Configuring the Inventory Processor
Configuration Settings
The Inventory Processor is an executable module file that performs asset database population tasks. The standard executable file name is moduleInventory-<version>.
Configuration File
The Inventory Processor requires a configuration file named config.yml in the module's directory. It contains the following parameters:
| Parameter | Description | Required |
|---|---|---|
opensearch | List of OpenSearch cluster servers. | Yes |
username | Username for connection. | Yes |
password | Password for connection. | Yes |
cert | CA certificate for authentication. | Yes |
join_events_with_null_value | Skip null keys during the aggregation stage. | No |
include_assets | List of asset configurations that require processing. If not specified, all configurations will be processed. | No |
Example config.yml file:
opensearch: ['https://localhost:9200']
username: 'admin'
password: 'pass'
cert: 'root-ca.pem'
join_events_with_null_value: false
include_assets:
- asset_name: 'Hosts'
search_fields: ['hostname']
- asset_name: 'Users'
search_fields: ['username']
If you need to hide the password from the Inventory configuration file, you can omit the username and password parameters in the configuration file and specify them using environment variables: SM_INV_USERNAME and SM_INV_PASSWORD.
Values from environment variables override the parameters defined in the configuration file. To pass environment variables to a cron job, you need to define the environment variables in the /home/opensearch/.profile file and run the cron job through bash. Access to the /home/opensearch/.profile file should be restricted as much as possible so that only the root user and the user on whose behalf the service will be run can read it.
Example crontab for the opensearch user:
* * * * * bash -l -c "cd /app/inventory; ./moduleInventory"
Example /home/opensearch/.profile:
export SM_INV_USERNAME=admin
export SM_INV_PASSWORD=VeryStrongPassword
Startup Parameters
The Inventory Processor executable supports the following startup parameters:
-v- displays the version-log- duplicates log output to the console (optional)-with-index- fast search for candidates with partial similarity (optional)-bulk-changes- sends asset changes via bulk request (optional)
./moduleInventory -v
./moduleInventory -log -with-index -bulk-changes
./moduleInventory -with-index -bulk-changes
./moduleInventory
Configuration Process
To configure the Inventory Processor, you must open a terminal as the root user to execute commands. In the terminal, perform the following steps:
- Create a working directory. For example, the directory
/app/inventory/.
mkdir /app/inventory
- Copy the Inventory Processor executable file
moduleInventoryto the working directory. - Change the group and owner for the working directory and the files within it to the group and user under which the Inventory Processor will run, for example,
opensearch.
chown -R opensearch:opensearch /app/inventory/moduleInventory
- Set execute permission for the
moduleInventoryfile.
chmod +x /app/inventory/moduleInventory
- Create a
config.ymlfile in the Inventory Processor's working directory and populate it according to the Configuration File section. (Note: The link provided is a placeholder and should be updated to the correct English documentation link.) - To periodically update the asset database, you need to configure a cron job.