Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The Data Server connects to TIBCO ActiveMatrix either using TIBCO Hawk and or via TIBCO Enterprise Monitor messages. See the TIBCO Hawk section for information about securing TIBCO Hawk connections. The EMS Server can be configured to require a user name and password which the user enters in the RTView Configuration Application ActiveMatrix Connection dialog when defining the connection to that EMS Server. Additionally, the EMS Server can be configured to use SSL. In this case, the user must implement a subclass of the GmsRtViewJmsDsSSLHandler to return a Map of the required SSL parameters per connection. This is described in the RTView Core documentation under RTView Data Sources→JMS Data Source → Application Options - JMS → JMS Connections Tab → JMS SSL Parameters.

TIBCO BusinessEvents

The Data Server connects to BusinessEvents using JMS. BusinessEvents does not support secure JMX connections.

TIBCO BusinessWorks 5

The Data Server connects to BusinessWorks 5 using TIBCO Hawk. See the TIBCO Hawk section for information about securing those connections. Additional server metrics can optionally be collected via JMX using the RTView Manager. See the BusinessWorks 5 documentation for enabling JMX and securing it in your BusinessWorks engine. See the RTView Manager section in this document for information on making secure connections to JMX. For BWSE engines, RTView collects AMX Node data via JMS messages which are hosted on an EMS Server. The EMS Server can be configured to require a user name and password which the user enters in the RTView Configuration Application when defining the Connection to that Server. Additionally, the EMS Server can be configured to use SSL. In this case, the user must implement a subclass of the GmsRtViewJmsDsSSLHandler to return a Map of the required SSL parameters per connection. This is described in the RTView Core documentation under RTView Data Sources→JMS Data Source→Application Options - JMS→ JMS Connections Tab →JMS SSL Parameters.

TIBCO BusinessWorks 6

The Data Server connects to BusinessWorks 6 either using TIBCO Hawk or via the OSGI plugin. See the TIBCO Hawk section for information about securing TIBCO Hawk connections. When using the OSGI plugin, data is sent via socket to the Data Server on port XX72. By default, this socket is not secure, but the data will be sent via secure socket if the Data Server is configured for SSL sockets.

TIBCO EMS Server

The Data Server connects to EMS Servers using TIBCO's TibjmsAdmin api. The EMS Server can be configured to require a user name and password which the user enters in the RTView Configuration Application EMS Server Connection dialog when defining the connection to that EMS Server. Additionally, the EMS Server can be configured to use SSL. In this case, the user must implement a subclass of the GmsRtViewTibJmsSSLHandler to return a Map of the required SSL parameters per connection. This is described in the RTView Core documentation under RTView Data Sources→TIBCO EMS Administration Data Source → Application Options - TIBCO EMS → TIBCO EMS Servers Tab → TIBCO EMS Administration SSL Parameters.

TIBCO Hawk

TIBCO Hawk is used to gather metrics for both BusinessWorks 5 (required) and BusinessWorks 6. The Data Server connects to TIBCO Hawk via TIBCO's TIBHawkConsole api. The TIBCO Hawk installation may either be configured to run on a Rendezvous transport (rvd) or an EMS Transport. In the case of Rendezvous transports, no secure connection options are supported. In the case of EMS transports, the TIBCO Hawk agent can be configured to require a user name and password which the user enters in the RTView Configuration Application TIBCO Hawk Connection dialog when adding a connection to that agent. The EMS transport can also be configured for SSL. In this case, the user must implement a subclass of the GmsRtViewHawkCustomSSLHandlerto return a Map of the required SSL parameters per connection. This is described in the RTView Core documentation under RTView Data Sources→TIBCO Hawk Data Source → Application Options - TIBCO Hawk→ TIBCO Hawk SSL Parameters.

RTView Manager

The RTView Manager connects to processes via JMX. A process that opens a JMX port can be configured to require a user name and password which the user enters in the RTView Configuration Application RTView Manager Connection dialog when defining the connection to that process. A process that opens a JMX port can also be configured to require SSL. To connect to SSL secured JMX, fill in the SSL Credentials section of SECURITY tab in the RTView Configuration Application with the appropriate values for your SSL configuration.

RTView Processes

The Data Server, Data Collector, Historian and Display Server all open JMX ports for monitoring. By default, these jmx ports are unsecured, but they can be secured either by user name and password or by SSL. See the RTView Manager section in this document for instructions on connecting to secure JMX. To configure the JMX ports of the RTView processes to use SSL and/or username and password, go to the SECURITY tab in the RTView Configuration Application. Note that the start/stop/status_rtv scripts use JMX to communicate with the RTView processes. If you secure the JMX ports on the RTView processes, you will need to save arguments for use by the scripts in the Configuration Application SECURITY tab or pass additional arguments into the start/stop/status_rtv scripts.

