[OBS-4395] How to validate the security/integrity of RPM packages required for Observium install - Observium

Details

Type: Help
Resolution: Unresolved
Priority: Minor
Fix Version/s: None
Affects Version/s: Enterprise Edition
Component/s: OS, Security
Labels:
- suggestion
Environment:
RHEL 8

Description

Is there a way to verify the security/integrity of the RPM's proposed in the Observium install guide for RHEL.? Perhaps an HASH kind of something.?

This is needed for security audit in our organization where we are using the Enterprise Edition of Observium.

yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm

yum install http://yum.opennms.org/repofiles/opennms-repo-stable-rhel8.noarch.rpm

yum install http://rpms.remirepo.net/enterprise/remi-release-8.rpm

Attachments

Activity

[OBS-4395] How to validate the security/integrity of RPM packages required for Observium install

Observium Bot added a comment - 2023/02/03 03:22 PM

General questions and device support can be discussed in our Discord channel, click here to join.

Please make and attach additional information about the device:

full snmp dump from device:

snmpwalk -v2c -c <community> -t 3 -Cc --hexOutputLength=0 -ObentxU <hostname> .1 > myagent.snmpwalk

snmpwalk -v2c -c <community> -t 3 -Cc --hexOutputLength=0 -ObentxU <hostname> .1.3.6.1.4.1 >> myagent.snmpwalk

If device not support SNMP version 2c, replace -v2c with -v1.

If you have problems with discovery or poller processes, please do and attach these debugs:
./discovery.php -d -h <device>
./poller.php -d -h <device>

additionally attach device and/or vendor specific MIB files

This comment is added automatically.

Observium Bot added a comment - 2023/02/03 03:22 PM General questions and device support can be discussed in our Discord channel, click here to join . Please make and attach additional information about the device: full snmp dump from device: snmpwalk -v2c -c <community> -t 3 -Cc --hexOutputLength=0 -ObentxU <hostname> .1 > myagent.snmpwalk snmpwalk -v2c -c <community> -t 3 -Cc --hexOutputLength=0 -ObentxU <hostname> .1.3.6.1.4.1 >> myagent.snmpwalk If device not support SNMP version 2c, replace -v2c with -v1. If you have problems with discovery or poller processes, please do and attach these debugs: ./discovery.php -d -h <device> ./poller.php -d -h <device> additionally attach device and/or vendor specific MIB files This comment is added automatically.

People

Assignee:: Mike Stupalov

Reporter:: Jegankumar

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2023/02/03 03:22 PM

Updated:: 2023/02/03 03:22 PM