This is a simple client/server application which connects to remote systems and collects some metrics! Currently CPU usage, memory usage and uptime are collected. For Windows systems we collect security event logs as well.

The server part is designed to work on a Linux system. Using Python 3.5 or newer! The easiest way is to install inside a python virtualenv:

$ pip install -r requirements/base.txt
$ cd src/
$ python ./server.py ../config.xml

Upon first start server.py will create the necessary database schema if required! This is handled automatically via the SQLAlchemy ORM backend!

When executed server.py will connect to each client system via SSH and upload the agent.py script. It will be executed and the response collected and stored in the database. In the case of client-side errors they will be reported on the server side and exception will be raised!

If any of the metrics is greater than the configured alerts server.py will send a plain text email to the recipient address.

<?xml version="1.0" encoding="UTF-8"?>
<config>
    <database connection='sqlite:////tmp/collector.db'/>
    <smtp host='smtp.gmail.com' port='587' username='you@gmail.com' password='v3ry-s3cr3t' starttls='yes' />

    <client
        ip='127.0.0.1'
        port='22'
        username='student'
        password='s3cr3t'
        mail="alerts+linux@example.com"
        platform='Linux'>
            <alert type="memory" limit="80%" />
            <alert type="cpu" limit="10%" />
    </client>

    <client
        ip='4.7.8.6'
        username='Administrator'
        password='again-very-secret'
        mail="alerts+windows@example.com"
        platform='Windows'>
            <alert type="memory" limit="30%" />
            <alert type="cpu" limit="10%" />
    </client>

</config>

The database connection string is of the form dialect+driver://username:password@host:port/database. You can easily execute a demo using sqlite. In case of MySQL or Postgres you have to install the necessary driver libraries (MySQL-python or mysqlclient or psycopg2) For more information see http://docs.sqlalchemy.org/en/latest/core/engines.html

SMTP configuration is self explanatory. The above example works for Gmail and password authentication.

Currently the following alert types are recognized: cpu, memory, uptime! They match the metrics collected from agent.py.

A Linux client needs to have OpenSSH running and configured for password authentication (this is usually the default) and the psutil Python package available in the PYTHONPATH!

A Windows client needs to have OpenSSH up and running. To install follow section Installing SFTP/SSH Server from https://winscp.net/eng/docs/guide_windows_openssh_server.

Then install Python 3.6.1 from https://www.python.org/downloads/windows/.

Then download the get-pip.py script from https://pip.pypa.io/en/stable/installing/ and execute python get-pip.py. After pip has been installed execute:

pip install psutil winevt

To execute the tests first pip install -r requirements/devel.txt and then ./run_tests.sh. This application is tested using pylint and via unit tests. The unit tests run on both Travis CI (Ubuntu) and AppVeyor (Windows).

Currently we don't execute integration tests becuase public CIs don't offer the ability to execute SSH on them, less so for Windows!