• The Redpeaks cockpit administration menu allows to manage global application settings such as:
  • Databases connections and tenant definitions
  • Global settings and logs
  • Applying new updates

This section in accessible only for super admin user.

• After installation, open the application in your browser
• You will be prompted to set superadmin user name and password (if not already set)
• Once you log in, you will be redirected to the superadmin menu.
• You must then configure the following:
  • In DB connectors:
    • Primary configuration database: Holds application and tenants information
    • At least one tenant configuration database
    • At least one tenant metrics database
  • In tenants:
    • At least one tenant with a tenant admin user

Once done, you will be able to log into your first tenant and start configuring the monitoring.

Don't use the same DB name for Primary database and tenant database

Find here below a description of the different sections :

• The configuration database contains sensitive data such as credentials, IP adresses, hostnames, etc…
• Therefore you must pay attention to secure the accesses to the database and the backups
• User credentials are encrypted
• The communication with external parties such as collectors is done via SSL.

• Trusted certificates are located in [PROMONITOR_HOME]/certificates/.keystore
• Application certificate for HTTPS is located into the same file
• You can install or rotate the application certificate by using the below command:
  • keytool -import -trustcacerts -keystore [PROMONITOR_HOME]/certificates/.keystore -storepass agentilKeyStore -noprompt -alias yourAliasName -file [PROMONITOR_HOME]/certificates/[certificate.cer]

Generating a self signed certificate:

Note: You must use OpenSSL 1.1.1 or above

# Backup existing keystore
cp /opt/Pro.Monitor-Cockpit/certificates/.keystore /opt/Pro.Monitor-Cockpit/certificates/.keystore.backup
# Convert existing keystore to pkcs12
keytool -importkeystore -srckeystore /opt/Pro.Monitor-Cockpit/certificates/.keystore -destkeystore /opt/Pro.Monitor-Cockpit/certificates/.keystore -deststoretype pkcs12 -srcstorepass agentilKeyStore
# Generate private key and certificate : Use the actual server FQDN as Common Name in the formular.
openssl genrsa  -out domain.key 2048
openssl req -key domain.key -new -x509 -days 1800 -out domain.crt -addext "subjectAltName = DNS:HOSTNAME"
# or with IP 
openssl req -key domain.key -new -x509 -days 1800 -out domain.crt -addext "subjectAltName = IP:YOUR_IP"
# Bundle the key and certificate together
openssl pkcs12 -export -in domain.crt -inkey domain.key -name pro_monitor -out ks.p12
# Replace existing certificate
keytool -importkeystore -destkeystore /opt/Pro.Monitor-Cockpit/certificates/.keystore  -storepass agentilKeyStore -noprompt -alias pro_monitor -srckeystore ks.p12
# Restart Redpeaks service

Importing a generated certificate from CSR

• Make sure the generated private key uses the same passphrase as redpeaks (ie: agentilKeyStore)
• Key passphrase can be renamed if necessary

keytool -keypasswd \
-alias keyalias\
-keystore .keystore \
-storepass STORE_PASS \
-keypass OLD_KEY_PASS \
-new NEW_KEY_PASS

• Once you changed private key password, import your new certificate keystore into the application keystore:

# import keystore
keytool -importkeystore -destkeystore /opt/Pro.Monitor-Cockpit/certificates/.keystore  -storepass agentilKeyStore -noprompt -srckeystore [YOUR_NEW_KEYSTORE].p12

The promonitor cockpit has been designed for a low maintenance, however, there are few aspects you need to pay attention

• Remove old update files: The update files that you upload in the application are not removed automatically and will consume disk space

In case of major problem with the application, you might need to restore the database.

• Stop promonitor-cockpit service
• Start mysql server
• Get the last backup files
• Then for each backup file, run:
  • mysql -u root -p database_name < database_name.sql

• Restart promonitor-cockpit service

Conditions:

• You can log in as superadmin, but you are not able to connect as a tenant user
• Server log is showing serialization errors or SQL errors
• Stopping and starting promonitor-cockpit service is not solving the problem

Probable cause:

• The tenant configuration is corrupted

Resolution:

• stop promonitor-service
• Use a mysql client and remove the last line of table tenant_configuration
• Depending on the timestamp of the line, you might remove several lines, up to a time you knew the configuration was working
• Once done, start promonitor-service

• Stop cockpit service: systemctl stop promonitor-cockpit
• Open the file setenv.sh located in the folder /Tomcat/bin/
• At the end of the line that starts with JAVA_OPTS add -DsuperAdminPassword and the value you want, e.g.: -DsuperAdminPassword=“NewPass”
• Save the document
• Restart service: systemctl start promonitor-cockpit
• Login as Superadmin with the password you set in the setenv.sh
• On the menu go to Super User and change the password and save
• Logout and stop the service: systemctl stop promonitor-cockpit
• Remove the -DsuperAdminPassword from the setenv.sh file
• Restart service: systemctl start promonitor-cockpit
• Login with the new password

• From cockpit install folder, download the Reset password library
• Stop cockpit service: systemctl stop promonitor-cockpit
• Make a copy of the db folder : cp -r db db.backup
• Then execute: java -jar cockpit-reset-password.jar superadmin [newPassword]
• This will update the db with the new superadmin password
• Restart service: systemctl start promonitor-cockpit
• If the operation worked, remove the db backup