System Configuration
The System Configuration panel allows an administrator to configure system and application settings. The System Configuration page is divided into four sections:
- System
- System Advanced Config
- Application
- Application Advanced Config
The impact on system components resulting from configuration changes are dependent on the settings that are being updated. Users may be affected by the changes applied.
Initializing Table Of Contents...
Setting Up System Configuration
The System Configuration panel is only available to users with Admin privileges.
- Click
to enable or disable individual fields. - Click
to show the advanced configuration. - Click
to save the draft so that you can come back later to edit it further.
A message will be displayed to indicate the draft is saved. When selecting SAVE, the system will validate the entries and display any errors. It will not apply the changes to the master configuration.
to enable or disable individual fields.
to show the advanced configuration.
to save the draft so that you can come back later to edit it further.
Click on
to discard the draft.
You will be presented with a confirmation message to verify your intention to discard the draft.Click
to apply the settings.When applying the settings, the AMM will first validate the changes. Any validation errors will abort the apply process. If no validation errors are found, a confirmation message will be displayed showing the affected system components and processes. You must acknowledge the conditions, after which the system will merge the changes into the master configuration file and apply them to the listed service components to ensure the changes are implemented. An affected service component can be either stopped, started, or restarted depending on changes applied.
Depending on the changed settings, the AMM web UI may be restarted; in this case the administrator will be redirected to login page. If HTTPEnabled and/or HTTPSEnabled settings are updated, the administrator will not be redirect to the login page, and will instead need to manually update the URL to visit AMM again using the correct “http://” or “https://” after the change is applied.
Click
to export the last snapshot of results by the last user action (SAVE or APPLY) for troubleshooting purposes.
The troubleshooting logs should be downloaded immediately, as the next system configuration will overwrite the logs.
The zip file will include:
- amm.cfg.editing: The draft configuration file with user edits made by the administrator.
- system.files.original/<files>: a copy of the system files as per the draft configuration file, before user changes have been saved, e.g. web.xml, catalina.sh, iptables.
- system.files.after/<files>: a copy of the system files as per the draft configuration file, after user changes have been saved, e.g. web.xml, catalina.sh, iptables.
- amm.cfg.original: a copy of the master AMM configuration file before changes are applied.
- amm.cfg.applied: a copy of the master AMM configuration file after changes are applied.
- amm_config.log:
- For SAVE changes, the file contains logs for validation and configuration as per the draft configuration file.
- For APPLY changes, the file contains logs for validation, configuration and impact on service(s) as per the master AMM configuration file.
to discard the draft.
to apply the settings.
to export the last snapshot of results by the last user action (SAVE or APPLY) for troubleshooting purposes.
System Configuration Parameters
System Parameters
| Description | Format | Example | Default Value | |
|---|---|---|---|---|
| Hostname | System hostname | FQDN | amm1.example.com | <blank> |
| IP Address |
System IPv4 address in CIDR notation or DHCP. Note: any change will not take effect until after reboot |
DHCP or valid IP address/<8 – 30> | 192.0.2.5 /24 | DHCP |
| Default Gateway |
System default gateway. Note: any change will not take effect until after reboot |
Must be in the same subnet as IP Address, and must be different than IP Address | 192.0.2.1 | <blank> |
| DNS Servers (DNSServer1, DNSServer2, DNSServer3) | DNS servers used for name resolution. 2 – 3 DNS servers must be specified. | Must be valid IP address and must be different than IP Address | 192.0.2.254, 208.67.222.222 | <blank> |
| Time Servers (NTPServer1, NTPServer2, NTPServer3, NTPServer4) | NTP Servers’ IPv4 address or FQDN | Must be valid IP address or FQDN | 192.0.2.99, time.example.com |
|
| Email Relay Server | If present, all emails will be sent to specified email relay server over SMTP. | Must be valid IP address or FQDN | smtp-relay.example.com | <blank> |
System Advanced Parameters
| Description | Options | Default Value | |
|---|---|---|---|
| Email Transport Encryption | Indicates whether server should use encryption when communicating with email servers. | “encrypt all”, “encrypt none”, or “encrypt except:” (along with a list of email servers to not use encryption with) | encrypt-all |
Application Parameters
| Description | Options | Default Value | |
|---|---|---|---|
| MGOS Support | Indicates whether server will receive and process events from MGOS gateways | yes/no | yes |
| ALEOS Support | Indicates whether server will receive and process events from ALEOS gateways | yes/no | yes |
