okerrmod usage

init

After install, run okerrmod --init once. This will prepare directory structire inside /etc/okerr (will not overwrite files which exists), will enable few modules, prepare /etc/okerr/okerrupdate config file template and make /etc/cron.d/okerrmod cron job.

Do not forget to edit /etc/okerr/okerrupdate config file and set your textid (required) and secret (optional).

list modules

okerrmod --list lists all known modules. If line starts with + - module enabled, if starts with - - disabled.

enable/disable modules

okerrmod --enable mod1 mod2 ... enables one or more modules. When module is enabled:

  • symlink created from /etc/okerr/mods-enabled to actual module location

  • default module config file _config copied to /etc/okerr/mods-env/ (not overwriting)

module specified either by name (la, df, client_ip) or as path to module directory

When disabling - symlink deleted. Config files are not deleted.

Running

Usually runs from cron job. If you need to run manually, usually simple okerrmod command without any arguments is enough to run all enabled modules.

Configuration order

Configuration is taken from command line arguments. Arguments default values are often read from environment variables. And file /etc/okerr/okerrupdate is processed to set environment. So, any method will work, but CLI arguments has highest priority, and env variables in okerrupdate config file has lowest priority.

Important options

  • -p PREFIX - prefix to indicator names ($PREFIX). If not specified anywhere, generated from hostname (prefix for server1.example.com is ‘server1:’)

  • -i <textid> - project textid (required) ($OKERR_TEXTID)

  • -S <secret> - policy secret (matching server-side value for secret in ‘Default’ or other policy) ($OKERR_SECRET).

Followint options are only needed if you run your own okerr server:

  • --url <URL> - okerr server URL ($OKERR_URL)

  • --direct - use URL directly, do not use ‘director’ feature. ($OKERR_DIRECT is 0 or 1. default 0). To use private server, you need to use --url <URL> and --direct.

Tips and tricks

Just run all enabled modules

okerrmod

Run just one module

okerrmod client_ip

Debugging

Run without really updating indicator

# okerrmod --dry -v client_ip
load env for client_ip from /etc/okerr/mods-env/client_ip
... Run check /usr/local/lib/python3.7/dist-packages/okerrupdate/mods-available/client_ip/check
POLICY= NAME=bravo:ip NAME=bravo:ip TAGS=ip METHOD=string|options=reinit dynamic DETAILS=37.59.102.26 STATUS=37.59.102.26

or by full path:

# okerrmod --dry -v /etc/okerr/mods-enabled/client_ip
...
# okerrmod --dry -v /usr/local/lib/python3.7/dist-packages/okerrupdate/mods-available/client_ip
...

All the details (–dump never send update to server):

root@bravo:~# okerrmod --dump client_ip
NAME: bravo:ip
TAGS: ip
METHOD: string|options=reinit dynamic
DETAILS: 37.59.102.26
STATUS: 37.59.102.26