This is a re-post.
EMC Secure Remote Service (ESRS) is a secure, two way remote connection between EMC and your EMC products. It heartbeats routinely to EMC for checking connectivity as well as product status. It also has nice integration into MyService360 and CloudIQ to provide even more support data. It has a nice web based interface, but I like doing as much as possible via command line when I have the option. We have more than one ESRS GW server so saving any time reviewing each multiplies across the enterprise.
In this case, I'm not looking to do any changes or additions. I want to be able to basically 'check the checker'. Are all ESRS services running? What devices do I have configured? Do I have them all? Status of each? Sometimes we can have network changes or problems impact connectivity to EMC via the internet so I want to monitor and report on that automatically if possible.
After doing some looking on the ESRS GW, I found a command line utility folder as noted below. To my knowledge there is no documentation on this tool, at least I've not found any. Running the script and providing credentials, I was able to successfully run a --service-status command.
esrshost:/opt/esrs/utilities/commandlineutil # ls -ltr
total 2456
-rwxr-xr-x 1 root root 138 Nov 18 2016 ESRS-VE-CLI-Util.sh
-rwxr-xr-x 1 root root 2501636 Nov 18 2016 CommandLineUtil.jar
drwxr-xr-x 2 root root 4096 Sep 20 2017 logs
esrshost:/opt/esrs/utilities/commandlineutil # ./ESRS-VE-CLI-Util.sh --service-status
Please enter ESRS VE WebUI credentials to use this utility.
Enter User Name: esrsuser
Enter Password:
---------------------------------------------------------------------------------------
RESTFul Services
------------------
Service Status Description
---------------------------------------------------------------------------------------
esrsalarm Running Service to create alarms
esrsauditlogging Running Service to audit the ESRS VE activities
esrsauth Running Authorization service
esrsusermanagement Running Manage Users service
esrsconfigtool Running Service for ESRS VE configuration setup
esrsconnectivityreport Running Service to run the Connectivity checks
esrsdataitems Running Service to manage data items
esrsdevicemanagement Running Device management service for ESRS VE
esrsjcemc Running ConnectEMC Restful Service
esrskeepalive Running Keepalive service for managed devices
esrsmftauth Running MFT Service
esrsupdate Running Service to check for ESRS VE updates
esrsremotescripts Running Service to update remote scripts status
esrsrsc Running Service for Secure Credentials
esrsvesp Running ESRS Secure Service Provider
Core Services
--------------
Service Status Description
---------------------------------------------------------------------------------------
esrsclient Running ESRS VE core agent
esrshttpd Running ESRS Apache for inbound traffic
esrshttpdR Running ESRS Apache for outbound traffic
esrsconnectemc Running ConnectEMC service for Connect Home files
esrsclientproxy Running ESRSVE as a proxy service
esrswatchdog Running Watchdog service to monitor the ESRS VE core services
esrshttpdftp Running FTP service for Connect Home files
esrshttpdlistener Running HTTPS listener service for Connect Home files
postfix Running SMTP service for Connect Home files
shibd Running Shibboleth interface for ESRS SP
apache2 Running ESRS Apache for RSC traffic
--------------------END OF SERVICES STATAUS--------------------------------------------
Nice, but I want to run this remotely. Assuming root account for the ESRS GW, I tried the following:
user@remhost:/home/user> ssh root@esrshost /opt/esrs/utilities/commandlineutil/ESRS-VE-CLI-Util.sh --service-status
Password:
Error: Cannot find jar file
I looked at the sh script and see that the jar file is not fully pathed, causing the error above.
esrshost:/opt/esrs/utilities/commandlineutil # cat ESRS-VE-CLI-Util.sh
#!/bin/bash
JARFILE="CommandLineUtil.jar"
if [ -f $JARFILE ]; then
java -jar $JARFILE "$@"
else
echo "Error: Cannot find jar file"
fi
Based on the simple script design, I'm simply going to by-pass the script and call the java directly as noted in the script.
user@remhost:/home/user> ssh root@esrshost "java -jar /opt/esrs/utilities/commandlineutil/CommandLineUtil.jar --service-status"
Password:
Couldn't get Console instance
Well, making some progress. Now getting a complaint from the jar program. Based on the console instance error, we'll need to utilize the -t option of ssh.
-t Force pseudo-tty allocation. This can be used to execute arbitrary screen-based programs on a remote machine, which can be
very useful, e.g. when implementing menu services. Multiple -t options force tty allocation, even if ssh has no local tty.
Trying the remote call again...
user@remhost:/home/user> ssh -t root@esrshost "java -jar /opt/esrs/utilities/commandlineutil/CommandLineUtil.jar --service-status"
Password:
Please enter ESRS VE WebUI credentials to use this utility.
Enter User Name: esrsuser
Enter Password:
---------------------------------------------------------------------------------------
RESTFul Services
------------------
Service Status Description
---------------------------------------------------------------------------------------
esrsalarm Running Service to create alarms
esrsauditlogging Running Service to audit the ESRS VE activities
esrsauth Running Authorization service
esrsusermanagement Running Manage Users service
esrsconfigtool Running Service for ESRS VE configuration setup
esrsconnectivityreport Running Service to run the Connectivity checks
esrsdataitems Running Service to manage data items
esrsdevicemanagement Running Device management service for ESRS VE
esrsjcemc Running ConnectEMC Restful Service
esrskeepalive Running Keepalive service for managed devices
esrsmftauth Running MFT Service
esrsupdate Running Service to check for ESRS VE updates
esrsremotescripts Running Service to update remote scripts status
esrsrsc Running Service for Secure Credentials
esrsvesp Running ESRS Secure Service Provider
Core Services
--------------
Service Status Description
---------------------------------------------------------------------------------------
esrsclient Running ESRS VE core agent
esrshttpd Running ESRS Apache for inbound traffic
esrshttpdR Running ESRS Apache for outbound traffic
esrsconnectemc Running ConnectEMC service for Connect Home files
esrsclientproxy Running ESRSVE as a proxy service
esrswatchdog Running Watchdog service to monitor the ESRS VE core services
esrshttpdftp Running FTP service for Connect Home files
esrshttpdlistener Running HTTPS listener service for Connect Home files
postfix Running SMTP service for Connect Home files
shibd Running Shibboleth interface for ESRS SP
apache2 Running ESRS Apache for RSC traffic
--------------------END OF SERVICES STATAUS--------------------------------------------
Connection to esrshost closed.
Perfect. Now I have a functioning remote call to the ESRS CLI. Using some Expect I can automate these commands to retrieve the data. These are the commands I'll probably be using most.
--agent-status
--service-status
--device-list
The complete list of supported commands and description:
To Display Agent Status Information : --agent-status
To Display Active Remote Sessions : --remote-session
To Display ESRS Related Service : --service-status
To List the Managed Devices : --device-list
To View Policy Manager : --view-policymanager
To Add Policy Manager : --add-policymanager
To Remove Policy Manager : --remove-policymanager
To Enable Proxy Configuration : --add-proxy
To View Proxy Configuration : --view-proxy
To Remove Proxy Configuration : --remove-proxy
To Display Help Details : --help
Happy ESRS monitoring.
No comments:
Post a Comment