| MGOS Management Tunnel | Enable management tunnel services for MGOS gateways | yes/no | yes |
| Restrict MGOS Events to Management Tunnel | If enabled MGOS devices will only be able to send events over the management tunnel | yes/no | yes |
| ALEOS Management Tunnel | Enable management tunnel services for ALEOS gateways. Note that server must have a certificate signed by a supported CA | yes/no | yes |
| Management Tunnel Address Space | Unused class B (i.e. /16) network reserved for management tunnel connections | System IPv4 address in CIDR notation | 10.4.0.0/16 |
| Management Tunnel pre-registration | If enabled, gateways must be manually added (in Admin - Gateways) in order to establish communications over management tunnel | yes/no | yes |
| Web UI Access Over HTTP | Enables web UI access over HTTP (i.e. plaintext) | yes/no | no |
| Web UI Access Over HTTPS | Enables web UI access over HTTPS (i.e. encrypted) | yes/no | yes |
| Restrict Gateway Software Upgrade to Secure Channel | If enabled, MGOS gateways will only be able to download software upgrades over the management tunnel, i.e. server software repo will only be available inside management tunnel. If enabled, ALEOS gateways will be able to download software upgrades over the management tunnel, or through HTTPS when management tunnel is not available | yes/no | yes |
| Allow Gateway Log Uploads Outside of Management Tunnel | If enabled, gateways will be able to directly upload logs to server, outside of management tunnel | yes/no | no |
| Alert Email Account | Emails are sent to specified account whenever system monitor takes an action or detects abnormal conditions | Valid email address | <blank> |
| Tech Support Server Identification | Server id/hostname used by Tech Support remote access (via SSH tunneling), usually just a short version of company name | <blank> OR name composed of letters, numbers and “{-}“ (cannot start with “{-}“) | <blank> |
Application Advanced Parameters
Application Advanced Parameters
| Description | Options | Default Value | |
|---|---|---|---|
| Known Server Address to ALEOS Gateway | FQDN or IPv4 address used by ALEOS gateways to reach server for software updates if different than system IP address or hostname (e.g. public IPv4 address or FQDN) | <blank> or unique FQDN or valid IP address | <blank> |
| Allow plaintext ALEOS management communications |
If enabled, ALEOS gateways will be able to exchange unencrypted management messages (i.e. MSCI) with AMM over TCP port 8082. It is recommended to keep it disabled. |
no/yes | no |
| Low Storage Alert Threshold | If available data storage goes below this threshold (in MB), an alert email is sent out | <blank> is automatically set to 10% of total data storage. Integer between 1024 and total data storage size | <blank> |
| Forgotten Password Assistance Message and Link | Customize the forgotten password message and link to your own support team | All text must be on one line, in HTML syntax |
If left blank, the message will be: If you are unable to recover your account via email, please contact Technical Support for help with restoring access. |
| GenX Support | Indicates whether there will be events from GenX gateways | yes/no | no |
| GenX Remote Receiver | Rsyslog server to receive forwarded GenX reports over UDP 514 port | <blank> or FQDN or valid IP address | <blank> |
| Stats and Events Retention | Indicates for how many days server will keep stats and events in its database | 30 – 120 | 60 |
| Maximum Tomcat Heap Size | Overrides maximum Tomcat heap size (GB) automatically set based on RAM size and enabled features. This setting should only be changed if advised by Technical Support | 4 – 50% of total memory | <blank> |
| Maximum DBLoader Heap Size | Overrides maximum DBLoader heap size (GB) automatically set based on RAM size and enabled features. This setting should only be changed if advised by Technical Support | 2 – 50% of total memory | <blank> |
| Maximum Report Heap Size | Overrides maximum Report heap size (GB) automatically set based on RAM size and enabled features. This setting should only be changed if advised by Technical Support | 4 – 50% of total memory | <blank> |
| MySQL Key Buffer Size | Overrides MySQL key buffer size (MB) automatically set based on RAM size and enabled features. This setting should only be changed if advised by Technical Support | 512 – 4096 | <blank> |
| Low Memory Alert Threshold | If available memory goes below this threshold (in MBs), low memory actions are triggered and an alert email is sent out. This setting should only be changed if advised by Technical Support | 1024 – 20% of total memory | 1024 |
After reconfiguring the Known Server Address to ALEOS Gateway, any previously scheduled legacy ALEOS software upgrades will fail, if the AMM has enabled the parameter to Restrict Gateway Software Upgrade to Secure Channel.
To resolve this, you can cancel and reschedule the ALEOS software upgrades. The new schedule will use the new Known Server Address and correct schema ensuring the upgrades will be successful thereafter.
When migrating a standalone server to HA system, the parameter Known Server Address to ALEOS Gateway should be re-configured to use a floating DNS name so that gateways can always access the active peer.