To secure with user name and password, you will need a java password file. To secure with SSL, you will need a certificate, truststore and keystore. These are described in the orace documentation: https://docs.oracle.com/javase/8/docs/technotes/guides/management/agent.html

Apache Kafka

The Data Server connects to Kafka via JMX. Kafka can be configured to require a user name and password which the user enters in the RTView Configuration Application Kafka Connection dialog when defining the connection to that process. Kafka can also be configured to require SSL. To connect to SSL secured Kafka, fill in the SSL Credentials section of SECURITY tab in the RTView Configuration Application with the appropriate values for your SSL configuration.

Node.js

This solution package does not currently support secure connections.

TIBCO ActiveSpaces

The Data Server connects to the ActiveSpaces Data Grid using TIBCO FTL. See the TIBCO FTL section for instructions on securing those connections.
Data Cache - Data Server receives data via http POST which can be secured by using HTTPS. To configure the Data Server HTTP port to use HTTPS, go to General→CUSTOM PROPERTIES tab of the RTView Configuration Application and enter the following:
name: sl.rtview.rtvhttp.use_https
value: true
filter: collector
Applications posting data to Data Cache can be configured to use https (instead of http) as the scheme in their POST request URI/URL


Oracle Coherence

The Data Server connects to Oracle Coherence by either joining the cluster as a node (direct connection) or via querying MBeans using JMX. See the Oracle documentation for information on securing your cluster. When configuring RTView to connect as a node to a secure cluster all necessary information is in the cluster config xml file so no additional configuration is needed in the Data Server.

Alternately, you can configure the Coherence nodes to use secure JMX. Secure JMX support user authentication (user name and password) and SSL. See the Oracle documentation for information on how to configure secure JMX for your nodes. To connect via JMX to a node that has been secured via user autherntication, include the user name and password in the jmxconn connection string. To connect via JMX to a node that has been secured via SSL, add the following properties to your rtview properties file replacing the values with the appropriate values for your truststore and keystore:

sl.rtview.jvm=-Djavax.net.ssl.keyStore=client_keystore.jks

sl.rtview.jvm=-Djavax.net.ssl.keyStorePassword=mypassword

sl.rtview.jvm=-Djavax.net.ssl.trustStore=client_truststore.jks

sl.rtview.jvm=-Djavax.net.ssl.trustStorePassword=mypassword

Oracle Enterprise Manager

This solution package does not currently support secure connections.

IBM Websphere MQ

The Data Server connects to IBM MQ via the IBM MQ java client libraries. IBM MQ can be secured via SSL. See the IBM MQ documentation for securing your database. To connect to an IBM MQ instanced that has been secured via SSL, turn on the "Do you want to connect using SSL?" toggle in the RTView Configuration Application IBM MQ Add Connection dialog and fill in the certificate and cipher suite fields as appropriate for your configuration.

Docker

The Data Server acquires Docker data from cadvisor based agents which send data via http POST requests to the Data Server. By default the cadvisor agents post to http which is unsecured. To post to https instead, modify the RTVHTTPURL variable in the rtvapm/dockermon/agents/cadvisor-rtview/cadvisor-rtview.sh script to use https instead of http in the url. To enable the Data Server to receive data via https, add the following to the CUSTOM PROPERTIES tab of the RTView Configuration Application:

Name:sl.rtview.rtvhttp.use_https

Value: true

Filter: collector

UserExperience

UXMON performs simulated transactions by means of the uxrobot process which sends metric data via socket to the Data Server on port XX72. By default, this socket is not secure, but the data will be sent via secure socket if the Data Server is configured for SSL sockets.

MongoDB

The Data Server connects to MongoDB via the MongoDB java client library. A MongoDB instance can be secured via user credentials, TLS, SSL or DNS Seedlist. See the MongoDB documentation for information on how to secure your MongoDB instance. Each security option has one or more corresponding parameters in the connection URI string. To connect to a secure MongoDB instance from RTView, use the appropriate connection string URI parameters in the RTView Configuration Application MongoDB Connection URL field dialog when defining the connection to that instance. Some example URI's for SSL and TLS secured instances:

use the ssl=true connection option in the connection string URI
mongodb://db0.example.com,db1.example.com,db2.example.com/?replicaSet=myRepl&ssl=true
or
use the tls=true connection option in the connection string URI
mongodb://db0.example.com,db1.example.com,db2.example.com/?replicaSet=myRepl&tls=true

TIBCO ActiveSpaces 2

The Data Server connects to TIBCO ActiveSpaces via the TIBCO ActiveSpaces java client libraray. See the TIBCO documentation for securing metaspaces and generating a security token file. To connect to a secure metaspace, turn on the Use Security Token option in the RTView Configuration Application TIBCO ActiveSpaces 2 Connection dialog, then fill in the Security Token File field along with any of the other fields in that section that apply to your metaspace security configuration.