

Uncomment and change the following lines as per your database settings:

// Default values
 $config["dbname"]="pandora";
 $config["dbuser"]="pandora";
 $config["dbpass"]="pandora";
 $config["dbhost"]="localhost";
// This is used for reporting, please add "/" character at the end
// $config["homedir"]="/var/www/pandora_console/";
// $config["homeurl"]="/pandora_console/";
 $config["auth"]["scheme"] = "mysql";

Save and close the file when you are finished.

Configure Apache for Pandora FMS

Next, you will need to create a new Apache virtual host configuration file to serve Pandora FMS. You can create it with the following command:

nano /etc/apache2/sites-available/pandora.conf

Add the following lines:

<VirtualHost *:80>
ServerAdmin [email protected]
ServerName pandora.linuxbuz.com
DocumentRoot /var/www/html/pandorafms/pandora_console
<Directory /var/www/html/pandorafms/pandora_console>
AllowOverride All
</Directory>
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
</VirtualHost>

Save and close the file then enable the Pandora virtual host with the following command:

a2ensite pandora

Next, reload the Apache service to apply the configuration changes:

systemctl restart apache2

Access Pandora FMS

Now, open your web browser and type the URL http://pandora.linuxbuz.com/install.php to access the Pandora FMS. You should see the Pandora FMS web installation wizard as shown below:

Pandora FMS Installer

Click on the Next button. You should see the following page:

Accept GPL License

Click on the "Yes, I accept the Licence Terms". You should see the following page:

Check dependencies

Make sure all the PHP extensions are installed then click on the Next button. You should see the following page:

Database setup

Provide your root username, MariaDB root password, Database name, Path of the Pandora and click on the Next button. You should see the following page:

Creating the database

This will change the password for Pandora database user. So you will need to define your origional Pandora database password in config.php file.

Open your terminal and edit the config.php file:

nano /var/www/html/pandorafms/pandora_console/include/config.php

Change the "$config["dbpass"]" field with your origional password:

// Begin of automatic config file
$config["dbtype"] = "mysql"; //DB type (mysql, postgresql...in future others)
$config["mysqli"] = true;
$config["dbname"]="pandora";
$config["dbuser"]="pandora";
$config["dbpass"]="pandora";
$config["dbhost"]="localhost"; 

Save and close the file. Then, go back to the Pandora installation wizard and click on the Next button. You should see the following page:

Installation complete

Next, open your terminal again and remove the install.php file:

rm -rf /var/www/html/pandorafms/pandora_console/install.php

Next, go back to the Pandora FMS installation wizard and click on the "Click here to access to your Pandora FMS console". You should see the Pandora FMS login screen:

Pandora FMS login

Provide default admin username as admin and password as pandora then click on the Login button. You should see the Pandora dashboard in the following screen:

Pandora FMS dashboard

Secure Pandora FMS with Let's Encrypt

Next, it is recommended to secure your website with Let's Encrypt SSL. First, install the Certbot client using the following command:

apt-get install python3-certbot-apache -y

Once installed, run the following command to secure your website with Let's Encrypt SSL:

certbot --apache -d pandora.linuxbuz.com

You will be asked to provide your email and accept the term of service as shown below:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for pandora.linuxbuz.com
Enabled Apache rewrite module
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/apache2/sites-available/pandora-le-ssl.conf
Enabled Apache socache_shmcb module
Enabled Apache ssl module
Deploying Certificate to VirtualHost /etc/apache2/sites-available/pandora-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/pandora-le-ssl.conf

Next, select whether or not to redirect HTTP traffic to HTTPS as shown below:

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

Type 2 and hit Enter to install the Let's Encrypt SSL for your website:

Enabled Apache rewrite module
Redirecting vhost in /etc/apache2/sites-enabled/pandora.conf to ssl vhost in /etc/apache2/sites-available/pandora-le-ssl.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://pandora.linuxbuz.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=pandora.linuxbuz.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/pandora.linuxbuz.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/pandora.linuxbuz.com/privkey.pem
   Your cert will expire on 2020-10-23. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Now, you can access the Pandora FMS securely using the URL https://pandora.linuxbuz.com.

Conclusion

Congratulations! you have successfully installed Pandora FMS monitoring tool with Apache and Let's Encrypt SSL on Ubuntu 20.04 server. You can now add client systems and start monitoring from the Pandora FMS.

Share this page:

Suggested articles

0 Comment(s)

Add comment